Sujet Précédent Sujet Suivant

Infection?

ganeshbis Messages postés 48 Statut Membre -  
afideg Messages postés 10970 Statut Contributeur sécurité -
Bonjour,
voila je vient de voir que ma connexion était lente et je voudrais savoir si par hasard un petit virus ne se serait pas cacher!! =p je vous met mon rapport hijackthis en espérant qu il n y ais pas trop de travaille dessus =p merci d avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59, on 2008-10-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\program files\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Razer\Habu\razertra.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Entraînement Cerebral Spécial Kids - Planificateur] "C:\Program Files\Micro Application\Entraînement Cérébral Spécial Kids\data\Launcher.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [rdaqwovb] C:\WINDOWS\system32\roforsxu.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_05) -
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.5.0_07) -
O20 - Winlogon Notify: nnnnLfcC - C:\WINDOWS\
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

25 réponses

Précédent
  • 1
  • 2
Réponse 21 / 25
ganeshbis Messages postés 48 Statut Membre 1
 
bonjour,

voila j ai fait un dernier rapport combofix

ComboFix 08-10-04.07 - antoine 2008-10-10 11:14:50.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.571 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\antoine\Bureau\ComboFix.exe

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-09-10 au 2008-10-10 ))))))))))))))))))))))))))))))))))))
.

2008-10-10 10:53 . 2001-08-28 16:00 218,112 --a--c--- C:\WINDOWS\system32\dllcache\OLD436.tmp
2008-10-10 10:52 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\OLD2FD.tmp
2008-10-10 10:51 . 2007-02-28 18:02 2,138,112 --a--c--- C:\WINDOWS\system32\dllcache\OLDAB.tmp
2008-10-10 10:50 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\OLD5A.tmp
2008-10-10 10:49 . 2008-10-10 11:05 <REP> d-------- C:\WINDOWS\LastGood
2008-10-10 10:49 . 2004-08-19 18:09 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLD17.tmp
2008-10-10 10:49 . 2004-08-19 18:09 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD14.tmp
2008-10-10 10:49 . 2003-03-24 15:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLDD.tmp
2008-10-10 10:49 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD11.tmp
2008-10-05 21:55 . 2008-10-05 21:55 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-10-05 19:39 . 2008-10-05 19:39 <REP> d-------- C:\Program Files\Sun
2008-10-05 19:35 . 2008-10-05 19:35 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-05 19:35 . 2008-10-05 19:35 <REP> d-------- C:\Documents and Settings\antoine\Application Data\Malwarebytes
2008-10-05 19:35 . 2008-10-05 19:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-05 19:35 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-05 19:35 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-05 19:33 . 2008-10-05 21:39 <REP> d-------- C:\Program Files\NOS
2008-10-05 19:33 . 2008-10-05 21:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-09-30 11:47 . 2008-09-30 11:47 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\TuneUp Software
2008-09-30 11:47 . 2008-09-30 11:47 9,728 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-09-30 10:48 . 2008-09-30 10:48 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-09-30 10:05 . 2008-09-30 10:41 <REP> d-------- C:\Program Files\Simulateur de conduite 3D
2008-09-25 10:48 . 2008-05-02 22:46 139,792 -ra------ C:\WINDOWS\system32\nv3dcht.chm
2008-09-25 10:48 . 2008-05-02 22:46 59,261 -ra------ C:\WINDOWS\system32\nvmobcht.chm
2008-09-25 10:46 . 2008-09-25 10:52 <REP> d-------- C:\WINDOWS\NV35643568.TMP
2008-09-24 16:57 . 2008-03-28 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-09-24 15:57 . 2008-09-25 10:48 <REP> d-------- C:\WINDOWS\nvidia icons
2008-09-24 15:57 . 2008-05-02 22:46 182,347 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-09-24 15:56 . 2008-09-24 16:06 <REP> d-------- C:\WINDOWS\NV30883092.TMP
2008-09-24 15:34 . 2008-10-10 10:49 266,654 --a------ C:\WINDOWS\system32\nvapps.xml
2008-09-24 15:33 . 2008-09-25 10:52 <REP> d-------- C:\WINDOWS\nview
2008-09-24 15:33 . 2008-05-02 22:46 442,368 -ra------ C:\WINDOWS\system32\nvuninst.exe
2008-09-24 15:33 . 2008-05-02 22:46 442,368 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-09-24 15:33 . 2008-05-02 22:46 18,070 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-09-23 13:37 . 2008-09-23 13:37 81 --a------ C:\WINDOWS\Times New Roman
2008-09-23 13:36 . 2008-09-23 13:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-09-11 16:25 . 2008-09-11 16:25 10 --a------ C:\WINDOWS\system32\instime_122.dse
2008-09-11 16:25 . 2008-09-30 11:49 10 --a------ C:\WINDOWS\system32\cxtime_122.dse

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-10 09:11 --------- d-----w C:\Program Files\eMule
2008-10-10 09:11 --------- d-----w C:\Documents and Settings\antoine\Application Data\Azureus
2008-10-10 09:06 --------- d-----w C:\Program Files\Steam
2008-10-10 09:05 --------- d-----w C:\Program Files\SpeedFan
2008-10-09 18:42 --------- d-----w C:\Documents and Settings\antoine\Application Data\teamspeak2
2008-10-09 10:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-06 17:22 --------- d-----w C:\Program Files\Micro Application
2008-10-06 17:16 --------- d-----w C:\Program Files\Club-Internet
2008-10-05 17:38 --------- d-----w C:\Program Files\Java
2008-10-05 12:55 --------- d-----w C:\Program Files\a-squared Free
2008-10-05 12:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-24 14:57 --------- d-----w C:\Program Files\ATI Technologies
2008-09-23 11:36 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-09-16 07:42 --------- d-----w C:\Program Files\ma-config.com
2008-09-16 07:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-09-10 01:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-09 13:14 --------- d-----w C:\Documents and Settings\antoine\Application Data\SPORE
2008-09-09 13:04 --------- d-----w C:\Program Files\Electronic Arts
2008-09-09 13:03 1,546 ----a-w C:\WINDOWS\system32\ealregsnapshot1.reg
2008-09-09 09:23 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-09-08 21:27 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-03 14:35 --------- d-----w C:\Program Files\CamStudio
2008-09-03 09:18 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2008-09-03 09:17 --------- d-----w C:\Program Files\AVSMedia
2008-08-31 11:08 --------- d-----w C:\Program Files\Cool All Video Converter Platinum
2008-08-31 11:07 --------- d-----w C:\Program Files\AVS4YOU
2008-08-31 10:55 --------- d-----w C:\Program Files\XP Codec Pack
2008-08-31 10:31 --------- d-----w C:\Documents and Settings\antoine\Application Data\AVS4YOU
2008-08-31 10:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-08-31 10:29 --------- d-----w C:\Program Files\Common Files
2008-08-30 14:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-01-26 14:11 22,328 ----a-w C:\Documents and Settings\antoine\Application Data\PnkBstrK.sys
.

------- Sigcheck -------

2006-06-21 00:11 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\system32\spoolsv.exe
.
((((((((((((((((((((((((((((( snapshot@2008-10-05_19.28.13.62 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-12 13:06:42 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A90000000001}\SC_Reader.exe
+ 2006-06-20 22:04:44 1,852,928 ----a-w C:\WINDOWS\LastGood\apppatch\acgenral.dll
+ 2006-06-20 22:04:56 62,464 ----a-w C:\WINDOWS\LastGood\system32\authz.dll
+ 2006-06-20 22:11:57 225,792 ----a-w C:\WINDOWS\LastGood\system32\catsrv.dll
+ 2006-06-20 22:11:58 625,152 ----a-w C:\WINDOWS\LastGood\system32\catsrvut.dll
+ 2004-08-03 21:10:08 53,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\1394bus.sys
+ 2001-08-17 20:06:48 11,264 ----a-w C:\WINDOWS\LastGood\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:28:00 762,780 ----a-w C:\WINDOWS\LastGood\system32\dllcache\3cwmcru.sys
+ 2001-08-23 15:46:44 689,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 ----a-w C:\WINDOWS\LastGood\system32\dllcache\3dfxvsm.sys
+ 2004-08-03 21:00:04 12,288 ----a-w C:\WINDOWS\LastGood\system32\dllcache\4mmdat.sys
+ 2004-08-03 21:10:12 48,128 ----a-w C:\WINDOWS\LastGood\system32\dllcache\61883.sys
+ 2001-08-23 15:46:44 38,400 ----a-w C:\WINDOWS\LastGood\system32\dllcache\8514a.dll
+ 2001-08-23 15:46:58 98,304 ----a-w C:\WINDOWS\LastGood\system32\dllcache\a3d.dll
+ 2001-08-23 15:46:58 462,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\a3dapi.dll
+ 2001-08-17 19:52:00 23,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\abp480n5.sys
+ 2004-08-03 20:32:22 231,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97sis.sys
+ 2004-08-03 20:32:32 84,480 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97via.sys
+ 2001-08-23 15:46:58 61,952 ----a-w C:\WINDOWS\LastGood\system32\dllcache\acerscad.dll
+ 2001-08-17 19:53:02 7,424 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8820.sys
+ 2001-08-17 18:19:14 747,392 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8830.sys
+ 2004-08-19 16:09:20 29,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admexs.dll
+ 2003-03-24 13:52:04 20,540 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 16,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admin.exe
+ 2004-08-03 20:32:24 10,880 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admjoy.sys
+ 2004-08-19 16:09:20 43,520 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admwprox.dll
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admxprox.dll
+ 2001-08-17 18:11:16 46,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adpu160m.sys
+ 2001-08-28 14:00:00 50,176 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adrot.dll
+ 2004-08-19 16:09:20 290,816 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adsiis51.dll
+ 2004-08-19 14:09:20 4,255 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv01nt5.dll
+ 2004-08-19 14:09:20 3,967 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv02nt5.dll
+ 2004-08-19 14:09:20 3,615 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv05nt5.dll
+ 2004-08-19 14:09:20 3,647 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv07nt5.dll
+ 2004-08-19 14:09:20 3,135 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv08nt5.dll
+ 2004-08-19 14:09:20 3,711 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv09nt5.dll
+ 2004-08-19 14:09:20 3,775 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv11nt5.dll
+ 2004-08-03 21:07:42 42,368 ----a-w C:\WINDOWS\LastGood\system32\dllcache\agp440.sys
+ 2004-08-03 21:07:44 44,928 ----a-w C:\WINDOWS\LastGood\system32\dllcache\agpcpq.sys
+ 2001-08-17 19:52:02 12,800 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aha154x.sys
+ 2001-08-17 20:07:36 55,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aic78xx.sys
+ 2001-08-17 18:11:18 27,678 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aliide.sys
+ 2004-08-03 21:07:42 42,752 ----a-w C:\WINDOWS\LastGood\system32\dllcache\alim1541.sys
+ 2001-08-17 18:11:20 16,969 ----a-w C:\WINDOWS\LastGood\system32\dllcache\amb8002.sys
+ 2004-08-03 21:07:44 43,008 ----a-w C:\WINDOWS\LastGood\system32\dllcache\amdagp.sys
+ 2001-08-17 19:52:04 12,032 ----a-w C:\WINDOWS\LastGood\system32\dllcache\amsint.sys
+ 2004-08-03 20:31:20 36,224 ----a-w C:\WINDOWS\LastGood\system32\dllcache\an983.sys
+ 2001-08-17 19:47:22 6,272 ----a-w C:\WINDOWS\LastGood\system32\dllcache\apmbatt.sys
+ 2004-08-19 16:09:20 110,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\appconf.dll
+ 2004-08-19 16:09:20 334,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aqueue.dll
+ 2001-08-17 19:52:00 26,496 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asc3550.sys
+ 2004-08-19 16:09:20 377,344 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asp51.dll
+ 2001-08-17 18:12:34 97,354 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aspndis3.sys
+ 2001-08-28 14:00:00 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aspperf.dll
+ 2001-08-28 14:00:00 29,184 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asptxn.dll
+ 2001-08-23 15:46:44 96,128 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati.dll
+ 2001-08-23 14:59:32 77,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati.sys
+ 2004-08-03 20:29:30 56,623 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1xsxx.sys
+ 2004-08-19 14:09:20 377,984 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2dvaa.dll
+ 2004-08-19 13:53:40 327,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2mtaa.sys
+ 2004-08-19 14:09:20 870,784 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati3d1ag.dll
+ 2001-08-17 18:49:04 46,464 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atibt829.sys
+ 2001-08-23 15:46:44 382,592 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atidrab.dll
+ 2001-08-23 15:46:44 137,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atidrae.dll
+ 2001-08-23 15:46:44 268,160 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atidvai.dll
+ 2001-08-23 15:47:26 37,376 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atievxx.exe
+ 2001-08-23 14:59:36 289,920 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atimpab.sys
+ 2001-08-23 14:59:36 75,392 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atimpae.sys
+ 2001-08-23 14:59:38 281,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atimtai.sys
+ 2004-08-03 20:29:28 57,856 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinxsxx.sys
+ 2001-08-17 18:49:36 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atipcxxx.sys
+ 2001-08-23 15:46:44 104,832 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atiraged.dll
+ 2001-08-23 14:59:40 70,784 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atiragem.sys
+ 2001-08-17 18:49:12 49,920 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atirtcap.sys
+ 2001-08-17 18:49:18 26,880 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atirtsnd.sys
+ 2001-08-17 18:49:22 17,152 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atitunep.sys
+ 2001-08-17 18:49:28 17,152 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atitvsnd.sys
+ 2001-08-17 18:49:38 9,472 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativmdcd.sys
+ 2004-08-19 14:09:20 32,768 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativtmxx.dll
+ 2001-08-17 18:49:44 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativttxx.sys
+ 2001-08-17 18:49:48 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativxbar.sys
+ 2001-08-17 18:49:34 23,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atixbar.sys
+ 2001-08-28 14:00:00 11,264 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atrace.dll
+ 2004-08-19 14:09:22 21,183 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv01nt5.dll
+ 2004-08-19 14:09:22 11,359 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv02nt5.dll
+ 2004-08-19 14:09:22 25,471 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv04nt5.dll
+ 2004-08-19 14:09:22 14,143 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv06nt5.dll
+ 2004-08-19 14:09:22 17,279 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv10nt5.dll
+ 2001-08-28 14:00:00 9,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\authfilt.dll
+ 2003-03-24 13:52:04 20,540 ----a-w C:\WINDOWS\LastGood\system32\dllcache\author.dll
+ 2003-03-24 13:52:04 16,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\author.exe
+ 2004-08-03 21:10:12 38,912 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avc.sys
+ 2001-08-17 20:01:12 36,096 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avcaudio.sys
+ 2004-08-03 21:10:00 13,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avcstrm.sys
+ 2001-08-23 15:46:58 87,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avmcoxp.dll
+ 2001-08-23 15:46:58 144,384 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avmenum.dll
+ 2001-08-17 18:13:48 37,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avmwan.sys
+ 2001-08-17 18:19:16 36,992 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aztw2320.sys
+ 2001-08-17 18:13:56 89,952 ----a-w C:\WINDOWS\LastGood\system32\dllcache\b1cbase.sys
+ 2001-08-23 15:00:08 97,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\b57xp32.sys
+ 2001-08-23 15:46:44 342,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\banshee.dll
+ 2001-08-17 18:48:28 36,128 ----a-w C:\WINDOWS\LastGood\system32\dllcache\banshee.sys
+ 2001-08-17 19:57:54 14,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\battc.sys
+ 2001-08-17 18:11:28 66,557 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcm42u.sys
+ 2001-08-17 18:11:26 54,271 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 18:11:30 26,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcm4e5.sys
+ 2001-08-17 19:28:00 871,388 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcmdm.sys
+ 2004-08-03 21:10:14 11,776 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bdasup.sys
+ 2001-08-23 15:46:58 105,472 ----a-w C:\WINDOWS\LastGood\system32\dllcache\binlsvc.dll
+ 2001-08-23 15:46:58 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brbidiif.dll
+ 2001-08-23 15:46:58 9,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brcoinst.dll
+ 2001-08-23 15:46:58 12,800 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brevif.dll
+ 2001-08-17 19:12:12 2,944 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brfilt.sys
+ 2001-08-17 19:12:22 12,160 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brfiltlo.sys
+ 2001-08-17 19:12:24 3,968 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brfiltup.sys
+ 2001-08-23 15:46:58 15,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfbidi.dll
+ 2001-08-23 15:46:58 81,920 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfcwia.dll
+ 2001-08-23 15:46:58 29,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmflpt.dll
+ 2001-08-23 15:47:30 32,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfrsmg.exe
+ 2001-08-23 15:46:58 41,472 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfusb.dll
+ 2001-08-28 14:00:00 45,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\browscap.dll
+ 2001-08-17 19:12:24 3,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brparimg.sys
+ 2001-08-23 15:01:54 39,808 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brparwdm.sys
+ 2001-08-23 15:46:58 5,120 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brscnrsm.dll
+ 2001-08-23 15:46:58 9,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brserif.dll
+ 2001-08-17 19:12:20 60,416 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brserwdm.sys
+ 2001-08-17 19:12:20 11,008 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brusbmdm.sys
+ 2001-08-17 19:12:22 10,368 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brusbscn.sys
+ 2001-08-17 18:11:24 31,529 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brzwlan.sys
+ 2004-08-03 21:10:40 17,024 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthenum.sys
+ 2004-08-03 21:10:40 38,016 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthmodem.sys
+ 2004-08-03 20:58:40 100,992 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthpan.sys
+ 2004-08-03 21:10:38 35,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthprint.sys
+ 2004-08-03 21:10:36 18,944 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthusb.sys
+ 2001-08-23 15:02:02 14,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bulltlp3.sys
+ 2001-08-28 14:00:00 218,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\c_g18030.dll
+ 2001-08-28 14:00:00 6,656 ----a-w C:\WINDOWS\LastGood\system32\dllcache\c_is2022.dll
+ 2001-08-28 14:00:00 10,752 ----a-w C:\WINDOWS\LastGood\system32\dllcache\c_iscii.dll
+ 2001-08-17 20:05:48 314,752 ----a-w C:\WINDOWS\LastGood\system32\dllcache\camdro21.sys
+ 2001-08-17 20:04:46 223,232 ----a-w C:\WINDOWS\LastGood\system32\dllcache\camdrv21.sys
+ 2001-08-17 20:04:48 171,264 ----a-w C:\WINDOWS\LastGood\system32\dllcache\camdrv30.sys
+ 2001-08-23 15:47:00 74,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\camexo20.dll
+ 2001-08-23 15:47:00 236,032 ----a-w C:\WINDOWS\LastGood\system32\dllcache\camext20.dll
+ 2001-08-23 15:47:00 119,296 ----a-w C:\WINDOWS\LastGood\system32\dllcache\camext30.dll
+ 2001-08-28 14:00:00 54,528 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cap7146.sys
+ 2001-08-17 18:12:16 37,916 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cb102.sys
+ 2001-08-17 18:12:42 39,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cb325.sys
+ 2001-08-17 18:13:14 46,108 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cben5.sys
+ 2003-03-24 13:52:04 188,480 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cfgwiz.exe
+ 2004-08-19 16:09:22 47,104 ----a-w C:\WINDOWS\LastGood\system32\dllcache\coadmin.dll
+ 2001-08-17 18:13:48 164,923 ----a-w C:\WINDOWS\LastGood\system32\dllcache\diapi2.sys
+ 2001-08-23 15:47:02 32,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\diapi2NT.dll
+ 2001-08-23 15:46:58 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_adsiisex.dll
+ 2001-08-23 15:46:58 45,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_aqadmin.dll
+ 2004-05-12 22:39:48 184,435 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4amsft.dll
+ 2003-03-24 13:52:04 82,035 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4anscp.dll
+ 2003-03-24 13:52:04 147,513 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4apws.dll
+ 2003-03-24 13:52:04 49,210 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4areg.dll
+ 2003-03-24 13:52:04 102,509 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4atxt.dll
+ 2003-03-24 13:52:04 41,020 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avnb.dll
+ 2003-03-24 13:52:04 32,826 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avss.dll
+ 2003-03-24 13:52:04 49,212 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awebs.dll
+ 2004-05-12 22:39:48 876,653 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awel.dll
+ 2002-05-14 11:08:54 14,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98sadm.exe
+ 2002-05-14 11:08:54 109,328 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98swin.exe
+ 2003-03-24 13:52:04 188,494 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpcount.exe
+ 2003-03-24 13:52:04 20,541 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpexedll.dll
+ 2004-05-12 22:39:48 598,071 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmc.dll
+ 2003-04-14 18:29:34 217,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmcsat.dll
+ 2003-03-24 13:52:04 20,538 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpremadm.exe
+ 2001-08-28 14:00:00 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpsapi2.dll
+ 2004-08-19 16:09:28 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisext51.dll
+ 2004-08-19 16:09:28 64,512 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iismap.dll
+ 2001-08-28 14:00:00 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisreset.exe
+ 2001-08-28 14:00:00 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstap.dll
+ 2004-08-19 16:09:56 31,232 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstas.exe
+ 2004-08-19 16:09:28 133,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrtl.dll
+ 2001-08-28 14:00:00 173,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisui.dll
+ 2004-08-19 16:09:30 842,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.dll
+ 2001-08-28 14:00:00 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.exe
+ 2001-08-28 14:00:00 19,968 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetsloc.dll
+ 2004-08-19 16:09:30 13,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\infoadmn.dll
+ 2004-08-19 16:09:32 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\isatq.dll
+ 2007-02-28 16:02:21 2,138,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ntkrnlmp.exe
+ 2001-08-23 15:46:46 66,048 ----a-w C:\WINDOWS\LastGood\system32\dllcache\s3legacy.dll
+ 2003-03-24 13:52:04 20,536 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.dll
+ 2003-03-24 13:52:04 16,437 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.exe
+ 2004-08-19 16:09:42 189,440 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpadm.dll
+ 2004-08-19 16:09:44 2,134,528 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpsnap.dll
+ 2004-08-19 16:09:46 8,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\staxmem.dll
+ 2003-03-24 13:52:04 32,827 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tcptest.exe
+ 2003-04-14 18:29:34 16,384 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tcptsat.dll
+ 2001-08-28 14:00:00 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\wamregps.dll
+ 2006-06-20 22:10:21 155,136 ----a-w C:\WINDOWS\LastGood\system32\itircl.dll
+ 2006-06-20 22:10:22 137,216 ----a-w C:\WINDOWS\LastGood\system32\itss.dll
+ 2006-06-20 22:12:06 1,285,632 ----a-w C:\WINDOWS\LastGood\system32\ole32.dll
+ 2006-06-20 22:11:31 124,928 ----a-w C:\WINDOWS\LastGood\system32\umpnpmgr.dll
- 2008-02-22 00:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-06-09 23:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2008-02-22 00:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-09 23:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-06-10 00:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
"MSMSGS"="C:\Program Files\Messenger\Msmsgs.exe" [2005-08-31 1658592]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-20 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 221184]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-19 217088]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"Habu"="C:\Program Files\Razer\Habu\razerhid.exe" [2006-08-23 159744]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 13529088]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-30 C:\WINDOWS\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2008-05-02 C:\WINDOWS\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.YV12"= yv12vfw.dll
"VIDC.FFDS"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
R3 HabuFltr;Habu Mouse;C:\WINDOWS\system32\drivers\habu.sys [2006-08-14 23552]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 mtv1bus;Pimp My Mobile Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\mtv1bus.sys [2006-09-11 63216]
S3 mtv1mdfl;Pimp My Mobile Modem Filter;C:\WINDOWS\system32\DRIVERS\mtv1mdfl.sys [2006-09-11 8368]
S3 mtv1mdm;Pimp My Mobile Modem Drivers;C:\WINDOWS\system32\DRIVERS\mtv1mdm.sys [2006-09-11 97520]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-11 306432]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{375bbc48-d553-11dc-9a9d-0019dbf703c9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cc55d59-7b26-11dd-9c47-0019dbf703c9}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Tâches planifiées'

2008-09-26 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 14:31]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\v54aube6.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/firefox
FF -: plugin - C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\v54aube6.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-10 11:16:57
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-10-10 11:18:06
ComboFix-quarantined-files.txt 2008-10-10 09:17:58
ComboFix2.txt 2008-10-09 08:30:20
ComboFix3.txt 2008-10-06 11:40:51
ComboFix4.txt 2008-10-05 17:28:50
ComboFix5.txt 2008-10-10 09:14:36

Avant-CF: 110 057 418 752 octets libres
Après-CF: 110,049,234,944 octets libres

445 --- E O F --- 2008-09-10 01:04:49

apparemment le pc se comporte bien je n est plus de monter de ping intempestive et ma connexion fonctionne beaucoup mieux! Un grand merci a toi et a toutes l équipe du forum!! =) merci encore
-1
Réponse 22 / 25
afideg Messages postés 10970 Statut Contributeur sécurité 602
 
Re,

Merci à toi.

N'oublie pas d'installer KERIO.

Et supprime ces fichiers inutiles:
C:\WINDOWS\system32\dllcache\OLD436.­tmp
C:\WINDOWS\system32\dllcache\OLD2FD.­tmp
C:\WINDOWS\system32\dllcache\OLDAB­.tmp
C:\WINDOWS\system32\dllcache\OLD5A.t­mp
C:\WINDOWS\system32\dllcache\OLD17.tmp
C:\WINDOWS\system32\dllcache\OLD14.tmp
C:\WINDOWS\system32\dllcache\OLDD.tmp
C:\WINDOWS\system32\dllcache\OLD11.tmp
Tiens, voici un petit outil facile et rapide (que tu lances tous les jours à la fin de ta session de travail):
Télécharge : ATF-Cleaner < http://www.atribune.org/ccount/click.php?id=1 >
Avec son tutoriel < http://site-naheulbeuk.com/ >

Supprime ComboFix comme ceci:
Supprime le dossier Qoobox (il est à la racine de ton disque dur c:\)
Supprime l'application téléchargée sur le bureau (ComboFix.exe)
Fais Démarrer/Exécuter copie-colle la commande suivante puis OK :
"%userprofile%\Bureau\combofix.exe" /u
Ca désinstallera ComboFix, supprimera les points de restauration système (qui auraient été infectés) et remettra les options de sécurité de Windows par défaut.

Je pense qu'avec ANTIVIR (avec le guard actif), KERIO (activé impérativement) et de temps en temps lancer MBAM, tes logiciels comme Spybot S&D et a²-Squared soient devenus superflus.
Surtout le résident TeaTimer de Spybot S&D!
Idem éventuellement pour Ad-Aware 2007 !

Et si tu as une clé USB, tiens compte de ces recommandations:
/!\ Ne double clique surtout pas sur les icônes pour les ouvrir, sous peine de relancer l'infection.
Il est souhaitable de prendre l'habitude de faire "clic-droit > ouvrir"./!\
Citation (merci Malekal_morte):
1°- QUESTION: si j'ai bien compris, quand je vais sur un PC qui me semble être à risques, il suffit de ne pas double-cliquer sur les dossiers ou sur ma clé pour éviter d'activer ce virus ?
2°- RÉPONSE: Non, ce serait trop facile.
- Si tu vas avec ta clef USB sur un PC pourri, c'est fini, elle est infectée.
- En revanche, si tu vas sur ton PC à toi qui est propre avec ta clef USB infectée et que tu n'ouvres pas en double-cliquant (ou s'il n'y a pas l'ouverture automatique), alors le PC ne sera pas infecté.
MAIS la clef restera infectée par contre. ==> Tout est expliqué ici: < https://forum.malekal.com/viewtopic.php?f=45&t=5544 >
3°- COMMENTAIRES ET RECOMMANDATIONS:
a)- Je pense que les PC à l'école, ou à la bibliothèque du quartier, là où vous avez le droit d'y connecter vos clefs USB, sont infectés.
b)- Si tu veux te protéger, tu crées un fichier "autorun.inf sur ta clef USB" comme expliqué dans la page que je t'ai donnée.
Ta clef ne pourra pas être infectée.

Content d'avoir pu t'aider.
Bonne chance
Al.
-1
Réponse 23 / 25
ganeshbis Messages postés 48 Statut Membre 1
 
bonjour,

alors voila ça y est j ai tous installer j ai tous fait bien!! =) je te remercie encore ainsi que toute l'équipe du forum. bonne continuation a toi =)
-1
Réponse 24 / 25
ganeshbis Messages postés 48 Statut Membre 1
 
re

c bon tous fonctionne =) encore merci
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 25
ganeshbis Messages postés 48 Statut Membre 1
 
bonjour,

alors voila depuis que mon pc est désinfecter eh bien certes cela marche mieux mais mon jeu auquel je joue counter strike eh bien mon ping et super élever alors qu il n y a plus aucun virus et quant j active sunbelt il bloque counter strike alors je suis obliger de le désactiver a chaque fois pour pouvoir jouer jusqu'à ce que mon ping devienne élever et que je me fasse kicker du serv. ^^ voila en espérant qu il y ai une solution =p merci d avance
-1

Discussions similaires

infection
gladiator1952 -
gladiator1952 -

6 réponses
Infection pc
Nanie24 -
Nanie24 -

22 réponses
[pnkbstra]infection
swazolie -
billou631 -

9 réponses
infection virus
Utilisateur anonyme -
Utilisateur anonyme -

3 réponses
Infection ad.doubleclick.net
93 -
93 -

66 réponses