Log RSIT,pc ne démarre pas du premier coup
Fermé
Monsieurpatrick
Messages postés
104
Statut
Membre
-
toptitbal Messages postés 5341 Date d'inscription Statut Contributeur sécurité Dernière intervention -
toptitbal Messages postés 5341 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour, j'ai posté un log hijackthis qui est resté sans réponse, j'espère avoir plus de chances avec le log RSIT et que vous pourrez m'aider. Mon pc ne démarre plus qu'au bout de plusieurs tentatives et se comporte bizarrement: poste de travail ou autres applications qui ne répondent pas. Merci d'avance
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-08-28 12:44:40
Microsoft Windows XP Professionnel Service Pack 3
System drive D: has 3 GB (8%) free of 35 GB
Total RAM: 3071 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:57, on 28/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
D:\Program Files\Nero\Nero 7\InCD\InCD.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Glary Utilities\memdefrag.exe
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Avira\AntiVir Desktop\avscan.exe
D:\Program Files\eMule\emule.exe
F:\HiJackThis.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Java\jre6\bin\java.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Documents and Settings\Administrateur\Bureau\RSIT.exe
D:\Program Files\trend micro\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [LGODDFU] "D:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "D:\WINDOWS\is-DKCOI.exe" /REG
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [Glary Memory Optimizer] "D:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - F:\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
--
End of file - 9440 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GlaryInitialize.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-492894223-1801674531-500Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-492894223-1801674531-500UA.job
D:\WINDOWS\tasks\JkDefrag.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2008-06-30 52168]
"LGODDFU"=D:\Program Files\lg_fwupdate\fwupdate.exe [2006-02-20 245760]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NeroFilterCheck"=D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-08-03 419088]
"InnoSetupRegFile.0000000001"=D:\WINDOWS\is-DKCOI.exe [2009-08-28 673280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-01-21 5724184]
"ccleaner"=D:\Program Files\CCleaner\CCleaner.exe [2009-08-26 1681208]
"Glary Memory Optimizer"=D:\Program Files\Glary Utilities\memdefrag.exe [2009-03-23 89600]
"Google Update"=D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-30 133104]
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=1
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoSMHelp"=1
"NoStartMenuMFUprogramsList"=1
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoViewContextMenu"=0
"NoWinKeys"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"HideRunAsVerb"=
"NoDriveTypeAutoRun"=
"NoInstrumentation"=
"NoResolveTrack"=
"NoStartMenuMFUprogramsList"=
"NoDriveAutoRun"=
"NoDrives"=
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Program Files\ma-config.com\maconfservice.exe"="D:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Assassin's creed\AssassinsCreed_Dx9.exe"="C:\Assassin's creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Assassin's creed\AssassinsCreed_Dx10.exe"="C:\Assassin's creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Assassin's creed\AssassinsCreed_Launcher.exe"="C:\Assassin's creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Overlord\Overlord2.exe"="C:\Overlord\Overlord2.exe:*:Enabled:Overlord II"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
======List of files/folders created in the last 3 months======
2009-08-28 12:44:43 ----D---- D:\Program Files\trend micro
2009-08-28 12:44:40 ----D---- D:\rsit
2009-08-28 12:38:04 ----A---- D:\WINDOWS\is-DKCOI.exe
2009-08-28 11:06:23 ----D---- D:\Program Files\Codemasters
2009-08-28 10:45:56 ----D---- D:\Documents and Settings\Administrateur\Application Data\Avira
2009-08-27 19:04:25 ----D---- D:\Documents and Settings\All Users\Application Data\Avira
2009-08-27 19:04:03 ----D---- D:\Program Files\Avira
2009-08-27 17:34:09 ----D---- D:\Program Files\iPod
2009-08-26 20:01:41 ----D---- D:\Program Files\Bullfrog
2009-08-26 20:01:27 ----A---- D:\WINDOWS\unin040c.exe
2009-08-26 19:17:38 ----A---- D:\WINDOWS\system32\javaws.exe
2009-08-26 19:17:38 ----A---- D:\WINDOWS\system32\javaw.exe
2009-08-26 19:17:38 ----A---- D:\WINDOWS\system32\java.exe
2009-07-03 18:04:49 ----D---- D:\Program Files\Fichiers communs\DirectX
2009-07-02 08:18:28 ----A---- D:\WINDOWS\lgfwup.txt
2009-07-01 01:29:29 ----D---- D:\Program Files\Thrustmaster
2009-07-01 01:29:29 ----A---- D:\WINDOWS\system32\tmffbdrv.dll
2009-07-01 01:29:29 ----A---- D:\WINDOWS\system32\tmffbcpl.dll
2009-06-30 09:56:33 ----D---- D:\Documents and Settings\Administrateur\Application Data\Crayon Physics Deluxe
2009-06-24 18:56:18 ----D---- D:\Documents and Settings\All Users\Application Data\LightScribe
2009-06-24 18:56:18 ----D---- D:\Documents and Settings\Administrateur\Application Data\Ahead
2009-06-24 18:50:57 ----A---- D:\WINDOWS\NeroDigital.ini
2009-06-24 18:47:05 ----D---- D:\Program Files\Fichiers communs\LightScribe
2009-06-24 18:46:28 ----D---- D:\Documents and Settings\All Users\Application Data\Ahead
2009-06-24 18:43:50 ----D---- D:\Program Files\Fichiers communs\Ahead
2009-06-22 01:37:14 ----D---- D:\Documents and Settings\Administrateur\Application Data\AccurateRip
2009-06-22 01:37:14 ----A---- D:\WINDOWS\system32\SpoonUninstall.exe
2009-06-22 01:37:11 ----D---- D:\Program Files\Illustrate
2009-06-19 09:51:01 ----D---- D:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2009-06-18 13:51:17 ----D---- D:\Program Files\iTunes
2009-06-15 09:33:01 ----D---- D:\Documents and Settings\All Users\Application Data\Trymedia
2009-06-15 09:32:43 ----D---- D:\Program Files\BFG
2009-06-15 09:09:51 ----HDC---- D:\WINDOWS\$NtUninstallKB961501$
2009-06-15 09:09:47 ----HDC---- D:\WINDOWS\$NtUninstallKB969898$
2009-06-15 09:08:06 ----HDC---- D:\WINDOWS\$NtUninstallKB970238$
2009-06-15 09:08:01 ----HDC---- D:\WINDOWS\$NtUninstallKB968537$
2009-06-05 17:41:18 ----D---- D:\Documents and Settings\All Users\Application Data\PopCap Games
2009-06-04 11:25:11 ----D---- D:\Program Files\Smart Projects
2009-06-03 18:09:12 ----D---- D:\Documents and Settings\Administrateur\Application Data\ProtectDisc
2009-06-03 18:08:29 ----D---- D:\Documents and Settings\All Users\Application Data\Synetic
2009-06-03 18:06:35 ----D---- D:\Program Files\ProtectDisc Driver Installer
2009-06-01 23:01:04 ----SHD---- D:\WINDOWS\ftpcache
2009-06-01 22:55:56 ----D---- D:\Program Files\Activision
======List of files/folders modified in the last 3 months======
2009-08-28 12:44:43 ----RD---- D:\Program Files
2009-08-28 12:44:41 ----D---- D:\WINDOWS\Prefetch
2009-08-28 12:38:06 ----SD---- D:\WINDOWS\Tasks
2009-08-28 12:38:04 ----D---- D:\WINDOWS
2009-08-28 12:38:04 ----D---- D:\Program Files\Glary Utilities
2009-08-28 12:06:10 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2009-08-28 12:06:08 ----D---- D:\WINDOWS\system32\drivers
2009-08-28 11:57:54 ----D---- D:\Program Files\Mozilla Firefox
2009-08-28 11:52:02 ----D---- D:\WINDOWS\temp
2009-08-28 11:51:44 ----D---- D:\WINDOWS\system32\CatRoot2
2009-08-28 11:51:44 ----D---- D:\Program Files\lg_fwupdate
2009-08-28 11:51:41 ----A---- D:\WINDOWS\lgfwup.ini
2009-08-28 11:11:34 ----SHD---- D:\WINDOWS\Installer
2009-08-28 11:06:20 ----HD---- D:\Program Files\InstallShield Installation Information
2009-08-28 10:52:13 ----N---- D:\WINDOWS\SchedLgU.Txt
2009-08-28 10:49:09 ----HD---- D:\WINDOWS\inf
2009-08-28 10:45:06 ----D---- D:\WINDOWS\Minidump
2009-08-28 02:57:42 ----D---- D:\WINDOWS\system32
2009-08-27 17:34:08 ----D---- D:\Program Files\Fichiers communs\Apple
2009-08-26 19:17:35 ----D---- D:\Program Files\Java
2009-07-25 05:23:00 ----A---- D:\WINDOWS\system32\deploytk.dll
2009-07-03 22:37:46 ----D---- D:\WINDOWS\system32\DirectX
2009-07-03 18:04:49 ----D---- D:\Program Files\Fichiers communs
2009-07-03 16:11:13 ----D---- D:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-06-30 11:33:05 ----RSD---- D:\WINDOWS\assembly
2009-06-26 01:51:19 ----D---- D:\WINDOWS\Microsoft.NET
2009-06-24 18:43:50 ----D---- D:\Program Files\Nero
2009-06-22 09:45:49 ----D---- D:\Documents and Settings\Administrateur\Application Data\foobar2000
2009-06-18 20:30:42 ----D---- D:\Documents and Settings\Administrateur\Application Data\Apple Computer
2009-06-18 13:50:01 ----D---- D:\Program Files\QT Lite
2009-06-18 13:48:44 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-06-15 15:43:12 ----D---- D:\WINDOWS\Debug
2009-06-15 09:11:27 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-06-15 09:10:39 ----RSHDC---- D:\WINDOWS\system32\dllcache
2009-06-15 09:10:37 ----D---- D:\Program Files\Internet Explorer
2009-06-15 09:10:33 ----D---- D:\WINDOWS\ie8updates
2009-06-15 09:10:31 ----HD---- D:\WINDOWS\$hf_mig$
2009-06-13 16:30:26 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2009-06-13 16:30:26 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2009-06-05 11:42:38 ----A---- D:\WINDOWS\system32\usbaaplrc.dll
2009-06-01 18:51:12 ----A---- D:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avfwot;avfwot; D:\WINDOWS\system32\DRIVERS\avfwot.sys [2009-08-28 97608]
R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2007-11-26 36776]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2007-11-26 38440]
R1 intelppm;Pilote de processeur Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 LUMDriver;LUMDriver; \??\D:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; D:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-08-28 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\D:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 acedrv11;acedrv11; \??\D:\WINDOWS\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; D:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-05-18 278728]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-28 55656]
R2 CDRPDACC;Arrowkey Device Access; \??\D:\Program Files\321Studios\Shared\CDRPDACC.SYS []
R2 enodpl;enodpl; D:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; D:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-18 25416]
R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; D:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R2 tandpl;tandpl; D:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-05-18 304640]
R3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys [2007-05-18 94848]
R3 Arp1394;Protocole client ARP 1394; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-09-27 60800]
R3 avfwim;AvFw Packet Filter Miniport; D:\WINDOWS\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Pilote de classe HID Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-09-27 10368]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\D:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-09-27 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
R3 NIC1394;Pilote réseau 1394; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-09-27 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 Pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-05-12 47360]
R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; D:\WINDOWS\system32\DRIVERS\rtl8185.sys [2007-02-01 306560]
R3 SenFiltService;SenFilt Service; D:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-09-27 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-09-27 30336]
R3 usbhub;Concentrateur USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-09-27 59520]
R3 USBSTOR;Pilote de stockage de masse USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-09-27 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VClone;VClone; D:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; D:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-04-29 288896]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2007-11-26 118952]
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfo.sys []
S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbprint;Classe d'imprimantes USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-09-27 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-13 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
S4 RxFilter;RxFilter; D:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-10-27 50688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Pare-feu; D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-08-28 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-08-28 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-08-28 108289]
R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-28 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-08-28 434945]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-12-05 79136]
R2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; D:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2009-01-12 66872]
R2 PnkBstrB;PnkBstrB; D:\WINDOWS\system32\PnkBstrB.exe [2009-01-12 107832]
R3 iPod Service;Service de l’iPod; D:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 BBDemon;Backbone Service; F:\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-05-04 36864]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; D:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2006-10-26 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2006-10-27 303104]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-10-27 159744]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; D:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; D:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2006-10-26 57344]
S3 RoxMediaDB9;RoxMediaDB9; D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-10-27 880640]
S4 aspnet_state;Service d'état ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; D:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-08-28 12:44:40
Microsoft Windows XP Professionnel Service Pack 3
System drive D: has 3 GB (8%) free of 35 GB
Total RAM: 3071 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:57, on 28/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
D:\Program Files\Nero\Nero 7\InCD\InCD.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Glary Utilities\memdefrag.exe
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Avira\AntiVir Desktop\avscan.exe
D:\Program Files\eMule\emule.exe
F:\HiJackThis.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Java\jre6\bin\java.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Documents and Settings\Administrateur\Bureau\RSIT.exe
D:\Program Files\trend micro\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [LGODDFU] "D:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "D:\WINDOWS\is-DKCOI.exe" /REG
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [Glary Memory Optimizer] "D:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - F:\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
--
End of file - 9440 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GlaryInitialize.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-492894223-1801674531-500Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-492894223-1801674531-500UA.job
D:\WINDOWS\tasks\JkDefrag.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2008-06-30 52168]
"LGODDFU"=D:\Program Files\lg_fwupdate\fwupdate.exe [2006-02-20 245760]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NeroFilterCheck"=D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-08-03 419088]
"InnoSetupRegFile.0000000001"=D:\WINDOWS\is-DKCOI.exe [2009-08-28 673280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-01-21 5724184]
"ccleaner"=D:\Program Files\CCleaner\CCleaner.exe [2009-08-26 1681208]
"Glary Memory Optimizer"=D:\Program Files\Glary Utilities\memdefrag.exe [2009-03-23 89600]
"Google Update"=D:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-30 133104]
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=1
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoSMHelp"=1
"NoStartMenuMFUprogramsList"=1
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoViewContextMenu"=0
"NoWinKeys"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"HideRunAsVerb"=
"NoDriveTypeAutoRun"=
"NoInstrumentation"=
"NoResolveTrack"=
"NoStartMenuMFUprogramsList"=
"NoDriveAutoRun"=
"NoDrives"=
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Program Files\ma-config.com\maconfservice.exe"="D:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Assassin's creed\AssassinsCreed_Dx9.exe"="C:\Assassin's creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Assassin's creed\AssassinsCreed_Dx10.exe"="C:\Assassin's creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Assassin's creed\AssassinsCreed_Launcher.exe"="C:\Assassin's creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Overlord\Overlord2.exe"="C:\Overlord\Overlord2.exe:*:Enabled:Overlord II"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="D:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
======List of files/folders created in the last 3 months======
2009-08-28 12:44:43 ----D---- D:\Program Files\trend micro
2009-08-28 12:44:40 ----D---- D:\rsit
2009-08-28 12:38:04 ----A---- D:\WINDOWS\is-DKCOI.exe
2009-08-28 11:06:23 ----D---- D:\Program Files\Codemasters
2009-08-28 10:45:56 ----D---- D:\Documents and Settings\Administrateur\Application Data\Avira
2009-08-27 19:04:25 ----D---- D:\Documents and Settings\All Users\Application Data\Avira
2009-08-27 19:04:03 ----D---- D:\Program Files\Avira
2009-08-27 17:34:09 ----D---- D:\Program Files\iPod
2009-08-26 20:01:41 ----D---- D:\Program Files\Bullfrog
2009-08-26 20:01:27 ----A---- D:\WINDOWS\unin040c.exe
2009-08-26 19:17:38 ----A---- D:\WINDOWS\system32\javaws.exe
2009-08-26 19:17:38 ----A---- D:\WINDOWS\system32\javaw.exe
2009-08-26 19:17:38 ----A---- D:\WINDOWS\system32\java.exe
2009-07-03 18:04:49 ----D---- D:\Program Files\Fichiers communs\DirectX
2009-07-02 08:18:28 ----A---- D:\WINDOWS\lgfwup.txt
2009-07-01 01:29:29 ----D---- D:\Program Files\Thrustmaster
2009-07-01 01:29:29 ----A---- D:\WINDOWS\system32\tmffbdrv.dll
2009-07-01 01:29:29 ----A---- D:\WINDOWS\system32\tmffbcpl.dll
2009-06-30 09:56:33 ----D---- D:\Documents and Settings\Administrateur\Application Data\Crayon Physics Deluxe
2009-06-24 18:56:18 ----D---- D:\Documents and Settings\All Users\Application Data\LightScribe
2009-06-24 18:56:18 ----D---- D:\Documents and Settings\Administrateur\Application Data\Ahead
2009-06-24 18:50:57 ----A---- D:\WINDOWS\NeroDigital.ini
2009-06-24 18:47:05 ----D---- D:\Program Files\Fichiers communs\LightScribe
2009-06-24 18:46:28 ----D---- D:\Documents and Settings\All Users\Application Data\Ahead
2009-06-24 18:43:50 ----D---- D:\Program Files\Fichiers communs\Ahead
2009-06-22 01:37:14 ----D---- D:\Documents and Settings\Administrateur\Application Data\AccurateRip
2009-06-22 01:37:14 ----A---- D:\WINDOWS\system32\SpoonUninstall.exe
2009-06-22 01:37:11 ----D---- D:\Program Files\Illustrate
2009-06-19 09:51:01 ----D---- D:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2009-06-18 13:51:17 ----D---- D:\Program Files\iTunes
2009-06-15 09:33:01 ----D---- D:\Documents and Settings\All Users\Application Data\Trymedia
2009-06-15 09:32:43 ----D---- D:\Program Files\BFG
2009-06-15 09:09:51 ----HDC---- D:\WINDOWS\$NtUninstallKB961501$
2009-06-15 09:09:47 ----HDC---- D:\WINDOWS\$NtUninstallKB969898$
2009-06-15 09:08:06 ----HDC---- D:\WINDOWS\$NtUninstallKB970238$
2009-06-15 09:08:01 ----HDC---- D:\WINDOWS\$NtUninstallKB968537$
2009-06-05 17:41:18 ----D---- D:\Documents and Settings\All Users\Application Data\PopCap Games
2009-06-04 11:25:11 ----D---- D:\Program Files\Smart Projects
2009-06-03 18:09:12 ----D---- D:\Documents and Settings\Administrateur\Application Data\ProtectDisc
2009-06-03 18:08:29 ----D---- D:\Documents and Settings\All Users\Application Data\Synetic
2009-06-03 18:06:35 ----D---- D:\Program Files\ProtectDisc Driver Installer
2009-06-01 23:01:04 ----SHD---- D:\WINDOWS\ftpcache
2009-06-01 22:55:56 ----D---- D:\Program Files\Activision
======List of files/folders modified in the last 3 months======
2009-08-28 12:44:43 ----RD---- D:\Program Files
2009-08-28 12:44:41 ----D---- D:\WINDOWS\Prefetch
2009-08-28 12:38:06 ----SD---- D:\WINDOWS\Tasks
2009-08-28 12:38:04 ----D---- D:\WINDOWS
2009-08-28 12:38:04 ----D---- D:\Program Files\Glary Utilities
2009-08-28 12:06:10 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2009-08-28 12:06:08 ----D---- D:\WINDOWS\system32\drivers
2009-08-28 11:57:54 ----D---- D:\Program Files\Mozilla Firefox
2009-08-28 11:52:02 ----D---- D:\WINDOWS\temp
2009-08-28 11:51:44 ----D---- D:\WINDOWS\system32\CatRoot2
2009-08-28 11:51:44 ----D---- D:\Program Files\lg_fwupdate
2009-08-28 11:51:41 ----A---- D:\WINDOWS\lgfwup.ini
2009-08-28 11:11:34 ----SHD---- D:\WINDOWS\Installer
2009-08-28 11:06:20 ----HD---- D:\Program Files\InstallShield Installation Information
2009-08-28 10:52:13 ----N---- D:\WINDOWS\SchedLgU.Txt
2009-08-28 10:49:09 ----HD---- D:\WINDOWS\inf
2009-08-28 10:45:06 ----D---- D:\WINDOWS\Minidump
2009-08-28 02:57:42 ----D---- D:\WINDOWS\system32
2009-08-27 17:34:08 ----D---- D:\Program Files\Fichiers communs\Apple
2009-08-26 19:17:35 ----D---- D:\Program Files\Java
2009-07-25 05:23:00 ----A---- D:\WINDOWS\system32\deploytk.dll
2009-07-03 22:37:46 ----D---- D:\WINDOWS\system32\DirectX
2009-07-03 18:04:49 ----D---- D:\Program Files\Fichiers communs
2009-07-03 16:11:13 ----D---- D:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-06-30 11:33:05 ----RSD---- D:\WINDOWS\assembly
2009-06-26 01:51:19 ----D---- D:\WINDOWS\Microsoft.NET
2009-06-24 18:43:50 ----D---- D:\Program Files\Nero
2009-06-22 09:45:49 ----D---- D:\Documents and Settings\Administrateur\Application Data\foobar2000
2009-06-18 20:30:42 ----D---- D:\Documents and Settings\Administrateur\Application Data\Apple Computer
2009-06-18 13:50:01 ----D---- D:\Program Files\QT Lite
2009-06-18 13:48:44 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-06-15 15:43:12 ----D---- D:\WINDOWS\Debug
2009-06-15 09:11:27 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-06-15 09:10:39 ----RSHDC---- D:\WINDOWS\system32\dllcache
2009-06-15 09:10:37 ----D---- D:\Program Files\Internet Explorer
2009-06-15 09:10:33 ----D---- D:\WINDOWS\ie8updates
2009-06-15 09:10:31 ----HD---- D:\WINDOWS\$hf_mig$
2009-06-13 16:30:26 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2009-06-13 16:30:26 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2009-06-05 11:42:38 ----A---- D:\WINDOWS\system32\usbaaplrc.dll
2009-06-01 18:51:12 ----A---- D:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avfwot;avfwot; D:\WINDOWS\system32\DRIVERS\avfwot.sys [2009-08-28 97608]
R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2007-11-26 36776]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2007-11-26 38440]
R1 intelppm;Pilote de processeur Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 LUMDriver;LUMDriver; \??\D:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; D:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-08-28 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\D:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 acedrv11;acedrv11; \??\D:\WINDOWS\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; D:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-05-18 278728]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-28 55656]
R2 CDRPDACC;Arrowkey Device Access; \??\D:\Program Files\321Studios\Shared\CDRPDACC.SYS []
R2 enodpl;enodpl; D:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; D:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-18 25416]
R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; D:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R2 tandpl;tandpl; D:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-05-18 304640]
R3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys [2007-05-18 94848]
R3 Arp1394;Protocole client ARP 1394; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-09-27 60800]
R3 avfwim;AvFw Packet Filter Miniport; D:\WINDOWS\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Pilote de classe HID Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-09-27 10368]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\D:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-09-27 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
R3 NIC1394;Pilote réseau 1394; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-09-27 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 Pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-05-12 47360]
R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; D:\WINDOWS\system32\DRIVERS\rtl8185.sys [2007-02-01 306560]
R3 SenFiltService;SenFilt Service; D:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-09-27 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-09-27 30336]
R3 usbhub;Concentrateur USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-09-27 59520]
R3 USBSTOR;Pilote de stockage de masse USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-09-27 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VClone;VClone; D:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; D:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-04-29 288896]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2007-11-26 118952]
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfo.sys []
S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbprint;Classe d'imprimantes USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-09-27 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-13 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
S4 RxFilter;RxFilter; D:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-10-27 50688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Pare-feu; D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-08-28 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-08-28 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-08-28 108289]
R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-28 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-08-28 434945]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-12-05 79136]
R2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; D:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2009-01-12 66872]
R2 PnkBstrB;PnkBstrB; D:\WINDOWS\system32\PnkBstrB.exe [2009-01-12 107832]
R3 iPod Service;Service de l’iPod; D:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 BBDemon;Backbone Service; F:\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-05-04 36864]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; D:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2006-10-26 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2006-10-27 303104]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-10-27 159744]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; D:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; D:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2006-10-26 57344]
S3 RoxMediaDB9;RoxMediaDB9; D:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-10-27 880640]
S4 aspnet_state;Service d'état ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; D:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Configuration: Windows XP Firefox 3.0.13
A voir également:
- Log RSIT,pc ne démarre pas du premier coup
- Windows ne démarre pas - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Reinitialiser pc - Guide
- Mon pc ne reconnait pas ma clé usb - Guide
- Forcer demarrage pc - Guide
1 réponse
Bonjour
Continue sur cette discussion : https://forums.commentcamarche.net/forum/affich-14119495-pc-infecte-log-hijackthis
Continue sur cette discussion : https://forums.commentcamarche.net/forum/affich-14119495-pc-infecte-log-hijackthis
