Sujet Précédent Sujet Suivant

Spyware et trojans

Résolu
ganesh -  
Darkkiller Messages postés 2336 Statut Contributeur -
Bonjour,

bon eh bien voila j ai pas mal de petits spyware et trojans qui se balade sur mon pc mais je n arrive pas a les supprimer totalement!! voici mon rapport avg anti-spyware ainsi que mon rapport hijackthis en esperant que vous pourrez m aider merci d avance

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 12:59:34 22/04/2008

+ Résultat de l'analyse:

C:\WINDOWS\system32\cmdow.exe -> Downloader.Delf.ain : Aucune action entreprise.
C:\Documents and Settings\antoine\Cookies\antoine@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\antoine\Cookies\antoine@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Documents and Settings\antoine\Cookies\antoine@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\antoine\Cookies\antoine@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\antoine\Cookies\antoine@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.

Fin du rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:30:00, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\qvstyjwf\kpolsdkt.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\WINDOWS\system32\rarszwpi.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\WINDOWS\system32\nnnnLfcC.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {94E8626F-71DB-4D80-B360-34FE10CAE22F} - C:\WINDOWS\system32\rqRKEwtU.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [tgingyra] C:\WINDOWS\system32\rarszwpi.exe
O4 - HKCU\..\Run: [rdaqwovb] C:\WINDOWS\system32\roforsxu.exe
O4 - HKLM\..\Policies\Explorer\Run: [afzsBCBFkJ] C:\Documents and Settings\All Users\Application Data\qvstyjwf\kpolsdkt.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: nnnnLfcC - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
A voir également:

61 réponses

Réponse 1 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Je viens de voir que tu as une toolbar néfaste.

Désinstalles, la toolbar crawler via Ajout/Suppression des programmes.

Ensuite :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
1
Réponse 2 / 61
cedric241 Messages postés 3380 Statut Membre 119
 
en effet multiple infections :

désinstal le toolbar CRAWLER

ensuite fais ça :

Télécharge cet outil de SiRi:

http://siri.urz.free.fr/RHosts.php

Double cliquer dessus pour l'exécuter

et cliquer sur " Restore original Hosts "

puis fais ça :

Démarrer > executer > ' services.msc ' ,

- Clic droit sur le service cité - Boonty games
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »

Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html

2) Supprime le dossier :

Va dans "C:\program files\fichiers communs\" trouve & supprime le dossier " boonty shared "

puis refais un scan hijackthis et poste le nouveau rapport stp
0
chitbob
 
Salut,
j'ai le meme probleme avec on PC cad: spyware et trojan ,j'ai fais un scan avec a-ware 2007(v0071.0000) cela a permis d'eliminer quelque fihiers infectés mais le virus et tjr la avec des fenetres qui s'ouvre en m'envoyant sur des ites de rencontres et de casino,et d'autres qui m'envoye sur des sits payant de antispyware :pc cleener et ac cleener
merci de m'aider
cordialement
0
Réponse 3 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Salut,

Dans le scan AVG, rien de méchant, il y a juste une infection, le reste c'est de simples pubs ;).

Sinon dans le rapport Hijackthis, il y a du monde là-dedans ^^ :

Donc :

Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
pour télécharger navilog1.exe.

Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité du rapport dans ta réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

ENSUITE TU ME REPOSTERAS UN LOG HIJACKTHIS + Le log Navifix.
0
Réponse 4 / 61
ganesh
 
re

alor j ai fais les manipulations de vos reponses respective et voila mes nouveau rapport et encore merci de votre aide

Search Navipromo version 3.5.4 commencé le 22/04/2008 à 13:48:24,98

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "antoine"

Mise à jour le 15.04.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\DOCUME~1\ALLUSE~1\APPLIC~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\antoine\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\antoine\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\antoine\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\antoine\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\antoine\locals~1\applic~1" :

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

C:\WINDOWS\system32\butsaxbo.ini2 trouvé ! infection Vundo possible non traitée par cet outil !
C:\WINDOWS\system32\UtwEKRqr.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

*** Analyse terminée le 22/04/2008 à 13:54:57,68 ***

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:10, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\WINDOWS\system32\nnnnLfcC.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {94E8626F-71DB-4D80-B360-34FE10CAE22F} - C:\WINDOWS\system32\rqRKEwtU.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [rdaqwovb] C:\WINDOWS\system32\roforsxu.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: nnnnLfcC - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Il doit y avoir une nouvelle variante ;)

Donc :

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 4 et valide.

Le fix va te demander de saisir le nom de fichier.
Saisis ce qui est en gras ci-dessous et rien d'autre puis valide:

rdaqwovb

Le fix va te demander de le resaisir, fais-le et valide

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Celà te fera apparaitre ton bureau
0
Réponse 6 / 61
ganesh
 
voila c fait que dois je faire maintenant? si ce n est pa finit
0
Réponse 7 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Poste moi le rapport qui est situé là :

C:/Navifix.log
0
Réponse 8 / 61
ganesh
 
Clean Navipromo version 3.5.4 commencé le 22/04/2008 à 14:03:40,43

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "antoine"

Mise à jour le 15.04.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Mode suppression par méthode manuelle

Nom du fichier saisi : rdaqwovb

*** Recherche, création sauvegardes et suppression ***

* Suppression dans "C:\WINDOWS\system32" *

* Suppression dans "C:\Documents and Settings\antoine\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

*** Suppression dossiers dans "C:\DOCUME~1\ALLUSE~1\APPLIC~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\antoine\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\antoine\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\antoine\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1" ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\antoine\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

* Dans "C:\Documents and Settings\antoine\locals~1\applic~1" *

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 22/04/2008 à 14:11:51,64 ***

je suis un peu tete en l air j aurai du y penser =p
0
Réponse 9 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Maintenant, postes moi un log Hijackthis ;)

:D
0
Réponse 10 / 61
ganesh
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:14, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\WINDOWS\system32\nnnnLfcC.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {94E8626F-71DB-4D80-B360-34FE10CAE22F} - C:\WINDOWS\system32\rqRKEwtU.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [rdaqwovb] C:\WINDOWS\system32\roforsxu.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: nnnnLfcC - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 11 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Elle a du mal à partir celle là ! :@

Télécharge gmer à partir de l'une de ces adresses :
http://www.gmer.net

Déconnecte toi d'internet si possible et ferme tous les programmes.
Décompresse le fichier zip et double-clic sur gmer.exe
[b]IMPORTANT:[/b] Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clic sur l'onglet "rootkit"
A droite, coche "Files" et "Services"
Clic sur Scan
Lorsque le scan est terminé, clic sur "copy"

Ouvre le bloc-note et clic sur le Menu Edition / Coller
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

0
Réponse 12 / 61
ganesh
 
j ai fait le scan mai quand je fait copy et ke j ouvre le bloc note edition coller rien ne se passe =(
0
Réponse 13 / 61
ganesh
 
ok c est bon tien voila le rapport

GMER 1.0.14.14205 - http://www.gmer.net
Rootkit scan 2008-04-22 15:23:02
Windows 5.1.2600 Service Pack 2

---- Services - GMER 1.0.14 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service (avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP/ALWIL Software) [SYSTEM] Aavmker4
Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Pilote ACPI pour NT/Microsoft Corporation) [BOOT] ACPI
Service (Pilote de contrôleur intégré ACPI/Microsoft Corporation) [DISABLED] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service [DISABLED] amsint
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_1.1.4322
Service ASP.NET_2.0.50727
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state
Service C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (avast! File System Access Blocking Driver/ALWIL Software) [AUTO] aswFsBlk
Service (avast! File System Filter Driver for Windows XP/ALWIL Software) [AUTO] aswMon2
Service (avast! TDI RDR Driver/ALWIL Software) [MANUAL] aswRdr
Service (avast! self protection module/ALWIL Software) [SYSTEM] aswSP
Service (avast! TDI Filter Driver/ALWIL Software) [SYSTEM] aswTdi
Service C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (avast! Antivirus updating service/ALWIL Software) [AUTO] aswUpdSv
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller
Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart
Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag
Service Atierecord
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service C:\Program Files\Alwil Software\Avast4\ashServ.exe (avast! antivirus service/ALWIL Software) [AUTO] avast! Antivirus
Service C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (avast! e-Mail Scanner Service/ALWIL Software) [MANUAL] avast! Mail Scanner
Service C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (avast! Web Scanner/ALWIL Software) [MANUAL] avast! Web Scanner
Service C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys [SYSTEM] AVG Anti-Spyware Driver
Service C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (AVG Anti-Spyware guard/GRISOFT s.r.o.) [AUTO] AVG Anti-Spyware Guard
Service C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys (AVG7 Clean Driver/GRISOFT, s.r.o.) [SYSTEM] AvgAsCln
Service BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] BITS
Service C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [DISABLED] Boonty Games
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service C:\DOCUME~1\antoine\LOCALS~1\Temp\catchme.sys [MANUAL] catchme
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Processus du service Gestionnaire de disque logique/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Pilote de démarrage du gestionnaire de disque NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Pilote E/S du Gestionnaire de disques NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service [DISABLED] dpti2o
Service C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (ma-config.com/Ma-Config.com) [MANUAL] driverhardwarev2
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service (Floppy Disk Controller Driver/Microsoft Corporation) [SYSTEM] Fdc
Service (Pilote de cryptographie FIPS/Microsoft Corporation) [SYSTEM] Fips
Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Pilote de disque à FT/Microsoft Corporation) [BOOT] Ftdisk
Service fwdrv
Service C:\WINDOWS\system32\giveio.sys [BOOT] giveio
Service C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER Driver http://www.gmer.net/GMER) [MANUAL] gmer
Service D:\INSTALL\GMSIPCI.SYS [MANUAL] GMSIPCI
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [AUTO] gusvc
Service C:\WINDOWS\system32\drivers\AtiHdAud.sys (Ati High Definition Audio Function Driver/ATI Research Inc.) [MANUAL] HdAudAddService
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Pilote de port i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service ICSharing
Service C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (API Image Mastering/Microsoft Corporation) [DISABLED] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Pilote de périphérique processeur/Microsoft Corporation) [SYSTEM] intelppm
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module/Apple Computer, Inc) [MANUAL] iPodService
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Pilote de bus PNP ISA/Microsoft Corporation) [BOOT] isapnp
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Pilote de la classe Clavier/Microsoft Corporation) [SYSTEM] Kbdclass
Service khips
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanserver
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\system32\drivers\lvusbsta.sys (USB Statistic Driver/Labtec Inc.) [MANUAL] LVUSBSta
Service C:\DOCUME~1\antoine\LOCALS~1\Temp\mc22.tmp [DISABLED] mchInjDrv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Partage de Bureau à distance NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Pilote de périphérique modem/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Pilote de la classe Souris/Microsoft Corporation) [SYSTEM] Mouclass
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\WINDOWS\system32\DRIVERS\mtv1bus.sys (Pimp My Mobile Composite Device Driver/MCCI) [MANUAL] mtv1bus
Service C:\WINDOWS\system32\DRIVERS\mtv1mdfl.sys (Pimp My Mobile Modem Filter Driver/MCCI) [MANUAL] mtv1mdfl
Service C:\WINDOWS\system32\DRIVERS\mtv1mdm.sys (Pimp My Mobile modem WDM Driver/MCCI) [MANUAL] mtv1mdm
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero BackItUp/Nero AG) [AUTO] Nero BackItUp Scheduler 3
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE Réseau - Communication DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE Réseau - Communication DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (Nero Home/Nero AG) [MANUAL] NMIndexingService
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service [DISABLED] NVSvc
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Pilote de port parallèle/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (Pilote parallèle VDM/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Énumérateur Plug-and-Play PCI pour NT/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Pilote de bus générique PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service (Pilote de bus PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service C:\WINDOWS\system32\DRIVERS\lv302af.sys (Audio filter for Express Plus/Labtec Inc.) [MANUAL] pepifilter
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\DRIVERS\LV302AV.SYS (Logitech QuickCam Driver/Labtec Inc.) [MANUAL] PID_08A0
Service C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service Processor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Pilote de filtre audio Livre rouge/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) [MANUAL] RTL8023xp
Service [AUTO] S24EventMonitor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Serveur de gestion de ressources des cartes à puce/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Pilote de périphérique série/Microsoft Corporation) [SYSTEM] Serial
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\speedfan.sys (SpeedFan Device Driver/Windows (R) 2000 DDK provider) [BOOT] speedfan
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd
Service C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [SYSTEM] sp_rsdrv2
Service C:\Program Files\Spyware Terminator\sp_rsser.exe (Spyware Terminator Realtime Shield Service/Crawler.com) [AUTO] sp_rssrv
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Pilote de filtre de système de fichiers pour la restauration du système/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Service des alertes et des journaux de performance/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Drive Defrag Service/TuneUp Software GmbH) [MANUAL] TuneUp.Defrag
Service C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS (TVicHW32 Driver for Windows NT/2000/XP/EnTech Taiwan) [MANUAL] TVICHW32
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\wdfmgr.exe (Windows User Mode Driver Manager/Microsoft Corporation) [MANUAL] UMWdf
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service usb
Service C:\WINDOWS\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) [MANUAL] usbaudio
Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\Program Files\Windows Live\Messenger\usnsvc.exe (Messenger Sharing USN Journal Reader Service/Microsoft Corporation) [MANUAL] usnjsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] UxTuneUp
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service (Pilote de cliché instantané du volume/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Service de cliché instantané de volumes Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service VXD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Windows Live Setup Service/Microsoft Corporation) [MANUAL] WLSetupSvc
Service C:\Program Files\Windows Media Connect 2\wmccds.exe (Windows Media Connect/Microsoft Corporation) [MANUAL] WMConnectCDS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Micr
0
Réponse 14 / 61
ganesh
 
ok c est bon tien voila le rapport

GMER 1.0.14.14205 - http://www.gmer.net
Rootkit scan 2008-04-22 15:23:02
Windows 5.1.2600 Service Pack 2

---- Services - GMER 1.0.14 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service (avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP/ALWIL Software) [SYSTEM] Aavmker4
Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Pilote ACPI pour NT/Microsoft Corporation) [BOOT] ACPI
Service (Pilote de contrôleur intégré ACPI/Microsoft Corporation) [DISABLED] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service [DISABLED] amsint
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_1.1.4322
Service ASP.NET_2.0.50727
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state
Service C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (avast! File System Access Blocking Driver/ALWIL Software) [AUTO] aswFsBlk
Service (avast! File System Filter Driver for Windows XP/ALWIL Software) [AUTO] aswMon2
Service (avast! TDI RDR Driver/ALWIL Software) [MANUAL] aswRdr
Service (avast! self protection module/ALWIL Software) [SYSTEM] aswSP
Service (avast! TDI Filter Driver/ALWIL Software) [SYSTEM] aswTdi
Service C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (avast! Antivirus updating service/ALWIL Software) [AUTO] aswUpdSv
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller
Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart
Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag
Service Atierecord
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service C:\Program Files\Alwil Software\Avast4\ashServ.exe (avast! antivirus service/ALWIL Software) [AUTO] avast! Antivirus
Service C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (avast! e-Mail Scanner Service/ALWIL Software) [MANUAL] avast! Mail Scanner
Service C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (avast! Web Scanner/ALWIL Software) [MANUAL] avast! Web Scanner
Service C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys [SYSTEM] AVG Anti-Spyware Driver
Service C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (AVG Anti-Spyware guard/GRISOFT s.r.o.) [AUTO] AVG Anti-Spyware Guard
Service C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys (AVG7 Clean Driver/GRISOFT, s.r.o.) [SYSTEM] AvgAsCln
Service BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] BITS
Service C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [DISABLED] Boonty Games
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service C:\DOCUME~1\antoine\LOCALS~1\Temp\catchme.sys [MANUAL] catchme
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Processus du service Gestionnaire de disque logique/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (Pilote de démarrage du gestionnaire de disque NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (Pilote E/S du Gestionnaire de disques NT/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service [DISABLED] dpti2o
Service C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (ma-config.com/Ma-Config.com) [MANUAL] driverhardwarev2
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service (Floppy Disk Controller Driver/Microsoft Corporation) [SYSTEM] Fdc
Service (Pilote de cryptographie FIPS/Microsoft Corporation) [SYSTEM] Fips
Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk
Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Pilote de disque à FT/Microsoft Corporation) [BOOT] Ftdisk
Service fwdrv
Service C:\WINDOWS\system32\giveio.sys [BOOT] giveio
Service C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER Driver http://www.gmer.net/GMER) [MANUAL] gmer
Service D:\INSTALL\GMSIPCI.SYS [MANUAL] GMSIPCI
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [AUTO] gusvc
Service C:\WINDOWS\system32\drivers\AtiHdAud.sys (Ati High Definition Audio Function Driver/ATI Research Inc.) [MANUAL] HdAudAddService
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Pilote de port i8042/Microsoft Corporation) [SYSTEM] i8042prt
Service ICSharing
Service C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (API Image Mastering/Microsoft Corporation) [DISABLED] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Pilote de périphérique processeur/Microsoft Corporation) [SYSTEM] intelppm
Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module/Apple Computer, Inc) [MANUAL] iPodService
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Pilote de bus PNP ISA/Microsoft Corporation) [BOOT] isapnp
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Pilote de la classe Clavier/Microsoft Corporation) [SYSTEM] Kbdclass
Service khips
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanserver
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\system32\drivers\lvusbsta.sys (USB Statistic Driver/Labtec Inc.) [MANUAL] LVUSBSta
Service C:\DOCUME~1\antoine\LOCALS~1\Temp\mc22.tmp [DISABLED] mchInjDrv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (Partage de Bureau à distance NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Pilote de périphérique modem/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Pilote de la classe Souris/Microsoft Corporation) [SYSTEM] Mouclass
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\WINDOWS\system32\DRIVERS\mtv1bus.sys (Pimp My Mobile Composite Device Driver/MCCI) [MANUAL] mtv1bus
Service C:\WINDOWS\system32\DRIVERS\mtv1mdfl.sys (Pimp My Mobile Modem Filter Driver/MCCI) [MANUAL] mtv1mdfl
Service C:\WINDOWS\system32\DRIVERS\mtv1mdm.sys (Pimp My Mobile modem WDM Driver/MCCI) [MANUAL] mtv1mdm
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero BackItUp/Nero AG) [AUTO] Nero BackItUp Scheduler 3
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (DDE Réseau - Communication DDE/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (DDE Réseau - Communication DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (Nero Home/Nero AG) [MANUAL] NMIndexingService
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service [DISABLED] NVSvc
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Pilote de port parallèle/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (Pilote parallèle VDM/Microsoft Corporation) [AUTO] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (Énumérateur Plug-and-Play PCI pour NT/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Pilote de bus générique PCI IDE/Microsoft Corporation) [BOOT] PCIIde
Service (Pilote de bus PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service C:\WINDOWS\system32\DRIVERS\lv302af.sys (Audio filter for Express Plus/Labtec Inc.) [MANUAL] pepifilter
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\DRIVERS\LV302AV.SYS (Logitech QuickCam Driver/Labtec Inc.) [MANUAL] PID_08A0
Service C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) [AUTO] PlugPlay
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service Processor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Pilote de filtre audio Livre rouge/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) [MANUAL] RTL8023xp
Service [AUTO] S24EventMonitor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Serveur de gestion de ressources des cartes à puce/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Pilote de périphérique série/Microsoft Corporation) [SYSTEM] Serial
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\speedfan.sys (SpeedFan Device Driver/Windows (R) 2000 DDK provider) [BOOT] speedfan
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd
Service C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [SYSTEM] sp_rsdrv2
Service C:\Program Files\Spyware Terminator\sp_rsser.exe (Spyware Terminator Realtime Shield Service/Crawler.com) [AUTO] sp_rssrv
Service C:\WINDOWS\system32\DRIVERS\sr.sys (Pilote de filtre de système de fichiers pour la restauration du système/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] stisvc
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Service des alertes et des journaux de performance/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Drive Defrag Service/TuneUp Software GmbH) [MANUAL] TuneUp.Defrag
Service C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS (TVicHW32 Driver for Windows NT/2000/XP/EnTech Taiwan) [MANUAL] TVICHW32
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\wdfmgr.exe (Windows User Mode Driver Manager/Microsoft Corporation) [MANUAL] UMWdf
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service usb
Service C:\WINDOWS\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) [MANUAL] usbaudio
Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\Program Files\Windows Live\Messenger\usnsvc.exe (Messenger Sharing USN Journal Reader Service/Microsoft Corporation) [MANUAL] usnjsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] UxTuneUp
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service [DISABLED] ViaIde
Service (Pilote de cliché instantané du volume/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Service de cliché instantané de volumes Microsoft®/Microsoft Corporation) [MANUAL] VSS
Service VXD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Windows Live Setup Service/Microsoft Corporation) [MANUAL] WLSetupSvc
Service C:\Program Files\Windows Media Connect 2\wmccds.exe (Windows Media Connect/Microsoft Corporation) [MANUAL] WMConnectCDS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Micr
0
Réponse 15 / 61
ganesh
 
oups desoler pour le double message!! =(
0
Réponse 16 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Télécharges Blacklight :

http://www.commentcamarche.net/telecharger/telechargement 34055027 f secure blacklight

- Lance-le en double-cliquant sur le fichier blbeta.exe
- Accepte la licence, et clique enfin sur "Scan" puis Next et exit.
- Un rapport fsbl-bxxxx.log va être créé dans le même dossier que blbeta.exe
- Ouvre fsbl-bxxxx.log et copie/colle le contenu ici, pour cela :
- Menu Edition / copier
- ici dans un nouveau message : clic droit / coller

Aide : Tu peux consulter le tutorial : https://www.malekal.com/tutorial-f-secure-blacklight/
0
Réponse 17 / 61
ganesh
 
ta version a expirer alor je fais un scan en ligne c est quand meme bon?
0
Réponse 18 / 61
Darkkiller Messages postés 2336 Statut Contributeur 67
 
Re,

Autre manière (Et oui il y en a des millions :D) :

ComboFix
Désactive les logiciels de protection (Antivirus, Antispywares) puis :

Télécharge Combofix sUBs : [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]combofix.exe[/url]
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Copie/colle un nouveau rapport HiJackThis avec.

0
Réponse 19 / 61
ganesh
 
re voila par contre le rapport me parait vraiment long!! j ai du me tromper quelque part enfin je te post tou kome ca je suis sur

ComboFix 08-04-20.5 - antoine 2008-04-22 16:36:24.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.515 [GMT 2:00]
Endroit: C:\Documents and Settings\antoine\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\butsaxbo.ini
C:\WINDOWS\system32\butsaxbo.ini2
C:\WINDOWS\system32\butsaxbo.tmp
C:\WINDOWS\system32\dpcproxy.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\tuvTmNGx.dll
C:\WINDOWS\system32\UtwEKRqr.ini
C:\WINDOWS\system32\UtwEKRqr.ini2

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.

2008-04-22 16:28 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-04-22 16:27 . 2004-08-19 18:09 466,944 --a--c--- C:\WINDOWS\system32\dllcache\OLD9EC.tmp
2008-04-22 16:26 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-04-22 16:25 . 2004-08-19 16:09 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2008-04-22 16:24 . 2001-08-28 16:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\OLD7A1.tmp
2008-04-22 16:23 . 2001-08-28 16:00 1,158,818 --a--c--- C:\WINDOWS\system32\dllcache\OLD716.tmp
2008-04-22 16:22 . 2001-08-28 16:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\OLD5C3.tmp
2008-04-22 16:21 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-04-22 16:20 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-04-22 16:19 . 2001-08-28 16:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\OLD33F.tmp
2008-04-22 16:18 . 2007-06-15 03:41 2,940,960 --a------ C:\WINDOWS\system32\OLD182.tmp
2008-04-22 16:17 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-04-22 16:16 . 2007-02-28 18:02 2,138,112 --a--c--- C:\WINDOWS\system32\dllcache\OLDA6.tmp
2008-04-22 16:16 . 2004-08-19 18:09 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\OLDBA.tmp
2008-04-22 16:16 . 2004-08-19 18:09 189,440 --a--c--- C:\WINDOWS\system32\dllcache\OLDB7.tmp
2008-04-22 16:16 . 2004-08-19 18:01 78,336 --a--c--- C:\WINDOWS\system32\dllcache\OLDA3.tmp
2008-04-22 16:16 . 2004-08-19 18:09 68,608 --a--c--- C:\WINDOWS\system32\dllcache\OLD9A.tmp
2008-04-22 16:16 . 2001-08-23 17:46 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-04-22 16:16 . 2003-03-24 16:52 32,827 --a--c--- C:\WINDOWS\system32\dllcache\OLDC6.tmp
2008-04-22 16:16 . 2003-03-24 16:52 20,536 --a--c--- C:\WINDOWS\system32\dllcache\OLDB0.tmp
2008-04-22 16:16 . 2003-03-24 16:52 16,437 --a--c--- C:\WINDOWS\system32\dllcache\OLDB4.tmp
2008-04-22 16:16 . 2003-04-14 21:29 16,384 --a--c--- C:\WINDOWS\system32\dllcache\OLDCA.tmp
2008-04-22 16:16 . 2004-08-19 18:09 8,192 --a--c--- C:\WINDOWS\system32\dllcache\OLDBD.tmp
2008-04-22 16:14 . 2008-04-22 16:29 <REP> d-------- C:\WINDOWS\LastGood
2008-04-22 16:14 . 2004-08-19 18:09 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLD19.tmp
2008-04-22 16:14 . 2004-08-19 18:09 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD16.tmp
2008-04-22 16:14 . 2003-03-24 16:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLDF.tmp
2008-04-22 16:14 . 2003-03-24 16:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD13.tmp
2008-04-22 15:45 . 2008-04-22 15:45 <REP> d-------- C:\fsaua.data
2008-04-22 14:44 . 2008-04-22 14:56 250 --a------ C:\WINDOWS\gmer.ini
2008-04-22 13:46 . 2008-04-22 14:11 <REP> d-------- C:\Program Files\Navilog1
2008-04-22 13:25 . 2008-04-22 13:25 106,496 --a------ C:\WINDOWS\system32\whclmdgj.exe
2008-04-22 12:47 . 2008-04-22 12:53 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-22 12:43 . 2008-04-22 12:43 <REP> d-------- C:\Program Files\Trend Micro
2008-04-22 12:29 . 2008-04-22 12:29 <REP> d-------- C:\Documents and Settings\antoine\Application Data\Grisoft
2008-04-22 12:28 . 2008-04-22 12:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-22 12:28 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-04-22 11:34 . 2008-04-22 11:34 106,496 --a------ C:\WINDOWS\system32\roforsxu.exe
2008-04-21 17:45 . 2008-04-21 19:34 <REP> d-------- C:\Program Files\Spyware Terminator
2008-04-21 17:45 . 2008-04-22 14:40 <REP> d-------- C:\Documents and Settings\antoine\Application Data\Spyware Terminator
2008-04-21 17:45 . 2008-04-22 11:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-04-21 17:45 . 2008-04-21 17:45 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-04-21 17:25 . 2008-04-21 17:25 106,496 --a------ C:\WINDOWS\system32\itkhuxmj.exe
2008-04-21 15:37 . 2008-04-21 15:37 <REP> d-------- C:\TEMP
2008-04-21 15:34 . 2008-04-21 15:34 <REP> d-------- C:\Program Files\Alwil Software
2008-04-21 13:27 . 2008-04-21 13:27 114,688 --a------ C:\WINDOWS\system32\zsrsnqzc.exe
2008-04-21 13:05 . 2008-01-25 04:17 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-04-21 13:05 . 2008-01-25 04:17 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-21 13:04 . 2008-01-25 04:17 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-04-21 13:04 . 2008-01-25 04:17 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-21 13:04 . 2008-01-24 20:27 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-04-21 13:04 . 2008-01-25 04:17 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-21 13:04 . 2008-01-25 04:17 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-04-21 13:04 . 2008-04-21 13:05 <REP> d-------- C:\Documents and Settings\Administrateur
2008-04-21 13:04 . 2008-04-22 16:04 1,024 --ah----- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
2008-04-20 21:58 . 2008-04-21 23:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-20 20:02 . 2008-04-20 21:26 534 ---hs---- C:\WINDOWS\system32\dqmronim.ini
2008-04-20 12:12 . 2008-04-20 12:12 294 ---hs---- C:\WINDOWS\system32\qlxvvcls.ini
2008-04-20 00:02 . 2008-04-22 13:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\qvstyjwf
2008-04-19 15:38 . 2008-04-19 15:38 <REP> d-------- C:\Logs
2008-04-10 23:03 . 2008-04-15 17:37 <REP> d-------- C:\Program Files\Dofus
2008-04-10 20:43 . 2008-04-10 20:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-04-10 20:28 . 2007-06-14 21:05 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-04-10 20:27 . 2008-04-10 20:38 <REP> d-------- C:\Program Files\ATI Technologies
2008-04-10 20:25 . 2007-06-15 03:31 3,107,788 -ra------ C:\WINDOWS\system32\ativvaxx.dat
2008-04-10 20:25 . 2007-06-15 03:31 3,107,788 -ra------ C:\WINDOWS\system32\ativva5x.dat
2008-04-10 20:25 . 2007-06-15 03:31 972,072 -ra------ C:\WINDOWS\system32\ativva6x.dat
2008-04-10 20:25 . 2007-06-15 04:00 344,064 -ra------ C:\WINDOWS\system32\ATIDEMGX.dll
2008-04-10 20:25 . 2007-06-15 03:56 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2008-04-10 20:25 . 2007-06-05 19:40 149,278 -ra------ C:\WINDOWS\system32\atiicdxx.dat
2008-04-10 20:25 . 2007-05-03 19:52 11,557 -ra------ C:\WINDOWS\atiogl.xml
2008-04-10 20:25 . 2007-04-12 03:33 7,069 -ra------ C:\WINDOWS\system32\atifglpf.xml
2008-04-10 19:22 . 2008-04-10 19:22 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-04-09 03:01 . 2008-04-09 03:04 1,355 --a------ C:\WINDOWS\imsins.BAK
2008-04-08 16:27 . 2008-04-08 16:27 <REP> d-------- C:\Program Files\NRJ
2008-04-07 14:39 . 2008-04-07 14:40 <REP> d-------- C:\Program Files\directX 9.c
2008-04-07 14:39 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
2008-04-07 14:39 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll
2008-04-07 14:39 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll
2008-04-07 14:39 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll
2008-04-07 14:39 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll
2008-04-07 14:39 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll
2008-04-06 18:12 . 2008-04-21 16:47 518 --a------ C:\WINDOWS\WININIT.INI
2008-04-06 18:04 . 2008-04-18 20:19 <REP> d-------- C:\Program Files\CamStudio
2008-04-06 17:45 . 2008-04-10 19:30 4,096 --a------ C:\WINDOWS\system32\crash
2008-04-06 12:17 . 2008-04-06 12:17 <REP> d-------- C:\Program Files\Jufsoft
2008-04-05 15:30 . 2007-06-15 04:00 344,064 -ra------ C:\WINDOWS\system32\SET56.tmp
2008-04-03 11:32 . 2008-04-03 11:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-04-01 14:04 . 2008-04-01 14:04 35 --a------ C:\WINDOWS\wwwbatch.ini
2008-03-31 14:29 . 2008-03-31 14:30 <REP> d-------- C:\Documents and Settings\antoine\Application Data\Image Zone Express
2008-03-31 13:57 . 2008-03-31 13:57 <REP> d-------- C:\Program Files\ma-config.com
2008-03-31 13:57 . 2008-04-22 12:03 <REP> d-------- C:\Documents and Settings\antoine\Application Data\ma-config.com
2008-03-31 13:54 . 2008-03-31 13:54 <REP> d-------- C:\Program Files\Fichiers communs\SWF Studio
2008-03-27 17:28 . 2008-03-27 17:28 2,322,176 --a------ C:\WINDOWS\system32\TUKernel.exe
2008-03-27 17:21 . 2008-03-27 17:24 <REP> d--h----- C:\WINDOWS\Icons
2008-03-25 22:47 . 2008-03-25 22:47 <REP> d-------- C:\Program Files\Fichiers communs\Sandlot Shared
2008-03-24 12:27 . 2008-03-25 22:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-03-24 11:45 . 2008-03-24 11:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BOONTY
2008-03-24 11:38 . 2008-03-24 12:23 <REP> d-------- C:\Program Files\BoontyGames
2008-03-24 11:38 . 2008-03-24 11:38 <REP> d-------- C:\Program Files\Boonty
2008-03-22 12:17 . 2007-10-12 16:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-03-22 12:17 . 2007-10-12 16:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-03-22 12:17 . 2007-10-02 10:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-03-22 12:17 . 2007-10-22 04:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-03-22 12:17 . 2007-07-20 01:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-22 14:18 --------- d-----w C:\Program Files\SpeedFan
2008-04-22 14:13 --------- d-----w C:\Program Files\Steam
2008-04-21 10:49 --------- d-----w C:\Documents and Settings\antoine\Application Data\Azureus
2008-04-21 10:40 --------- d-----w C:\Program Files\Azureus
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\WINWGPX.EXE
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\winsystem.exe
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\thun32.dll
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\thun.dll
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\sysreq.exe
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\ssvchost.com
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\Rundl1.exe
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\newsd32.exe
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\mssecu.exe
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\bdn.com
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\awtoolb.dll
2008-04-20 22:54 4,096 ----a-w C:\WINDOWS\system32\akttzn.exe
2008-04-20 20:07 --------- d-----w C:\Program Files\Google
2008-04-19 13:39 --------- d-----w C:\Program Files\World of Warcraft
2008-04-19 13:34 --------- d-----w C:\Program Files\Maxis
2008-04-16 08:30 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-16 08:19 --------- d-----w C:\Program Files\Ubisoft
2008-04-16 08:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-15 08:02 --------- d-----w C:\Documents and Settings\antoine\Application Data\LimeWire
2008-04-09 01:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-07 16:40 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-21 11:03 --------- d-----w C:\Program Files\Java
2008-03-20 07:56 1,846,016 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-12 14:53 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 2
2008-03-06 15:12 --------- d-----w C:\Program Files\PC Suite for MTV3.0
2008-03-05 10:19 --------- d-----w C:\Program Files\LucasArts
2008-03-01 13:27 --------- d-----w C:\Program Files\Sunbelt Software
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-29 09:35 --------- d-----w C:\Program Files\VirtualDub
2008-02-28 10:44 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-27 13:58 --------- d-----w C:\Documents and Settings\antoine\Application Data\teamspeak2
2008-02-26 14:57 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-26 14:57 --------- d-----w C:\Program Files\Windows Live
2008-02-26 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-23 12:47 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-18 11:18 159,250 ----a-w C:\WINDOWS\CSSBScript - Version Full Uninstaller.exe
2008-02-11 16:45 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-02-11 15:41 306,432 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-26 21:55 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-01-26 14:11 22,328 ----a-w C:\Documents and Settings\antoine\Application Data\PnkBstrK.sys
2008-01-26 14:11 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-01-26 14:10 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-01-26 14:10 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-01-25 12:21 155,995 ----a-w C:\WINDOWS\java\Packages\4TJ1B3PN.ZIP
2008-01-24 19:14 315,392 ----a-w C:\WINDOWS\HideWin.exe
.

------- Sigcheck -------

2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2006-03-12 02:50 359808 667192a11db19f36624119c0dd4de4f2 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2008-04-07 18:40 360064 8283a4d489b207991efdc8328733d0bc C:\WINDOWS\LastGood\system32\drivers\tcpip.sys
2008-04-07 18:40 360064 8283a4d489b207991efdc8328733d0bc C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-22_16.21.31.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-06-20 22:04:44 1,852,928 ----a-w C:\WINDOWS\LastGood\apppatch\acgenral.dll
+ 2006-06-20 22:09:54 10,752 ----a-w C:\WINDOWS\LastGood\hh.exe
+ 2006-02-08 19:05:11 577,536 ----a-w C:\WINDOWS\LastGood\notepad.exe
+ 2006-06-20 22:11:23 172,544 ----a-w C:\WINDOWS\LastGood\pchealth\helpctr\binaries\msconfig.exe
+ 2007-06-15 01:11:18 376,832 ----a-w C:\WINDOWS\LastGood\system32\ati2cqag.dll
+ 2007-06-15 01:59:14 268,800 ----a-w C:\WINDOWS\LastGood\system32\ati2dvag.dll
+ 2007-06-15 01:41:56 2,940,960 ----a-w C:\WINDOWS\LastGood\system32\ati3duag.dll
+ 2007-06-15 01:31:50 1,513,216 ----a-w C:\WINDOWS\LastGood\system32\ativvaxx.dll
+ 2006-06-20 22:04:56 62,464 ----a-w C:\WINDOWS\LastGood\system32\authz.dll
+ 2006-06-20 22:11:57 225,792 ----a-w C:\WINDOWS\LastGood\system32\catsrv.dll
+ 2006-06-20 22:11:58 625,152 ----a-w C:\WINDOWS\LastGood\system32\catsrvut.dll
+ 2006-06-20 22:11:53 2,068,480 ----a-w C:\WINDOWS\LastGood\system32\cdosys.dll
+ 2006-06-20 22:11:58 110,080 ----a-w C:\WINDOWS\LastGood\system32\clbcatex.dll
+ 2006-06-20 22:11:59 498,688 ----a-w C:\WINDOWS\LastGood\system32\clbcatq.dll
+ 2006-06-20 22:11:59 60,416 ----a-w C:\WINDOWS\LastGood\system32\colbact.dll
+ 2006-06-20 22:12:00 195,072 ----a-w C:\WINDOWS\LastGood\system32\com\comadmin.dll
+ 2006-06-20 22:12:00 97,792 ----a-w C:\WINDOWS\LastGood\system32\comrepl.dll
+ 2006-06-20 22:12:01 1,267,200 ----a-w C:\WINDOWS\LastGood\system32\comsvcs.dll
+ 2006-06-20 22:12:02 540,160 ----a-w C:\WINDOWS\LastGood\system32\comuid.dll
+ 2004-08-19 16:09:20 29,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admexs.dll
+ 2003-03-24 14:52:04 20,540 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admin.dll
+ 2003-03-24 14:52:04 16,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admin.exe
+ 2004-08-19 16:09:20 43,520 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admwprox.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admxprox.dll
+ 2001-08-28 14:00:00 50,176 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adrot.dll
+ 2004-08-19 16:09:20 290,816 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adsiis51.dll
+ 2004-08-19 16:09:20 110,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\appconf.dll
+ 2004-08-19 16:09:20 334,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aqueue.dll
+ 2004-08-19 16:09:20 377,344 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asp51.dll
+ 2001-08-28 14:00:00 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aspperf.dll
+ 2001-08-28 14:00:00 29,184 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asptxn.dll
+ 2001-08-28 14:00:00 11,264 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atrace.dll
+ 2001-08-28 14:00:00 9,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\authfilt.dll
+ 2003-03-24 14:52:04 20,540 ----a-w C:\WINDOWS\LastGood\system32\dllcache\author.dll
+ 2003-03-24 14:52:04 16,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\author.exe
+ 2001-08-28 14:00:00 45,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\browscap.dll
+ 2001-08-28 14:00:00 218,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\c_g18030.dll
+ 2001-08-28 14:00:00 6,656 ----a-w C:\WINDOWS\LastGood\system32\dllcache\c_is2022.dll
+ 2001-08-28 14:00:00 10,752 ----a-w C:\WINDOWS\LastGood\system32\dllcache\c_iscii.dll
+ 2001-08-28 14:00:00 54,528 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cap7146.sys
+ 2003-03-24 14:52:04 188,480 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cfgwiz.exe
+ 2001-08-28 14:00:00 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\change.exe
+ 2001-08-28 14:00:00 13,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chglogon.exe
+ 2001-08-28 14:00:00 15,872 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chgport.exe
+ 2001-08-28 14:00:00 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chgusr.exe
+ 2001-08-28 14:00:00 1,677,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chsbrkr.dll
+ 2001-08-28 14:00:00 838,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chtbrkr.dll
+ 2004-08-03 22:31:52 97,792 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chtmbx.dll
+ 2004-08-03 22:31:54 56,320 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chtskdic.dll
+ 2004-08-03 22:31:54 173,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\chtskf.dll
+ 2004-08-03 22:31:54 198,656 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cintime.dll
+ 2004-08-03 22:31:56 480,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cintsetp.exe
+ 2004-08-19 16:09:22 47,104 ----a-w C:\WINDOWS\LastGood\system32\dllcache\coadmin.dll
+ 2004-08-19 16:09:22 24,064 ----a-w C:\WINDOWS\LastGood\system32\dllcache\compfilt.dll
+ 2001-08-28 14:00:00 33,792 ----a-w C:\WINDOWS\LastGood\system32\dllcache\controt.dll
+ 2001-08-28 14:00:00 56,832 ----a-w C:\WINDOWS\LastGood\system32\dllcache\convlog.exe
+ 2001-08-28 14:00:00 20,480 ----a-w C:\WINDOWS\LastGood\system32\dllcache\counters.dll
+ 2004-08-03 22:31:40 57,399 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cplexe.exe
+ 2001-08-28 14:00:00 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cprofile.exe
+ 2004-08-19 16:09:52 42,496 ----a-w C:\WINDOWS\LastGood\system32\dllcache\davcdata.exe
+ 2001-08-28 14:00:00 514,587 ----a-w C:\WINDOWS\LastGood\system32\dllcache\edb500.dll
+ 2001-08-17 18:10:54 19,996 ----a-w C:\WINDOWS\LastGood\system32\dllcache\em556n4.sys
+ 2001-08-28 14:00:00 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\esucmd.dll
+ 2001-08-28 14:00:00 57,856 ----a-w C:\WINDOWS\LastGood\system32\dllcache\esuimgd.dll
+ 2001-08-28 14:00:00 45,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\esunid.dll
+ 2001-08-28 14:00:00 25,856 ----a-w C:\WINDOWS\LastGood\system32\dllcache\et4000.sys
+ 2004-08-19 16:09:26 109,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\evntagnt.dll
+ 2004-08-19 16:09:54 26,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\evntcmd.exe
+ 2004-08-19 16:09:54 94,720 ----a-w C:\WINDOWS\LastGood\system32\dllcache\evntwin.exe
+ 2001-08-23 16:46:58 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_adsiisex.dll
+ 2001-08-23 16:46:58 45,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_aqadmin.dll
+ 2001-08-23 16:47:04 43,520 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_fcachdll.dll
+ 2001-08-23 16:47:06 65,536 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_mailmsg.dll
+ 2001-08-23 16:47:16 38,912 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_ntfsdrv.dll
+ 2001-08-23 16:47:44 23,040 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_regtrace.exe
+ 2001-08-23 16:47:16 57,856 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_scripto.dll
+ 2001-08-23 16:47:18 26,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_seos.dll
+ 2001-08-23 16:47:18 12,800 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_smtpctrs.dll
+ 2001-08-23 16:47:18 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_snprfdll.dll
+ 2004-08-19 16:09:26 14,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\exstrace.dll
+ 2001-08-28 14:00:00 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\f3ahvoas.dll
+ 2001-08-17 18:10:54 22,090 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fem556n5.sys
+ 2001-08-28 14:00:00 15,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\flattemp.exe
+ 2004-05-12 23:39:48 184,435 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4amsft.dll
+ 2003-03-24 14:52:04 82,035 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4anscp.dll
+ 2003-03-24 14:52:04 147,513 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4apws.dll
+ 2003-03-24 14:52:04 49,210 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4areg.dll
+ 2003-03-24 14:52:04 102,509 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4atxt.dll
+ 2003-03-24 14:52:04 41,020 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avnb.dll
+ 2003-03-24 14:52:04 32,826 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avss.dll
+ 2003-03-24 14:52:04 49,212 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awebs.dll
+ 2004-05-12 23:39:48 876,653 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awel.dll
+ 2002-05-14 12:08:54 14,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98sadm.exe
+ 2002-05-14 12:08:54 109,328 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98swin.exe
+ 2003-03-24 14:52:04 24,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpadmcgi.exe
+ 2003-03-24 14:52:04 20,541 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpadmdll.dll
+ 2003-03-24 14:52:04 188,494 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpcount.exe
+ 2002-05-14 12:08:54 94,208 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpencode.dll
+ 2003-03-24 14:52:04 20,541 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpexedll.dll
+ 2004-05-12 23:39:48 598,071 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmc.dll
+ 2003-04-14 19:29:34 217,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmcsat.dll
+ 2003-03-24 14:52:04 20,538 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpremadm.exe
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftlx041e.dll
+ 2001-08-28 14:00:00 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpctrs2.dll
+ 2004-08-19 16:09:28 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpmib.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpsapi2.dll
+ 2004-08-19 16:09:28 127,488 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpsv251.dll
+ 2004-08-19 16:09:28 452,096 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsapi.dll
+ 2001-08-28 14:00:00 113,664 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxscfgwz.dll
+ 2004-08-19 16:09:56 143,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsclnt.exe
+ 2001-08-28 14:00:00 141,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsclntr.dll
+ 2004-08-19 16:09:28 72,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxscom.dll
+ 2004-08-19 16:09:28 285,184 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxscomex.dll
+ 2004-08-19 16:09:56 238,592 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxscover.exe
+ 2004-08-19 16:09:28 27,136 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsdrv.dll
+ 2004-08-19 16:09:28 66,048 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsevent.dll
+ 2004-08-19 16:09:28 23,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsext32.dll
+ 2004-08-19 16:09:28 24,064 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsmon.dll
+ 2004-08-19 16:09:28 8,704 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsperf.dll
+ 2004-08-19 16:08:14 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsres.dll
+ 2001-08-28 14:00:00 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsroute.dll
+ 2001-08-28 14:00:00 11,776 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxssend.exe
+ 2004-08-19 16:09:28 563,712 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsst.dll
+ 2004-08-19 16:09:56 268,800 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxssvc.exe
+ 2004-08-19 16:09:28 246,272 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxst30.dll
+ 2004-08-19 16:09:28 397,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxstiff.dll
+ 2004-08-19 16:09:28 156,672 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsui.dll
+ 2004-08-19 16:09:28 197,120 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxswzrd.dll
+ 2004-08-19 16:09:28 400,896 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fxsxp32.dll
+ 2004-08-19 16:09:28 32,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\gzip.dll
+ 2001-08-28 14:00:00 36,864 ----a-w C:\WINDOWS\LastGood\system32\dllcache\hanjadic.dll
+ 2004-08-19 16:09:28 39,936 ----a-w C:\WINDOWS\LastGood\system32\dllcache\hostmib.dll
+ 2004-08-19 16:09:28 268,288 ----a-w C:\WINDOWS\LastGood\system32\dllcache\httpext.dll
+ 2004-08-19 16:09:28 8,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\httpmb51.dll
+ 2004-08-19 16:09:28 62,464 ----a-w C:\WINDOWS\LastGood\system32\dllcache\httpod51.dll
+ 2001-08-28 14:00:00 10,096,640 ----a-w C:\WINDOWS\LastGood\system32\dllcache\hwxcht.dll
+ 2001-08-28 14:00:00 13,463,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\hwxjpn.dll
+ 2001-08-28 14:00:00 10,129,408 ----a-w C:\WINDOWS\LastGood\system32\dllcache\hwxkor.dll
+ 2004-08-19 16:09:28 25,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisadmin.dll
+ 2004-08-19 16:09:28 145,408 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iische51.dll
+ 2001-08-28 14:00:00 60,928 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisclex4.dll
+ 2001-08-28 14:00:00 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iiscrmap.dll
+ 2004-08-19 16:09:28 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisext51.dll
+ 2004-08-19 16:09:28 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisfecnv.dll
+ 2004-08-19 16:09:28 79,872 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iislog51.dll
+ 2004-08-19 16:09:28 64,512 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iismap.dll
+ 2001-08-28 14:00:00 3,584 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iismui.dll
+ 2001-08-28 14:00:00 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisreset.exe
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstap.dll
+ 2004-08-19 16:09:56 31,232 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstas.exe
+ 2004-08-19 16:09:28 133,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrtl.dll
+ 2001-08-28 14:00:00 6,656 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iissync.exe
+ 2001-08-28 14:00:00 173,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisui.dll
+ 2004-08-03 23:04:38 106,496 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imekrcic.dll
+ 2004-08-03 23:04:34 86,016 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imekrmbx.dll
+ 2001-08-28 14:00:00 44,032 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imekrmig.exe
+ 2001-08-28 14:00:00 102,463 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imepadsm.dll
+ 2001-08-28 14:00:00 311,359 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imepadsv.exe
+ 2004-08-03 22:31:50 811,064 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjp81k.dll
+ 2004-08-03 22:31:52 368,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpcic.dll
+ 2004-08-03 22:31:52 716,856 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpcus.dll
+ 2001-08-28 14:00:00 57,398 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpdadm.exe
+ 2004-08-03 22:31:54 81,976 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpdct.dll
+ 2004-08-03 22:31:54 307,257 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpdct.exe
+ 2004-08-03 22:31:56 155,705 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpdsvr.exe
+ 2004-08-03 22:31:58 196,665 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpinst.exe
+ 2004-08-03 22:32:00 208,952 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpmig.exe
+ 2004-08-03 22:32:12 233,527 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjprw.exe
+ 2001-08-28 14:00:00 45,109 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjpuex.exe
+ 2004-08-03 22:32:16 262,200 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjputy.exe
+ 2004-08-03 22:32:16 274,489 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imjputyc.dll
+ 2001-08-28 14:00:00 59,904 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imkrinst.exe
+ 2004-08-03 22:32:28 102,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imlang.dll
+ 2004-08-03 22:31:50 59,392 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imscinst.exe
+ 2001-08-28 14:00:00 471,102 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imskdic.dll
+ 2001-08-28 14:00:00 315,452 ----a-w C:\WINDOWS\LastGood\system32\dllcache\imskf.dll
+ 2004-08-19 16:09:56 15,872 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetin51.exe
+ 2004-08-19 16:09:30 842,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.dll
+ 2001-08-28 14:00:00 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.exe
+ 2001-08-28 14:00:00 19,968 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetsloc.dll
+ 2004-08-19 16:09:30 13,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\infoadmn.dll
+ 2004-08-19 16:09:30 257,024 ----a-w C:\WINDOWS\LastGood\system32\dllcache\infocomm.dll
+ 2001-08-28 14:00:00 8,704 ----a-w C:\WINDOWS\LastGood\system32\dllcache\infoctrs.dll
+ 2004-08-19 16:09:32 36,864 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iprip.dll
+ 2001-08-28 14:00:00 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\isapips.dll
+ 2004-08-19 16:09:32 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\isatq.dll
+ 2004-08-19 16:09:32 27,648 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iscomlog.dll
+ 2001-08-28 14:00:00 9,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iwrps.dll
+ 2001-08-28 14:00:00 18,432 ----a-w C:\WINDOWS\LastGood\system32\dllcache\jupiw.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbd101.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbd101a.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbd106n.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbda1.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbda2.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbda3.dll
+ 2001-08-28 14:00:00 5,120 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdarme.dll
+ 2001-08-28 14:00:00 5,120 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdarmw.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdax2.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbddiv1.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbddiv2.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdfa.dll
+ 2001-08-28 14:00:00 5,120 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdgeo.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdheb.dll
+ 2001-08-28 14:00:00 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdibm02.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdindev.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdinguj.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdinhin.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdinkan.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdinmar.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdinpun.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdintam.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdintel.dll
+ 2001-08-28 14:00:00 6,656 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdlk41a.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdlk41j.dll
+ 2001-08-28 14:00:00 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdnec95.dll
+ 2001-08-28 14:00:00 9,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdnecat.dll
+ 2001-08-28 14:00:00 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdnecnt.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdsyr1.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdsyr2.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdth0.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdth1.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdth2.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdth3.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdurdu.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdusa.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\kbdvntc.dll
+ 2001-08-28 14:00:00 70,656 ----a-w C:\WINDOWS\LastGood\system32\dllcache\korwbrkr.dll
+ 2004-08-19 16:09:32 33,792 ----a-w C:\WINDOWS\LastGood\system32\dllcache\lmmib2.dll
+ 2001-08-28 14:00:00 22,016 ----a-w C:\WINDOWS\LastGood\system32\dllcache\logscrpt.dll
+ 2004-08-19 16:09:32 13,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\lonsint.dll
+ 2004-08-19 16:09:32 23,040 ----a-w C:\WINDOWS\LastGood\system32\dllcache\lpdsvc.dll
+ 2004-08-19 16:09:32 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\lprmon.dll
+ 2004-08-19 16:09:32 37,888 ----a-w C:\WINDOWS\LastGood\system32\dllcache\md5filt.dll
+ 2001-08-28 14:00:00 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\mdsync.dll
+ 2004-08-19 16:09:32 86,016 ----a-w C:\WINDOWS\LastGood\system32\dllcache\metada51.dll
+ 2001-08-28 14:00:00 92,032 ----a-w C:\WINDOWS\LastGood\system32\dllcache\mga.dll
+ 2001-08-28 14:00:00 92,416 ----a-w C:\WINDOWS\LastGood\system32\dllcache\mga.sys
+ 2001-08-28 14:00:00 34,816 ----a-w C:\WINDOWS\LastGood\system32\dllcache\migisol.exe
+ 2001-08-28 14:00:00 98,304 ----a-w C:\WINDOWS\LastGood\system32\dllcache\msir3jp.dll
+ 2004-08-19 16:10:00 40,960 ----a-w C:\WINDOWS\LastGood\system32\dllcache\msiregmv.exe
+ 2001-08-28 14:00:00 111,104 ----a-w C:\WINDOWS\LastGood\system32\dllcache\mtstocom.exe
+ 2001-08-28 14:00:00 229,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\multibox.dll
+ 2001-08-28 14:00:00 53,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\nextlink.dll
+ 2004-08-19 16:09:38 45,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\nsepm.dll
+ 2007-02-28 16:02:21 2,138,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ntkrnlmp.exe
+ 2007-02-28 16:02:21 2,017,792 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ntkrpamp.exe
+ 2004-08-03 22:32:12 15,872 ----a-w C:\WINDOWS\LastGood\system32\dllcache\padrs404.dll
+ 2001-08-28 14:00:00 36,927 ----a-w C:\WINDOWS\LastGood\system32\dllcache\padrs411.dll
+ 2001-08-28 14:00:00 14,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\padrs412.dll
+ 2004-08-03 22:31:50 15,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\padrs804.dll
+ 2001-08-28 14:00:00 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pagecnt.dll
+ 2001-08-28 14:00:00 20,992 ----a-w C:\WINDOWS\LastGood\system32\dllcache\permchk.dll
+ 2004-08-03 22:31:50 175,104 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pintlcsa.dll
+ 2004-08-03 22:31:50 53,760 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pintlcsd.dll
+ 2004-08-03 22:31:50 70,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pintlphr.exe
+ 2004-08-03 22:31:50 67,584 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pmigrate.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pmxgl.dll
+ 2001-08-28 14:00:00 11,264 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pmxmcro.dll
+ 2001-08-28 14:00:00 131,584 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pmxviceo.dll
+ 2004-08-19 16:09:40 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\pwsdata.dll
+ 2001-08-28 14:00:00 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\query.exe
+ 2001-08-28 14:00:00 16,896 ----a-w C:\WINDOWS\LastGood\system32\dllcache\quser.exe
+ 2004-08-03 23:00:52 20,736 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ramdisk.sys
+ 2001-08-28 14:00:00 15,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\register.exe
+ 2004-08-19 16:09:40 4,096 ----a-w C:\WINDOWS\LastGood\system32\dllcache\rpcref.dll
+ 2001-08-28 14:00:00 25,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\rw001ext.dll
+ 2001-08-28 14:00:00 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\rw330ext.dll
+ 2001-08-28 14:00:00 81,408 ----a-w C:\WINDOWS\LastGood\system32\dllcache\rwia001.dll
+ 2001-08-28 14:00:00 81,408 ----a-w C:\WINDOWS\LastGood\system32\dllcache\rwia330.dll
+ 2004-08-19 16:09:40 9,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\rwnh.dll
+ 2004-08-19 16:09:42 221,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\seo.dll
+ 2003-03-24 14:52:04 20,536 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.dll
+ 2003-03-24 14:52:04 16,437 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.exe
+ 2001-08-28 14:00:00 18,944 ----a-w C:\WINDOWS\LastGood\system32\dllcache\simptcp.dll
+ 2001-08-28 14:00:00 25,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm59w.dll
+ 2001-08-28 14:00:00 30,208 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm81w.dll
+ 2001-08-28 14:00:00 30,208 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm87w.dll
+ 2001-08-28 14:00:00 26,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm89w.dll
+ 2001-08-28 14:00:00 26,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm8aw.dll
+ 2001-08-28 14:00:00 29,184 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm8cw.dll
+ 2001-08-28 14:00:00 26,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm8dw.dll
+ 2001-08-28 14:00:00 26,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm90w.dll
+ 2001-08-28 14:00:00 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm92w.dll
+ 2001-08-28 14:00:00 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm93w.dll
+ 2001-08-28 14:00:00 38,912 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sm9aw.dll
+ 2001-08-28 14:00:00 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sma3w.dll
+ 2001-08-28 14:00:00 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smb6w.dll
+ 2004-08-19 16:10:04 236,544 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smi2smir.exe
+ 2001-08-28 14:00:00 15,872 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smierrsm.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smierrsy.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smimsgif.dll
+ 2004-08-19 16:09:42 189,440 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpadm.dll
+ 2004-08-19 16:09:42 10,752 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpapi.dll
+ 2004-08-19 16:09:44 2,134,528 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpsnap.dll
+ 2004-08-19 16:09:44 466,944 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpsvc.dll
+ 2004-08-19 16:10:04 32,768 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmp.exe
+ 2004-08-19 16:09:44 259,072 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmpcl.dll
+ 2004-08-19 16:09:44 358,400 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmpincl.dll
+ 2004-08-19 16:09:44 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmpmib.dll
+ 2004-08-19 16:09:44 188,416 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmpsmir.dll
+ 2001-08-28 14:00:00 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmpstup.dll
+ 2004-08-19 16:09:44 40,448 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmpthrd.dll
+ 2004-08-19 16:10:04 8,704 ----a-w C:\WINDOWS\LastGood\system32\dllcache\snmptrap.exe
+ 2001-08-28 14:00:00 143,422 ----a-w C:\WINDOWS\LastGood\system32\dllcache\softkey.dll
+ 2001-08-28 14:00:00 101,888 ----a-w C:\WINDOWS\LastGood\system32\dllcache\srusbusd.dll
+ 2004-08-19 16:09:46 45,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ssinc51.dll
+ 2004-08-19 16:09:46 46,592 ----a-w C:\WINDOWS\LastGood\system32\dllcache\sspifilt.dll
+ 2001-08-28 14:00:00 16,896 ----a-w C:\WINDOWS\LastGood\system32\dllcache\status.dll
+ 2004-08-19 16:09:46 8,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\staxmem.dll
+ 2004-08-19 16:09:46 46,592 ----a-w C:\WINDOWS\LastGood\system32\dllcache\svcext51.dll
+ 2003-03-24 14:52:04 32,827 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tcptest.exe
+ 2003-04-14 19:29:34 16,384 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tcptsat.dll
+ 2001-08-28 14:00:00 13,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tdasync.sys
+ 2001-08-28 14:00:00 21,896 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tdipx.sys
+ 2001-08-28 14:00:00 19,464 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tdspx.sys
+ 2001-08-28 14:00:00 185,344 ----a-w C:\WINDOWS\LastGood\system32\dllcache\thawbrkr.dll
+ 2004-08-03 22:32:16 44,032 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tintlphr.exe
+ 2004-08-03 22:32:16 455,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tintsetp.exe
+ 2004-08-03 22:32:14 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tmigrate.dll
+ 2001-08-28 14:00:00 31,232 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tools.dll
+ 2001-08-28 14:00:00 14,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tsprof.exe
+ 2004-08-19 16:09:48 104,448 ----a-w C:\WINDOWS\LastGood\system32\dllcache\uihelper.dll
+ 2004-08-03 23:04:12 76,288 ----a-w C:\WINDOWS\LastGood\system32\dllcache\uniime.dll
+ 2004-08-03 22:32:36 426,041 ----a-w C:\WINDOWS\LastGood\system32\dllcache\voicepad.dll
+ 2004-08-03 22:32:36 86,073 ----a-w C:\WINDOWS\LastGood\system32\dllcache\voicesub.dll
+ 2001-08-28 14:00:00 48,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\w32.dll
+ 2001-08-28 14:00:00 4,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\w3ctrs51.dll
+ 2001-08-28 14:00:00 74,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\w3ext.dll
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\w3svapi.dll
+ 2004-08-19 16:09:48 366,592 ----a-w C:\WINDOWS\LastGood\system32\dllcache\w3svc.dll
+ 2004-08-19 16:09:48 77,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\wam51.dll
+ 2001-08-28 14:00:00 9,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\wamps51.dll
+ 2004-08-19 16:09:48 53,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\wamreg51.dll
+ 2001-08-28 14:00:00 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\wamregps.dll
+ 2001-08-28 14:00:00 41,600 ----a-w C:\WINDOWS\LastGood\system32\dllcache\weitekp9.dll
+ 2001-08-28 14:00:00 31,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\weitekp9.sys
+ 2007-06-15 01:58:54 2,301,440 ----a-w C:\WINDOWS\LastGood\system32\drivers\ati2mtag.sys
+ 2006-06-20 22:03:45 134,912 ----a-w C:\WINDOWS\LastGood\system32\drivers\ipnat.sys
+ 2004-08-03 22:03:14 14,592 ----a-w C:\WINDOWS\LastGood\system32\drivers\ndisuio.sys
+ 2006-06-20 22:11:09 139,528 ----a-w C:\WINDOWS\LastGood\system32\drivers\rdpwd.sys
+ 2006-06-20 22:12:02 243,200 ----a-w C:\WINDOWS\LastGood\system32\es.dll
+ 2006-06-20 22:10:04 41,472 ----a-w C:\WINDOWS\LastGood\system32\hhsetup.dll
+ 2006-06-20 22:11:02 254,976 ----a-w C:\WINDOWS\LastGood\system32\icm32.dll
+ 2006-06-20 22:10:21 155,136 ----a-w C:\WINDOWS\LastGood\system32\itircl.dll
+ 2006-06-20 22:10:22 137,216 ----a-w C:\WINDOWS\LastGood\system32\itss.dll
+ 2006-06-20 22:11:06 297,984 ----a-w C:\WINDOWS\LastGood\system32\kerberos.dll
+ 2006-06-20 22:11:36 19,968 ----a-w C:\WINDOWS\LastGood\system32\linkinfo.dll
+ 2006-06-20 22:02:45 586,240 ----a-w C:\WINDOWS\LastGood\system32\mlang.dll
+ 2006-06-20 22:11:02 73,728 ----a-w C:\WINDOWS\LastGood\system32\mscms.dll
+ 2006-06-20 22:04:06 297,472 ----a-w C:\WINDOWS\LastGood\system32\msctf.dll
+ 2006-06-20 22:11:28 197,632 ----a-w C:\WINDOWS\LastGood\system32\netman.dll
+ 2006-06-20 22:08:13 1,721,344 ----a-w C:\WINDOWS\LastGood\system32\netshell.dll
+ 2006-02-08 19:05:11 577,536 ----a-w C:\WINDOWS\LastGood\system32\notepad.exe
+ 2006-06-20 22:12:06 1,285,632 ----a-w C:\WINDOWS\LastGood\system32\ole32.dll
+ 2006-06-20 22:12:06 75,264 ----a-w C:\WINDOWS\LastGood\system32\olecli32.dll
+ 2006-06-20 22:12:07 37,376 ----a-w C:\WINDOWS\LastGood\system32\olecnv32.dll
+ 2006-06-20 22:12:07 398,336 ----a-w C:\WINDOWS\LastGood\system32\rpcss.dll
+ 2006-01-29 22:35:44 142,336 ----a-w C:\WINDOWS\LastGood\system32\sfc_os.dll
+ 2006-06-20 22:11:16 57,856 ----a-w C:\WINDOWS\LastGood\system32\spoolsv.exe
+ 2006-06-20 22:04:20 96,768 ----a-w C:\WINDOWS\LastGood\system32\srvsvc.dll
+ 2006-06-20 22:11:12 249,344 ----a-w C:\WINDOWS\LastGood\system32\tapisrv.dll
+ 2005-05-11 04:33:19 78,336 ----a-w C:\WINDOWS\LastGood\system32\telnet.exe
+ 2006-06-20 22:12:07 101,376 ----a-w C:\WINDOWS\LastGood\system32\txflog.dll
+ 2006-06-20 22:11:31 124,928 ----a-w C:\WINDOWS\LastGood\system32\umpnpmgr.dll
+ 2006-04-03 18:26:53 219,648 ----a-w C:\WINDOWS\LastGood\system32\uxtheme.dll
+ 2006-06-20 22:04:52 26,624 ----a-w C:\WINDOWS\LastGood\system32\verifier.dll
+ 2006-06-20 19:06:07 1,264,128 ----a-w C:\WINDOWS\LastGood\system32\winntbbu.dll
+ 2006-06-20 22:08:13 381,952 ----a-w C:\WINDOWS\LastGood\system32\wzcdlg.dll
+ 2004-08-19 15:09:50 52,736 ----a-w C:\WINDOWS\LastGood\system32\wzcsapi.dll
+ 2004-08-19 15:09:50 474,624 ----a-w C:\WINDOWS\LastGood\system32\wzcsvc.dll
- 1999-03-07 23:00:00 147,728 ----a-w C:\WINDOWS\system32\ASYCFILT.DLL
+ 2004-08-19 16:09:20 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
- 2007-06-15 01:11:18 376,832 ----a-w C:\WINDOWS\system32\ati2cqag.dll
+ 2004-08-19 14:09:20 229,376 ----a-w C:\WINDOWS\system32\ati2cqag.dll
- 2007-06-15 01:59:14 268,800 ----a-w C:\WINDOWS\system32\ati2dvag.dll
+ 2004-08-19 14:09:20 201,728 ----a-w C:\WINDOWS\system32\ati2dvag.dll
- 2007-06-15 01:41:56 2,940,960 ----a-w C:\WINDOWS\system32\ati3duag.dll
+ 2004-08-19 14:09:20 1,888,992 ----a-w C:\WINDOWS\system32\ati3duag.dll
- 2007-06-15 01:31:50 1,513,216 ----a-w C:\WINDOWS\system32\ativvaxx.dll
+ 2004-08-19 14:09:20 516,768 ----a-w C:\WINDOWS\system32\ativvaxx.dll
+ 2004-08-03 21:10:08 53,248 -c--a-w C:\WINDOWS\system32\dllcache\1394bus.sys
+ 2001-08-17 20:06:48 11,264 -c--a-w C:\WINDOWS\system32\dllcache\1394vdbg.sys
+ 2001-08-23 15:46:44 689,216 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvsm.sys
+ 2004-08-03 21:00:04 12,288 -c--a-w C:\WINDOWS\system32\dllcache\4mmdat.sys
+ 2004-08-03 21:10:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\61883.sys
+ 2001-08-23 15:46:44 38,400 -c--a-w C:\WINDOWS\system32\dllcache\8514a.dll
+ 2001-08-23 15:46:58 98,304 -c--a-w C:\WINDOWS\system32\dllcache\a3d.dll
+ 2001-08-23 15:46:58 462,848 -c--a-w C:\WINDOWS\system32\dllcache\a3dapi.dll
+ 2001-08-17 19:52:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\abp480n5.sys
+ 2004-08-03 20:32:22 231,552 -c--a-w C:\WINDOWS\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 -c--a-w C:\WINDOWS\system32\dllcache\ac97sis.sys
+ 2004-08-03 20:32:32 84,480 -c--a-w C:\WINDOWS\system32\dllcache\ac97via.sys
+ 2001-08-23 15:46:58 61,952 -c--a-w C:\WINDOWS\system32\dllcache\acerscad.dll
+ 2004-08-19 15:51:56 188,672 -c--a-w C:\WINDOWS\system32\dllcache\acpi.sys
+ 2001-08-28 14:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\acpiec.sys
+ 2001-08-17 19:53:02 7,424 -c--a-w C:\WINDOWS\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 -c--a-w C:\WINDOWS\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 -c--a-w C:\WINDOWS\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 -c--a-w C:\WINDOWS\system32\dllcache\adm8820.sys
+ 2001-08-17 18:19:14 747,392 -c--a-w C:\WINDOWS\system32\dllcache\adm8830.sys
- 2003-03-24 14:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\admin.dll
- 2003-03-24 14:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe
+ 2003-03-24 13:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe
+ 2004-08-03 20:32:24 10,880 -c--a-w C:\WINDOWS\system32\dllcache\admjoy.sys
+ 2001-08-17 18:11:16 46,112 -c--a-w C:\WINDOWS\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 -c--a-w C:\WINDOWS\system32\dllcache\adpu160m.sys
+ 2004-08-19 14:09:20 4,255 -c--a-w C:\WINDOWS\system32\dllcache\adv01nt5.dll
+ 2004-08-19 14:09:20 3,967 -c--a-w C:\WINDOWS\system32\dllcache\adv02nt5.dll
+ 2004-08-19 14:09:20 3,615 -c--a-w C:\WINDOWS\system32\dllcache\adv05nt5.dll
+ 2004-08-19 14:09:20 3,647 -c--a-w C:\WINDOWS\system32\dllcache\adv07nt5.dll
+ 2004-08-19 14:09:20 3,135 -c--a-w C:\WINDOWS\system32\dllcache\adv08nt5.dll
+ 2004-08-19 14:09:20 3,711 -c--a-w C:\WINDOWS\system32\dllcache\adv09nt5.dll
+ 2004-08-19 14:09:20 3,775 -c--a-w C:\WINDOWS\system32\dllcache\adv11nt5.dll
+ 2004-08-03 21:39:38 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
+ 2004-08-03 21:07:42 42,368 -c--a-w C:\WINDOWS\system32\dllcache\agp440.sys
+ 2004-08-03 21:07:44 44,928 -c--a-w C:\WINDOWS\system32\dllcache\agpcpq.sys
+ 2001-08-17 19:52:02 12,800 -c--a-w C:\WINDOWS\system32\dllcache\aha154x.sys
+ 2001-08-17 20:07:36 55,168 -c--a-w C:\WINDOWS\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 -c--a-w C:\WINDOWS\system32\dllcache\aic78xx.sys
+ 2001-08-17 18:11:18 27,678 -c--a-w C:\WINDOWS\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 -c--a-w C:\WINDOWS\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 -c--a-w C:\WINDOWS\system32\dllcache\aliide.sys
+ 2004-08-03 21:07:42 42,752 -c--a-w C:\WINDOWS\system32\dllcache\alim1541.sys
+ 2001-08-17 18:11:20 16,969 -c--a-w C:\WINDOWS\system32\dllcache\amb8002.sys
+ 2004-08-03 21:07:44 43,008 -c--a-w C:\WINDOWS\system32\dllcache\amdagp.sys
+ 2006-06-20 22:22:36 41,216 -c--a-w C:\WINDOWS\system32\dllcache\amdk6.sys
+ 2006-06-20 22:22:36 41,600 -c--a-w C:\WINDOWS\system32\dllcache\amdk7.sys
+ 2001-08-17 19:52:04 12,032 -c--a-w C:\WINDOWS\system32\dllcache\amsint.sys
+ 2004-08-03 20:31:20 36,224 -c--a-w C:\WINDOWS\system32\dllcache\an983.sys
+ 2001-08-17 19:47:22 6,272 -c--a-w C:\WINDOWS\system32\dllcache\apmbatt.sys
+ 2006-06-20 22:22:36 60,800 -c--a-w C:\WINDOWS\system32\dllcache\arp1394.sys
+ 2001-08-17 19:52:00 26,496 -c--a-w C:\WINDOWS\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 -c--a-w C:\WINDOWS\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 -c--a-w C:\WINDOWS\system32\dllcache\asc3550.sys
+ 2001-08-17 18:12:34 97,354 -c--a-w C:\WINDOWS\system32\dllcache\aspndis3.sys
+ 2004-08-03 21:59:44 95,360 -c--a-w C:\WINDOWS\system32\dllcache\atapi.sys
+ 2001-08-23 15:46:44 96,128 -c--a-w C:\WINDOWS\system32\dllcache\ati.dll
+ 2001-08-23 14:59:32 77,824 -c--a-w C:\WINDOWS\system32\dllcache\ati.sys
+ 2004-08-03 20:29:30 56,623 -c--a-w C:\WINDOWS\system32\dllcache\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 -c--a-w C:\WINDOWS\system32\dllcache\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 -c--a-w C:\WINDOWS\system32\dllcache\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 -c--a-w C:\WINDOWS\system32\dllcache\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 -c--a-w C:\WINDOWS\system32\dllcache\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 -c--a-w C:\WINDOWS\system32\dllcache\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 -c--a-w C:\WINDOWS\system32\dllcache\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 -c--a-w C:\WINDOWS\system32\dllcache\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 -c--a-w C:\WINDOWS\system32\dllcache\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 -c--a-w C:\WINDOWS\system32\dllcache\ati1xsxx.sys
+ 2004-08-19 14:09:20 229,376 -c--a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll
+ 2004-08-19 14:09:20 377,984 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvaa.dll
+ 2004-08-19 14:09:20 201,728 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
+ 2004-08-19 13:53:40 327,168 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtaa.sys
+ 2004-08-19 13:53:42 701,440 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
+ 2004-08-19 14:09:20 870,784 -c--a-w C:\WINDOWS\system32\dllcache\ati3d1ag.dll
+ 2004-08-19 14:09:20 1,888,992 -c--a-w C:\WINDOWS\system32\dllcache\ati3duag.dll
+ 2001-08-17 18:49:04 46,464 -c--a-w C:\WINDOWS\system32\dllcache\atibt829.sys
+ 2001-08-23 15:46:44 382,592 -c--a-w C:\WINDOWS\system32\dllcache\atidrab.dll
+ 2001-08-23 15:46:44 137,216 -c--a-w C:\WINDOWS\system32\dllcache\atidrae.dll
+ 2001-08-23 15:46:44 268,160 -c--a-w C:\WINDOWS\system32\dllcache\atidvai.dll
+ 2001-08-23 15:47:26 37,376 -c--a-w C:\WINDOWS\system32\dllcache\atievxx.exe
+ 2001-08-23 14:59:36 289,920 -c--a-w C:\WINDOWS\system32\dllcache\atimpab.sys
+ 2001-08-23 14:59:36 75,392 -c--a-w C:\WINDOWS\system32\dllcache\atimpae.sys
+ 2001-08-23 14:59:38 281,728 -c--a-w C:\WINDOWS\system32\dllcache\atimtai.sys
+ 2004-08-03 20:29:28 57,856 -c--a-w C:\WINDOWS\system32\dllcache\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 -c--a-w C:\WINDOWS\system32\dllcache\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 -c--a-w C:\WINDOWS\system32\dllcache\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 -c--a-w C:\WINDOWS\system32\dllcache\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 -c--a-w C:\WINDOWS\system32\dllcache\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 -c--a-w C:\WINDOWS\system32\dllcache\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 -c--a-w C:\WINDOWS\system32\dllcache\atinxsxx.sys
+ 2001-08-17 18:49:36 10,240 -c--a-w C:\WINDOWS\system32\dllcache\atipcxxx.sys
+ 2001-08-23 15:46:44 104,832 -c--a-w C:\WINDOWS\system32\dllcache\atiraged.dll
+ 2001-08-23 14:59:40 70,784 -c--a-w C:\WINDOWS\system32\dllcache\atiragem.sys
+ 2001-08-17 18:49:12 49,920 -c--a-w C:\WINDOWS\system32\dllcache\atirtcap.sys
+ 2001-08-17 18:49:18 26,880 -c--a-w C:\WINDOWS\system32\dllcache\atirtsnd.sys
+ 2001-08-17 18:49:22 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitunep.sys
+ 2001-08-17 18:49:28 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitvsnd.sys
+ 2001-08-17 18:49:38 9,472 -c--a-w C:\WINDOWS\system32\dllcache\ativmdcd.sys
+ 2004-08-19 14:09:20 32,768 -c--a-w C:\WINDOWS\system32\dllcache\ativtmxx.dll
+ 2001-08-17 18:49:44 19,456 -c--a-w C:\WINDOWS\system32\dllcache\ativttxx.sys
+ 2004-08-19 14:09:20 516,768 -c--a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll
+ 2001-08-17 18:49:48 26,624 -c--a-w C:\WINDOWS\system32\dllcache\ativxbar.sys
+ 2001-08-17 18:49:34 23,552 -c--a-w C:\WINDOWS\system32\dllcache\atixbar.sys
+ 2004-08-19 14:09:22 21,183 -c--a-w C:\WINDOWS\system32\dllcache\atv01nt5.dll
+ 2004-08-19 14:09:22 11,359 -c--a-w C:\WINDOWS\system32\dllcache\atv02nt5.dll
+ 2004-08-19 14:09:22 25,471 -c--a-w C:\WINDOWS\system32\dllcache\atv04nt5.dll
+ 2004-08-19 14:09:22 14,143 -c--a-w C:\WINDOWS\system32\dllcache\atv06nt5.dll
+ 2004-08-19 14:09:22 17,279 -c--a-w C:\WINDOWS\system32\dllcache\atv10nt5.dll
+ 2001-08-17 21:59:44 3,072 -c--a-w C:\WINDOWS\system32\dllcache\audstub.sys
- 2003-03-24 14:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\author.dll
+ 2003-03-24 13:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\author.dll
- 2003-03-24 14:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\author.exe
+ 2003-03-24 13:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\author.exe
+ 2004-08-03 21:10:12 38,912 -c--a-w C:\WINDOWS\system32\dllcache\avc.sys
+ 2001-08-17 20:01:12 36,096 -c--a-w C:\WINDOWS\system32\dllcache\avcaudio.sys
+ 2004-08-03 21:10:00 13,696 -c--a-w C:\WINDOWS\system32\dllcache\avcstrm.sys
+ 2001-08-23 15:46:58 87,552 -c--a-w C:\WINDOWS\system32\dllcache\avmcoxp.dll
+ 2001-08-23 15:46:58 144,384 -c--a-w C:\WINDOWS\system32\dllcache\avmenum.dll
+ 2001-08-17 18:13:48 37,568 -c--a-w C:\WINDOWS\system32\dllcache\avmwan.sys
+ 2001-08-17 18:19:16 36,992 -c--a-w C:\WINDOWS\system32\dllcache\aztw2320.sys
+ 2001-08-17 18:13:56 89,952 -c--a-w C:\WINDOWS\system32\dllcache\b1cbase.sys
+ 2001-08-23 15:00:08 97,248 -c--a-w C:\WINDOWS\system32\dllcache\b57xp32.sys
+ 2001-08-23 15:46:44 342,336 -c--a-w C:\WINDOWS\system32\dllcache\banshee.dll
+ 2001-08-17 18:48:28 36,128 -c--a-w C:\WINDOWS\system32\dllcache\banshee.sys
+ 2001-08-17 19:57:54 14,080 -c--a-w C:\WINDOWS\system32\dllcache\battc.sys
+ 2001-08-17 18:11:28 66,557 -c--a-w C:\WINDOWS\system32\dllcache\bcm42u.sys
+ 2001-08-17 18:11:26 54,271 -c--a-w C:\WINDOWS\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 18:11:30 26,568 -c--a-w C:\WINDOWS\system32\dllcache\bcm4e5.sys
+ 2001-08-17 19:28:00 871,388 -c--a-w C:\WINDOWS\system32\dllcache\bcmdm.sys
+ 2004-08-03 21:10:14 11,776 -c--a-w C:\WINDOWS\system32\dllcache\bdasup.sys
+ 2001-08-23 15:46:58 105,472 -c--a-w C:\WINDOWS\system32\dllcache\binlsvc.dll
+ 2001-08-23 15:46:58 19,456 -c--a-w C:\WINDOWS\system32\dllcache\brbidiif.dll
+ 2001-08-23 15:46:58 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brcoinst.dll
+ 2001-08-23 15:46:58 12,800 -c--a-w C:\WINDOWS\system32\dllcache\brevif.dll
+ 2001-08-17 19:12:12 2,944 -c--a-w C:\WINDOWS\system32\dllcache\brfilt.sys
+ 2001-08-17 19:12:22 12,160 -c--a-w C:\WINDOWS\system32\dllcache\brfiltlo.sys
+ 2001-08-17 19:12:24 3,968 -c--a-w C:\WINDOWS\system32\dllcache\brfiltup.sys
+ 2001-08-23 15:46:58 15,360 -c--a-w C:\WINDOWS\system32\dllcache\brmfbidi.dll
+ 2001-08-23 15:46:58 81,920 -c--a-w C:\WINDOWS\system32\dllcache\brmfcwia.dll
+ 2001-08-23 15:46:58 29,696 -c--a-w C:\WINDOWS\system32\dllcache\brmflpt.dll
+ 2001-08-23 15:47:30 32,256 -c--a-w C:\WINDOWS\system32\dllcache\brmfrsmg.exe
+ 2001-08-23 15:46:58 41,472 -c--a-w C:\WINDOWS\system32\dllcache\brmfusb.dll
+ 2001-08-17 19:12:24 3,168 -c--a-w C:\WINDOWS\system32\dllcache\brparimg.sys
+ 2001-08-23 15:01:54 39,808 -c--a-w C:\WINDOWS\system32\dllcache\brparwdm.sys
+ 2001-08-23 15:46:58 5,120 -c--a-w C:\WINDOWS\system32\dllcache\brscnrsm.dll
+ 2001-08-23 15:46:58 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brserif.dll
+ 2001-08-17 19:12:20 60,416 -c--a-w C:\WINDOWS\system32\dllcache\brserwdm.sys
+ 2001-08-17 19:12:20 11,008 -c--a-w C:\WINDOWS\system32\dllcache\brusbmdm.sys
+ 2001-08-17 19:12:22 10,368 -c--a-w C:\WINDOWS\system32\dllcache\brusbscn.sys
+ 2001-08-17 18:11:24 31,529 -c--a-w C:\WINDOWS\system32\dllcache\brzwlan.sys
+ 2004-08-19 16:09:22 20,992 -c--a-w C:\WINDOWS\system32\dllcache\bthci.dll
+ 2004-08-03 21:10:40 17,024 -c--a-w C:\WINDOWS\system32\dllcache\bthenum.sys
+ 2004-08-03 21:10:40 38,016 -c--a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
+ 2004-08-03 20:58:40 100,992 -c--a-w C:\WINDOWS\system32\dllcach
0
Réponse 20 / 61
ganesh
 
yop voila la suite

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4020100D-29D7-4392-AFD5-5AD713FF4B88}]
C:\WINDOWS\system32\nnnnLfcC.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{94E8626F-71DB-4D80-B360-34FE10CAE22F}]
C:\WINDOWS\system32\rqRKEwtU.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 18:45 1052672]
"Steam"="c:\program files\steam\steam.exe" [2008-03-28 13:03 1271032]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 18:09 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"MSMSGS"="C:\Program Files\Messenger\Msmsgs.exe" [2005-08-31 21:27 1658592]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-20 21:59 68856]
"rdaqwovb"="C:\WINDOWS\system32\roforsxu.exe" [2008-04-22 11:34 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 12:05 221184]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-19 12:39 217088]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-30 19:42 16858624 C:\WINDOWS\RTHDCPL.EXE]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-04-21 17:45 1809408]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Docteur Club Internet.lnk - C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe [2008-01-25 14:27:56 217088]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-20 21:58:46 124400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{4020100D-29D7-4392-AFD5-5AD713FF4B88}"= C:\WINDOWS\system32\nnnnLfcC.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnLfcC]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.YV12"= yv12vfw.dll
"msacm.ac3acm"= ac3acm.acm
"msacm.lameacm"= lameACM.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe
"iPodManager"=C:\Program Files\iPod\bin\iPodManager.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-04-21 17:45]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-19 18:10]
S3 mtv1bus;Pimp My Mobile Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\mtv1bus.sys [2006-09-11 07:57]
S3 mtv1mdfl;Pimp My Mobile Modem Filter;C:\WINDOWS\system32\DRIVERS\mtv1mdfl.sys [2006-09-11 08:00]
S3 mtv1mdm;Pimp My Mobile Modem Drivers;C:\WINDOWS\system32\DRIVERS\mtv1mdm.sys [2006-09-11 08:00]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-11 17:41]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{375bbc48-d553-11dc-9a9d-0019dbf703c9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-18 18:13:51 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 16:43:20
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 134

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\DOCUME~1\antoine\LOCALS~1\Temp\mc24.tmp"
.
Temps d'accomplissement: 2008-04-22 16:50:38
ComboFix-quarantined-files.txt 2008-04-22 14:50:33

Pre-Run: 107,419,799,552 octets libres
Post-Run: 107,565,142,016 octets libres

1669 --- E O F --- 2008-04-12 13:26:52

et mon rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:07, on 2008-04-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\roforsxu.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\WINDOWS\system32\nnnnLfcC.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {94E8626F-71DB-4D80-B360-34FE10CAE22F} - C:\WINDOWS\system32\rqRKEwtU.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [rdaqwovb] C:\WINDOWS\system32\roforsxu.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: nnnnLfcC - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0