merci de me donner un coup de main les gars
alors le rapport Findykill apres le netoyage
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
Deleted ! - C:\InfoSat.txt
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\seb\Application Data
»»»» Supression files in C:\DOCUME~1\seb\Local Settings\Temp
»»»» Supression files in C:\Documents and Settings\seb\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_USERS\S-1-5-21-682003330-823518204-839522115-1003\Software\Ubisoft
--------------- [ States / Restarting of services ] ----------------
± Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
± Informations :
C: - Lecteur fixe
E: - Lecteur fixe
F: - Lecteur fixe
± deleting files :
Deleted ! - C:\autorun.inf
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\seb\Application Data\uTorrent\Command And Conquer Red Alert 3 CRACK ONLY-RELOADED.torrent
C:\Documents and Settings\seb\Application Data\uTorrent\Crack.GTA.IV.Bencock.torrent
C:\Documents and Settings\seb\Application Data\uTorrent\Crysis.Warhead.Crack-TDM.torrent
C:\Documents and Settings\seb\Cookies\seb@cracks[2].txt
C:\Documents and Settings\seb\Favoris\Jeux vid?os\Cracks
C:\Documents and Settings\seb\Favoris\Jeux vid?os\Cracks\ASTALAVISTA.BOX.SK.url
C:\Documents and Settings\seb\Favoris\Jeux vid?os\Cracks\Deluxserials.url
C:\Documents and Settings\seb\Favoris\Jeux vid?os\Cracks\GameCopyWorld.url
C:\Documents and Settings\seb\Favoris\Jeux vid?os\Cracks\http–www.megagames.com-.url
---------------- ! End of report ! ------------------
j’ai aussi fait ccleaner, netoyage, et recherche des erreurs, pour l instant tjs le meme probleme
voila le rapport hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:28:48, on 14/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM…\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM…\Run: [Ai Nap] “C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe”
O4 - HKLM…\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe”
O4 - HKLM…\Run: [avast!] “C:\Program Files\Alwil Software\Avast4\ashDisp.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\Microsoft… Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: CabBuilder - kiw.imgag.com…
O17 - HKLM\System\CCS\Services\Tcpip…{880E5513-688D-45B5-BC51-BE5C4D030D00}: NameServer = 84.103.237.144,86.64.145.144,217.19.192.131,217.19.192.132,192.168.0.1,84.103.237.145,86.64.145.145,212.94.174.85,212.94.147.86,86.64.145.140,84.103.237.140,86.72.142.220
O17 - HKLM\System\CCS\Services\Tcpip…{A1BDFD8E-EB9A-41B5-AFAE-2AAE086ED7DF}: NameServer = 84.103.237.145,86.64.145.145,192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip…{EE45DDFA-4D99-4D8F-9777-5C4540059AF0}: NameServer = 84.103.237.145,86.64.145.145,192.168.0.1,84.103.237.140,86.64.145.140
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe
–
End of file - 5780 bytes
voici les deux rapport rsit
Logfile of random’s system information tool 1.04 (written by random/random)
Run by seb at 2008-12-14 20:30:07
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 65 GB (84%) free of 77 GB
Total RAM: 2047 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:30:10, on 14/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\seb\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\seb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM…\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM…\Run: [Ai Nap] “C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe”
O4 - HKLM…\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe”
O4 - HKLM…\Run: [avast!] “C:\Program Files\Alwil Software\Avast4\ashDisp.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\Microsoft… Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: CabBuilder - kiw.imgag.com…
O17 - HKLM\System\CCS\Services\Tcpip…{880E5513-688D-45B5-BC51-BE5C4D030D00}: NameServer = 84.103.237.144,86.64.145.144,217.19.192.131,217.19.192.132,192.168.0.1,84.103.237.145,86.64.145.145,212.94.174.85,212.94.147.86,86.64.145.140,84.103.237.140,86.72.142.220
O17 - HKLM\System\CCS\Services\Tcpip…{A1BDFD8E-EB9A-41B5-AFAE-2AAE086ED7DF}: NameServer = 84.103.237.145,86.64.145.145,192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip…{EE45DDFA-4D99-4D8F-9777-5C4540059AF0}: NameServer = 84.103.237.145,86.64.145.145,192.168.0.1,84.103.237.140,86.64.145.140
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe
–
End of file - 5843 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2004-08-04 848922]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“NeroFilterCheck”=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
“Alcmtr”=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
“JMB36X IDE Setup”=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
“36X Raid Configurer”=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
“Ai Nap”=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2007-04-09 1423360]
“Kernel and Hardware Abstraction Layer”=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
“LVCOMSX”=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe [2007-01-12 244512]
“avast!”=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2008-05-16 79224]
“SunJavaUpdateSched”=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
“nwiz”=nwiz.exe /install []
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“DAEMON Tools Pro Agent”=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-01-12 488984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2008-10-27 809488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Pinnacle Scheduler.lnk]
C:\PROGRA~1\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2003-03-31 237568]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2008-10-27 72208]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe”="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe::Enabled:SiSoftware Database Agent Service"
“C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe”=“C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe::Enabled:SiSoftware Sandra Agent Service"
“C:\WINDOWS\system32\PnkBstrA.exe”="C:\WINDOWS\system32\PnkBstrA.exe::Enabled:PnkBstrA”
“C:\WINDOWS\system32\PnkBstrB.exe”=“C:\WINDOWS\system32\PnkBstrB.exe::Enabled:PnkBstrB"
“E:\Call of duty 4\iw3mp.exe”="E:\Call of duty 4\iw3mp.exe::Enabled:Call of Duty® 4 - Modern Warfare™”
“E:\Gears of war\Binaries\WarGame-G4WLive.exe”=“E:\Gears of war\Binaries\WarGame-G4WLive.exe::Enabled:Gears of War"
“E:\Assassin s creed\AssassinsCreed_Dx9.exe”="E:\Assassin s creed\AssassinsCreed_Dx9.exe::Enabled:Assassin’s Creed Dx9”
“E:\Assassin s creed\AssassinsCreed_Dx10.exe”=“E:\Assassin s creed\AssassinsCreed_Dx10.exe::Enabled:Assassin’s Creed Dx10"
“E:\Assassin s creed\AssassinsCreed_Launcher.exe”="E:\Assassin s creed\AssassinsCreed_Launcher.exe::Enabled:Assassin’s Creed Update”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Windows Live\Messenger\livecall.exe”="C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)”
“E:\Colin mc rae\DiRT.exe”=“E:\Colin mc rae\DiRT.exe::Enabled:DiRT Executable"
“E:\Grid\GRID.exe”="E:\Grid\GRID.exe::Enabled:GRID”
“E:\Farcry2\Far Cry 2\bin\FarCry2.exe”=“E:\Farcry2\Far Cry 2\bin\FarCry2.exe::Enabled:Far Cry 2"
“E:\Farcry2\Far Cry 2\bin\FC2Launcher.exe”="E:\Farcry2\Far Cry 2\bin\FC2Launcher.exe::Enabled:Far Cry 2 Updater”
“E:\Farcry2\Far Cry 2\bin\FC2Editor.exe”=“E:\Farcry2\Far Cry 2\bin\FC2Editor.exe::Enabled:Editeur"
“C:\Program Files\uTorrent\uTorrent.exe”="C:\Program Files\uTorrent\uTorrent.exe::Enabled:µTorrent”
“F:\eMule0.49b\emule.exe”=“F:\eMule0.49b\emule.exe::Enabled:eMule"
“E:\cod world of war\CoDWaWmp.exe”="E:\cod world of war\CoDWaWmp.exe::Enabled:Call of Duty® - World at War™”
“E:\cod world of war\CoDWaW.exe”=“E:\cod world of war\CoDWaW.exe::Enabled:Call of Duty® - World at War™"
“E:\DEAD SPACE\Dead Space.exe”="E:\DEAD SPACE\Dead Space.exe::Disabled:Dead Space ”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Windows Live\Messenger\livecall.exe”=“C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)”
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{1fe825d4-cda7-11dc-acdc-001d60ea64b3}]
shell\AutoRun\command - G:\Autorun.exe
======List of files/folders created in the last 1 months======
2008-12-14 20:30:07 ----D---- C:\rsit
2008-12-14 20:28:33 ----D---- C:\Program Files\Trend Micro
2008-12-14 20:22:57 ----A---- C:\FindyKill.txt
2008-12-14 19:34:46 ----D---- C:\Program Files\FindyKill
2008-12-13 12:16:04 ----D---- C:\Documents and Settings\seb\Application Data\Malwarebytes
2008-12-13 12:16:00 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2008-12-13 12:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-13 12:09:26 ----D---- C:\Program Files\Windows Installer Clean Up
2008-12-13 12:09:18 ----D---- C:\Program Files\MSECACHE
2008-12-13 11:55:43 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2008-12-11 20:31:25 ----HDC---- C:\WINDOWS$NtUninstallKB952069_WM9$
2008-12-11 20:31:21 ----HDC---- C:\WINDOWS$NtUninstallKB955839$
2008-12-11 20:30:40 ----HDC---- C:\WINDOWS$NtUninstallKB958215$
2008-12-11 20:29:15 ----HDC---- C:\WINDOWS$NtUninstallKB954600$
2008-12-11 20:29:08 ----HDC---- C:\WINDOWS$NtUninstallKB956802$
2008-11-25 22:24:23 ----D---- C:\Program Files\VS Revo Group
2008-11-23 22:27:22 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-23 11:44:56 ----D---- C:\Program Files\uTorrent
2008-11-23 11:44:51 ----D---- C:\Documents and Settings\seb\Application Data\uTorrent
2008-11-23 11:34:20 ----RHD---- C:\Documents and Settings\seb\Application Data\SecuROM
2008-11-18 19:30:27 ----HDC---- C:\Documents and Settings\All Users\Application Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
======List of files/folders modified in the last 1 months======
2008-12-14 20:28:43 ----D---- C:\WINDOWS\Prefetch
2008-12-14 20:28:33 ----RD---- C:\Program Files
2008-12-14 20:25:06 ----D---- C:\Program Files\Mozilla Firefox
2008-12-14 20:24:29 ----D---- C:\WINDOWS\system32
2008-12-14 20:24:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-14 20:24:25 ----D---- C:\WINDOWS\Temp
2008-12-14 20:23:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-14 20:23:32 ----D---- C:\WINDOWS
2008-12-14 20:21:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-14 20:14:49 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-14 17:57:27 ----D---- C:\Program Files\Zoom Player
2008-12-13 12:16:03 ----D---- C:\WINDOWS\system32\drivers
2008-12-13 12:15:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-13 12:12:26 ----D---- C:\WINDOWS\Debug
2008-12-13 12:09:26 ----SHD---- C:\WINDOWS\Installer
2008-12-13 11:55:46 ----D---- C:\Program Files\Fichiers communs\Logitech
2008-12-13 11:55:18 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-13 11:55:17 ----D---- C:\Program Files\Fichiers communs\LogiShrd
2008-12-12 10:58:09 ----D---- C:\WINDOWS\system32\wbem
2008-12-11 20:31:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-11 20:31:27 ----HD---- C:\WINDOWS\inf
2008-12-11 20:31:13 ----A---- C:\WINDOWS\win.ini
2008-12-11 20:30:45 ----D---- C:\Program Files\Internet Explorer
2008-12-11 20:30:39 ----HD---- C:\WINDOWS$hf_mig$
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-08 11:55:04 ----D---- C:\WINDOWS\system32\DirectX
2008-12-04 21:50:11 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-04 19:12:21 ----SD---- C:\Documents and Settings\seb\Application Data\Microsoft
2008-11-24 11:16:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-23 22:27:35 ----D---- C:\Program Files\Lavasoft
2008-11-23 22:26:57 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-11-18 20:02:34 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-11-18 19:24:08 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-11-16 17:38:38 ----RSD---- C:\WINDOWS\assembly
2008-11-16 17:00:02 ----D---- C:\WINDOWS\system32\Restore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-05-16 26944]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-05-16 94416]
R2 ROB_A;Pinnacle WDM PCTV Audio Capture; C:\WINDOWS\system32\DRIVERS\rob_a.sys [2003-02-10 17664]
R2 ROB_V;Pinnacle WDM PCTV Video Capture; C:\WINDOWS\system32\drivers\rob_v.sys [2003-04-11 125568]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-05-16 23152]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 pctvvbi;PCTVVBI; C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-17 14604]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 aviwjjvl;aviwjjvl; C:\WINDOWS\system32\drivers\aviwjjvl.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DSDrv4;DSDrv4; ??\F:\Utils\KTV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 EagleNT;EagleNT; ??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; ??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 RT73;Belkin USB Network Adapter; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-08-02 232192]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-05-16 17272]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-05-16 144760]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-01-28 66872]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-05-16 349560]
R3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2008-10-27 121360]
S3 SandraDataSrv;SiSoftware Database Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe [2007-12-12 213176]
S3 SandraTheSrv;SiSoftware Sandra Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe [2007-12-12 1253568]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------