Aller au contenu

casasax

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    34

  • Inscription

  • Dernière visite

À propos de casasax

  • Date de naissance 31/08/1946

Contact Methods

  • MSN
    casasax
  • Website URL
    http://orchestre-aria.fr
  • ICQ
    0

Profile Information

  • Sexe
    Male
  • Localisation
    ajaccio
  • Intérêts
    musique<br />Et bien entendu, habitant à Ajaccio - cité Impériale, le SOUVENIR NAPOLÉONIEN.<br />Chasseur au 2° régiment de chasseurs à pied de la garde impériale de Napoléon 1° (reconstitution)

Autres informations

  • Mes langues
    français - corse

casasax's Achievements

Member

Member (4/12)

1

Réputation sur la communauté

  1. casasax
    Merci Apollo. J'avais viré Windows Live Mail pour passer à Outlook, mais je crois que je vais le télécharger à nouveau. Bonnes fêtes de fin d'année.
  2. casasax
    Bonjour, J'aimerai archiver mes messages Outlook sur mon PC de façon à alléger ma messagerie. Existe-t-il une façon de procéder, comme c'était le cas avec Windows live ? Merci d'avance.
  3. casasax
    Bonjour, J'utilise live mail pour regroupement de plusieurs adresses mail. Depuis 2 jours, je n'ai plus accès à ma liste de contacts si je clique dessus, la fenêtre se "grise" et apparaît un message "Windows live mail ne répond pas" Par contre, la messagerie fonctionne normalement ! ​Je n'ai donc plus accès à mon carnet d'adresse, et je ne peux donc pas l'exporter... Qui pourrait me dire comment réparer ? je ne voudrais pas réinstaller le programme ça me ferait tout perdre . Merci d'avance.
  4. casasax
    Bonjour, Je viens de faire une analyse par HIJACKTHIS et une interprétation par Zeb help process résultat: ordinateur très infecté Pouvez-vous faire quelque chose pour moi ? Merci d'avance de votre attention. A tout hasard, je joins le rapport de ZHPDiag. Désolé, je dois m'absenter, retour vers 16h merci de votre compréhension ! -édit- Voilà typiquement un rapport qu'il est dangereux de coller directement dans un message, au risque de bloquer le sujet (à cause des limites du gestionnaire de forum IPB 3.1), donc de le rendre inaccessible. Il est donc préférable de faire héberger de tels rapports, par exemple chez C'est ce que j'ai fait avec le tien
  5. casasax

    Problème avec windoxs live mail

    casasax a répondu à un(e) sujet de casasax dans Software

    Bon, J'ai voulu désinstaller Windows Live Mail, et je suis tombé sur un choix "REPARER" C'est ce que j'ai fait... et maintenant ça marche ! Que demander de mieux ? Bonne soirée à tous.
  6. casasax
    RESOLU ! Bonjour, Je viens d'acquérir un nouveau PC avec Windows 7, depuis 1 mois. J'utilise Windows Live Mail, avec 4 adresses mail différentes, et depuis ce matin, je ne peux plus cliquer sur les liens (y compris la newsletter Zebulon). Je reçois un message d'erreur: "une erreur s'est produite lors de l'envoi d'une commande au programme" Ce message m'apparaît même lorsque je clique sur l'aide WIn Mail ... Qui pourrait me dire ce qui se passe ? Je ne pense pas qu'il s'agisse d'une fausse manœuvre de ma part, car à part quelques téléchargements, je n'ai fait aucune manipulation sur ce nouvel ordinateur. J'aurais bien désinstallé et ré-installé Win mail, mais j'ai peur de perdre tous mes messages... Merci d'avance de votre attention.
  7. casasax
    Juste un petit mot pour vous souhaiter un bon anniversaire ! Voila 11 ans que vous venez en aide à ceux qui sont en difficulté (informatique) Merci pour tout !!!!! Pierre CASANOVA
  8. casasax
    OK Après toutes ces manœuvres, PLUS D'ANOMALIES Tout semble revenu à la normale !!! Merci pour tout Je te souhaite une bonne soirée Pierre CASANOVA
  9. casasax
    RAPPORT RSIT Logfile of random's system information tool 1.07 (written by random/random) Run by CASANOVA Pierre at 2010-05-23 17:13:06 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 57 GB (72%) free of 78 GB Total RAM: 1022 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:13:21, on 23/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe D:\PIERRE2\RSIT.exe C:\Program Files\trend micro\CASANOVA Pierre.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: WiFi Station.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218883488640 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218891281656 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: 0072201248356952mcinstcleanup - - (no file) O23 - Service: McAfee Application Installer Cleanup (0234421248622813) (0234421248622813mcinstcleanup) - Unknown owner - C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 9415 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}] WOT Helper - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-21 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-21 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240] {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange] C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-21 26112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-03-04 512000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe [2005-02-22 589824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlus_Helper.dll,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall getPlus® for Adobe] C:\Program Files\NOS\bin\getPlus_HelperSvc.exe /UninstallGet1noarp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT] C:\Program Files\Wanadoo\Shell.exe [2004-08-23 122880] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk] C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiFi Station.lnk] C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE [2008-08-25 654848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk] D:\PIERRE\OFFICE\Office\OSA.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Secunia PSI.lnk] C:\PROGRA~1\Secunia\PSI\psi.exe [2009-08-21 900816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "InterBaseServer"=3 "InterBaseGuardian"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit] C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "NoDriveAutorun"=255 "HonorAutoRunSetting"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveTypeAutoRun"= "NoDriveAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX" "C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe:*:Disabled:Atout Pique sur Internet" "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe:*:Disabled:AVG Anti-Spyware" "C:\Program Files\MobaPhoto\MobaPhoto.exe"="C:\Program Files\MobaPhoto\MobaPhoto.exe:*:Disabled:The ultimate toolbox for digital photography" "C:\Program Files\Hercules\Classic Link\Station2.exe"="C:\Program Files\Hercules\Classic Link\Station2.exe:*:Enabled:Hercules Webcam Station Evolution" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe"="C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:*:Enabled:IziSpot" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-05-23 16:48:48 ----A---- C:\TB.txt 2010-05-23 16:48:11 ----D---- C:\ToolBar SD 2010-05-22 19:21:52 ----RASHD---- C:\autorun.inf 2010-05-22 16:52:07 ----D---- C:\rsit 2010-05-12 07:36:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-04-28 07:30:44 ----HD---- C:\Program Files\Uninstall Information 2010-04-26 16:37:30 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\vlc 2010-04-24 10:34:54 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\LiveCAD3 2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-04-24 10:32:44 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-04-24 10:32:43 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-04-24 10:32:41 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-04-24 10:32:40 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-04-24 10:32:38 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2010-04-24 10:32:33 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2010-04-24 10:32:31 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2010-04-24 10:32:30 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2010-04-24 10:32:27 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2010-04-24 10:32:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2010-04-24 10:32:23 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2010-04-24 10:32:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2010-04-24 10:32:18 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2010-04-24 10:32:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2010-04-24 10:32:12 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2010-04-24 10:32:10 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2010-04-24 10:31:58 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2010-04-24 10:31:57 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2010-04-24 10:31:56 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2010-04-24 10:31:52 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2010-04-24 10:31:48 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2010-04-24 10:31:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2010-04-24 10:31:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2010-04-24 10:28:51 ----D---- C:\WINDOWS\Logs ======List of files/folders modified in the last 1 months====== 2010-05-23 17:13:09 ----D---- C:\Program Files\Trend Micro 2010-05-23 17:05:17 ----D---- C:\WINDOWS\Temp 2010-05-23 16:36:31 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2010-05-23 16:34:24 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-23 16:33:34 ----RD---- C:\Program Files 2010-05-23 16:33:18 ----D---- C:\WINDOWS\Prefetch 2010-05-22 19:45:29 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-22 19:39:45 ----D---- C:\WINDOWS 2010-05-22 19:20:13 ----SHD---- C:\RECYCLER 2010-05-22 16:55:47 ----D---- C:\Program Files\ZebHelpProcess 2010-05-22 09:40:27 ----D---- C:\Program Files\Mozilla Firefox 2010-05-20 18:21:57 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\Spyware Terminator 2010-05-20 18:16:28 ----D---- C:\Program Files\Freecorder 2010-05-19 19:16:57 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-19 18:58:59 ----D---- C:\WINDOWS\system32\config 2010-05-19 18:58:25 ----D---- C:\WINDOWS\system32\wbem 2010-05-19 18:58:25 ----D---- C:\WINDOWS\Registration 2010-05-12 10:07:10 ----D---- C:\WINDOWS\Debug 2010-05-12 07:59:01 ----D---- C:\WINDOWS\system32 2010-05-12 07:44:32 ----SHD---- C:\WINDOWS\Installer 2010-05-12 07:42:44 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-05-12 07:37:12 ----HD---- C:\WINDOWS\inf 2010-05-12 07:36:59 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-05-12 07:36:59 ----D---- C:\Program Files\Outlook Express 2010-05-12 07:10:19 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-08 08:53:42 ----D---- C:\Documents and Settings 2010-05-06 19:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2010-05-06 11:26:18 ----D---- C:\Documents and Settings\All Users\Application Data\albumphoto 2010-05-06 11:12:18 ----D---- C:\Program Files\monAlbumPhoto 2010-05-06 11:10:32 ----D---- C:\WINDOWS\WinSxS 2010-05-05 08:40:23 ----D---- C:\WINDOWS\system32\drivers 2010-05-03 14:18:29 ----D---- C:\Program Files\Spyware Terminator 2010-05-03 08:02:37 ----A---- C:\mbam-error.txt 2010-05-03 08:02:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe 2010-04-26 17:10:16 ----D---- C:\Program Files\TubeMaster++ 2010-04-26 16:33:36 ----D---- C:\Program Files\VideoLAN 2010-04-24 12:16:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-04-24 12:16:01 ----D---- C:\Program Files\SpywareBlaster 2010-04-24 10:32:49 ----D---- C:\WINDOWS\system32\DirectX 2010-04-24 10:31:52 ----RSD---- C:\WINDOWS\assembly 2010-04-24 10:31:37 ----D---- C:\WINDOWS\Microsoft.NET 2010-04-24 10:31:20 ----HD---- C:\WINDOWS\msdownld.tmp 2010-04-24 09:26:01 ----SD---- C:\WINDOWS\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-04-23 315408] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-04 5632] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-06 21419] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944] R3 RT61;802.11g Wireless Driver RT61; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-12-01 395648] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-02-01 176128] S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [] S3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-27 98432] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [] S3 mbr;mbr; \??\C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\mbr.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys [] S3 PAC7302;Hercules Classic Link; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [] S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Rt73.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504] R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-21 153376] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-15 488960] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 0234421248622813mcinstcleanup;McAfee Application Installer Cleanup (0234421248622813); C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE C:\PROGRA~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  10. casasax
    De retour !!! Désolé, je suis musicien et j'ai du remplacer un ami à l'improviste jusqu'à plus de 4 heures du mat. Bonjour, J'ai exécuté ONECARE CLEANUP - puis redémarré. Voici le rapport de TOOLBAR S&D j'attends les instructions avant de lancer l'option 2 -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Hammer Family processor - Model Unknown ) BIOS : Phoenix - AwardBIOS v6.00PG USER : CASANOVA Pierre ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Internet Security 9.0.0.736 (Activated) Firewall : Kaspersky Internet Security 9.0.0.736 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:76 Go (Free:55 Go) D:\ (Local Disk) - NTFS - Total:37 Go (Free:25 Go) E:\ (CD or DVD) F:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 23/05/2010|16:48 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (CASANOVA Pierre) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (CASANOVA Pierre) - {6C4BAFB6-2AC2-4405-A98D-546B55B3AE92} => nautipolis (CASANOVA Pierre) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} => zynga (CASANOVA Pierre) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.msn.com/" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 23/05/2010|16:50 - Option : [1] -----------\\ Fin du rapport a 16:50:40,14
  11. casasax
    Voila le rapport RSIT apres utilisation USBFIX Logfile of random's system information tool 1.07 (written by random/random) Run by CASANOVA Pierre at 2010-05-22 20:08:52 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 57 GB (73%) free of 78 GB Total RAM: 1022 MB (48% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:09:07, on 22/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe D:\PIERRE2\RSIT.exe C:\Program Files\trend micro\CASANOVA Pierre.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: WiFi Station.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218883488640 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218891281656 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: 0072201248356952mcinstcleanup - - (no file) O23 - Service: McAfee Application Installer Cleanup (0234421248622813) (0234421248622813mcinstcleanup) - Unknown owner - C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 9513 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}] WOT Helper - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-21 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-21 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240] {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange] C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-21 26112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-03-04 512000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe [2005-02-22 589824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlus_Helper.dll,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall getPlus® for Adobe] C:\Program Files\NOS\bin\getPlus_HelperSvc.exe /UninstallGet1noarp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT] C:\Program Files\Wanadoo\Shell.exe [2004-08-23 122880] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk] C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiFi Station.lnk] C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE [2008-08-25 654848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk] D:\PIERRE\OFFICE\Office\OSA.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Secunia PSI.lnk] C:\PROGRA~1\Secunia\PSI\psi.exe [2009-08-21 900816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "InterBaseServer"=3 "InterBaseGuardian"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit] C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "NoDriveAutorun"=255 "HonorAutoRunSetting"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveTypeAutoRun"= "NoDriveAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX" "C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe:*:Disabled:Atout Pique sur Internet" "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe:*:Disabled:AVG Anti-Spyware" "C:\Program Files\MobaPhoto\MobaPhoto.exe"="C:\Program Files\MobaPhoto\MobaPhoto.exe:*:Disabled:The ultimate toolbox for digital photography" "C:\Program Files\Hercules\Classic Link\Station2.exe"="C:\Program Files\Hercules\Classic Link\Station2.exe:*:Enabled:Hercules Webcam Station Evolution" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe"="C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:*:Enabled:IziSpot" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-05-22 19:21:52 ----RASHD---- C:\autorun.inf 2010-05-22 16:52:07 ----D---- C:\rsit 2010-05-12 07:36:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-04-28 07:30:44 ----HD---- C:\Program Files\Uninstall Information 2010-04-26 16:37:30 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\vlc 2010-04-24 10:34:54 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\LiveCAD3 2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-04-24 10:32:44 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-04-24 10:32:43 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-04-24 10:32:41 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-04-24 10:32:40 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-04-24 10:32:38 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2010-04-24 10:32:33 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2010-04-24 10:32:31 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2010-04-24 10:32:30 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2010-04-24 10:32:27 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2010-04-24 10:32:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2010-04-24 10:32:23 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2010-04-24 10:32:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2010-04-24 10:32:18 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2010-04-24 10:32:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2010-04-24 10:32:12 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2010-04-24 10:32:10 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2010-04-24 10:31:58 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2010-04-24 10:31:57 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2010-04-24 10:31:56 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2010-04-24 10:31:52 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2010-04-24 10:31:48 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2010-04-24 10:31:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2010-04-24 10:31:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2010-04-24 10:28:51 ----D---- C:\WINDOWS\Logs 2010-04-23 13:34:29 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab ======List of files/folders modified in the last 1 months====== 2010-05-22 20:08:55 ----D---- C:\Program Files\Trend Micro 2010-05-22 19:49:05 ----D---- C:\WINDOWS\Prefetch 2010-05-22 19:48:50 ----D---- C:\WINDOWS\Temp 2010-05-22 19:45:31 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-22 19:45:29 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-22 19:39:45 ----D---- C:\WINDOWS 2010-05-22 19:20:13 ----SHD---- C:\RECYCLER 2010-05-22 16:55:47 ----D---- C:\Program Files\ZebHelpProcess 2010-05-22 09:40:27 ----D---- C:\Program Files\Mozilla Firefox 2010-05-20 18:21:57 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\Spyware Terminator 2010-05-20 18:16:28 ----D---- C:\Program Files\Freecorder 2010-05-20 14:31:12 ----RD---- C:\Program Files 2010-05-19 19:16:57 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-19 18:58:59 ----D---- C:\WINDOWS\system32\config 2010-05-19 18:58:25 ----D---- C:\WINDOWS\system32\wbem 2010-05-19 18:58:25 ----D---- C:\WINDOWS\Registration 2010-05-12 10:07:10 ----D---- C:\WINDOWS\Debug 2010-05-12 07:59:01 ----D---- C:\WINDOWS\system32 2010-05-12 07:44:32 ----SHD---- C:\WINDOWS\Installer 2010-05-12 07:42:44 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-05-12 07:37:12 ----HD---- C:\WINDOWS\inf 2010-05-12 07:36:59 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-05-12 07:36:59 ----D---- C:\Program Files\Outlook Express 2010-05-12 07:10:19 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-08 08:53:42 ----D---- C:\Documents and Settings 2010-05-06 19:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2010-05-06 11:26:18 ----D---- C:\Documents and Settings\All Users\Application Data\albumphoto 2010-05-06 11:12:18 ----D---- C:\Program Files\monAlbumPhoto 2010-05-06 11:10:32 ----D---- C:\WINDOWS\WinSxS 2010-05-05 08:40:23 ----D---- C:\WINDOWS\system32\drivers 2010-05-03 14:18:29 ----D---- C:\Program Files\Spyware Terminator 2010-05-03 08:02:37 ----A---- C:\mbam-error.txt 2010-05-03 08:02:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe 2010-04-26 17:10:16 ----D---- C:\Program Files\TubeMaster++ 2010-04-26 16:33:36 ----D---- C:\Program Files\VideoLAN 2010-04-24 12:16:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-04-24 12:16:01 ----D---- C:\Program Files\SpywareBlaster 2010-04-24 10:32:49 ----D---- C:\WINDOWS\system32\DirectX 2010-04-24 10:31:52 ----RSD---- C:\WINDOWS\assembly 2010-04-24 10:31:37 ----D---- C:\WINDOWS\Microsoft.NET 2010-04-24 10:31:20 ----HD---- C:\WINDOWS\msdownld.tmp 2010-04-24 09:26:01 ----SD---- C:\WINDOWS\Tasks 2010-04-23 13:44:24 ----SHD---- C:\System Volume Information 2010-04-23 13:34:29 ----D---- C:\Program Files\Kaspersky Lab 2010-04-23 13:28:47 ----SD---- C:\WINDOWS\system32\Microsoft 2010-04-23 12:47:28 ----D---- C:\Program Files\Fichiers communs 2010-04-23 12:15:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-04-23 315408] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-04 5632] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-06 21419] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944] R3 RT61;802.11g Wireless Driver RT61; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-12-01 395648] R3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] R3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] R3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-02-01 176128] S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [] S3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-27 98432] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [] S3 mbr;mbr; \??\C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\mbr.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys [] S3 PAC7302;Hercules Classic Link; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [] S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Rt73.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504] R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-21 153376] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-15 488960] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 0234421248622813mcinstcleanup;McAfee Application Installer Cleanup (0234421248622813); C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE C:\PROGRA~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  12. casasax
    ----------------------------------------------------------------- Rapport USBFIX ############################## | UsbFix V6.114 | User : CASANOVA Pierre (Administrateurs) # CASANOVA-93A608 Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 19:13:34 | 22/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : [email protected] AMD Hammer Family processor - Model Unknown Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : Kaspersky Internet Security 9.0.0.736 [ Enabled | Updated ] FW : Kaspersky Internet Security[ Enabled ]9.0.0.736 A:\ -> Lecteur de disquettes 3 ½ pouces C:\ -> Disque fixe local # 76,32 Go (55,17 Go free) # NTFS D:\ -> Disque fixe local # 37,27 Go (25,16 Go free) [Disque2] # NTFS E:\ -> Disque CD-ROM F:\ -> Disque CD-ROM G:\ -> Disque fixe local # 931,28 Go (909,47 Go free) [uSB-HDD] # FAT32 H:\ -> Disque amovible # 1,86 Go (1,86 Go free) [CLE CASA 2] # FAT32 I:\ -> Disque amovible ################## | Elements infectieux | Supprimé ! C:\Recycler\S-1-5-21-583907252-1979792683-839522115-1004 Supprimé ! D:\Recycler\S-1-5-21-583907252-1979792683-839522115-1004 Supprimé ! D:\Recycler\S-1-5-21-606747145-1364589140-1801674531-1004 Supprimé ! G:\autorun.inf ################## | Registre | ################## | Mountpoints2 | Supprimé ! HKCU\...\Explorer\MountPoints2\{51815dc4-f24c-11de-b07c-0008d333505c}\Shell\AutoRun\Command ################## | Listing des fichiers présent | [14/09/2009 17:17|--a------|202] C:\boot.ini [02/03/2006 14:00|-rahs----|4952] C:\Bootfont.bin [07/11/2007 09:00|--a------|17734] C:\eula.1028.txt [07/11/2007 09:00|--a------|17734] C:\eula.1031.txt [07/11/2007 09:00|--a------|10134] C:\eula.1033.txt [07/11/2007 09:00|--a------|17734] C:\eula.1036.txt [07/11/2007 09:00|--a------|17734] C:\eula.1040.txt [07/11/2007 09:00|--a------|118] C:\eula.1041.txt [07/11/2007 09:00|--a------|17734] C:\eula.1042.txt [07/11/2007 09:00|--a------|17734] C:\eula.2052.txt [07/11/2007 09:00|--a------|17734] C:\eula.3082.txt [07/11/2007 09:00|--a------|1110] C:\globdata.ini [07/11/2007 09:03|--a------|562688] C:\install.exe [07/11/2007 09:00|--a------|843] C:\install.ini [07/11/2007 09:03|--a------|76304] C:\install.res.1028.dll [07/11/2007 09:03|--a------|96272] C:\install.res.1031.dll [07/11/2007 09:03|--a------|91152] C:\install.res.1033.dll [07/11/2007 09:03|--a------|97296] C:\install.res.1036.dll [07/11/2007 09:03|--a------|95248] C:\install.res.1040.dll [07/11/2007 09:03|--a------|81424] C:\install.res.1041.dll [07/11/2007 09:03|--a------|79888] C:\install.res.1042.dll [07/11/2007 09:03|--a------|75792] C:\install.res.2052.dll [07/11/2007 09:03|--a------|96272] C:\install.res.3082.dll [16/08/2008 09:16|-rahs----|0] C:\IO.SYS [28/08/2009 12:22|--a------|17480] C:\JavaRa.log [03/05/2010 08:02|--a------|127] C:\mbam-error.txt [16/08/2008 09:16|-rahs----|0] C:\MSDOS.SYS [02/03/2006 14:00|-rahs----|47564] C:\NTDETECT.COM [28/01/2009 13:31|-rahs----|252240] C:\ntldr [?|?|?] C:\pagefile.sys [22/05/2010 17:44|--a------|13030] C:\PDOXUSRS.NET [23/07/2009 14:01|--a------|2554] C:\rapport.txt [22/05/2010 19:21|--a------|3233] C:\UsbFix.txt [07/11/2007 09:00|--a------|5686] C:\vcredist.bmp [07/11/2007 09:09|--a------|1442522] C:\VC_RED.cab [07/11/2007 09:12|--a------|232960] C:\VC_RED.MSI [12/03/2009 15:48|--ahs----|6656] D:\Thumbs.db ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). # G:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). ++
  13. casasax
    -------------------- Merci de prendre en charge ! J'ai honte de le dire, mais en fait, je ne sais pas me servir de Kasper IS je me borne à le laisser faire son travail en tache de fond...... Bon: j'ai branché mon app.photo - ma cle USB - mon téléphone - mon disque dur externe. Voila le rapport USBFIX ############################## | UsbFix V6.114 | User : CASANOVA Pierre (Administrateurs) # CASANOVA-93A608 Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 18:35:35 | 22/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : [email protected] AMD Hammer Family processor - Model Unknown Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : Kaspersky Internet Security 9.0.0.736 [ Enabled | Updated ] FW : Kaspersky Internet Security[ Enabled ]9.0.0.736 A:\ -> Lecteur de disquettes 3 ½ pouces C:\ -> Disque fixe local # 76,32 Go (55,2 Go free) # NTFS D:\ -> Disque fixe local # 37,27 Go (25,16 Go free) [Disque2] # NTFS E:\ -> Disque CD-ROM F:\ -> Disque CD-ROM G:\ -> Disque fixe local # 931,28 Go (909,47 Go free) [uSB-HDD] # FAT32 H:\ -> Disque amovible # 1,86 Go (1,86 Go free) [CLE CASA 2] # FAT32 I:\ -> Disque amovible ################## | Elements infectieux | G:\autorun.inf ################## | Registre | ################## | Mountpoints2 | HKCU\..\..\Explorer\MountPoints2\{51815dc4-f24c-11de-b07c-0008d333505c} Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs HKCU\..\..\Explorer\MountPoints2\{d48e9e1e-988a-11de-affb-0008d333505c} Shell\AutoRun\command =G:\Toshiba\more4you.exe ################## | Vaccin | ################## | ! Fin du rapport # UsbFix V6.114 ! |
  14. casasax
    Bonjour, une fois par mois, j'effectue différents nettoyages suivis d'une analyse ZHP. 1- scan Kaspersky IS 2- SECUNIA 3- Malwarebyte 4- Superantispyware Cette fois, l'analyse signale "système très infecté et présence de script de suppression de fichier". Si quelqu'un peut m'aider pour analyser et supprimer ce qui doit l'être, ce serait super sympa. Merci d'avance pour tout. -------------------------------------------------------------------------------- Voici le log RSIT de ce jour: Logfile of random's system information tool 1.07 (written by random/random) Run by CASANOVA Pierre at 2010-05-22 16:52:07 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 57 GB (72%) free of 78 GB Total RAM: 1022 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:52:53, on 22/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe D:\PIERRE2\RSIT.exe C:\Program Files\trend micro\CASANOVA Pierre.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: WiFi Station.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218883488640 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218891281656 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: 0072201248356952mcinstcleanup - - (no file) O23 - Service: McAfee Application Installer Cleanup (0234421248622813) (0234421248622813mcinstcleanup) - Unknown owner - C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 9490 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}] WOT Helper - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-21 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-21 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240] {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange] C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-21 26112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-03-04 512000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe [2005-02-22 589824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlus_Helper.dll,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall getPlus® for Adobe] C:\Program Files\NOS\bin\getPlus_HelperSvc.exe /UninstallGet1noarp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT] C:\Program Files\Wanadoo\Shell.exe [2004-08-23 122880] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk] C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiFi Station.lnk] C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE [2008-08-25 654848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk] D:\PIERRE\OFFICE\Office\OSA.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Secunia PSI.lnk] C:\PROGRA~1\Secunia\PSI\psi.exe [2009-08-21 900816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "InterBaseServer"=3 "InterBaseGuardian"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit] C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x95000000 "NoDriveAutorun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveTypeAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX" "C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe:*:Disabled:Atout Pique sur Internet" "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe:*:Disabled:AVG Anti-Spyware" "C:\Program Files\MobaPhoto\MobaPhoto.exe"="C:\Program Files\MobaPhoto\MobaPhoto.exe:*:Disabled:The ultimate toolbox for digital photography" "C:\Program Files\Hercules\Classic Link\Station2.exe"="C:\Program Files\Hercules\Classic Link\Station2.exe:*:Enabled:Hercules Webcam Station Evolution" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe"="C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:*:Enabled:IziSpot" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51815dc4-f24c-11de-b07c-0008d333505c}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d48e9e1e-988a-11de-affb-0008d333505c}] shell\AutoRun\command - G:\Toshiba\more4you.exe ======List of files/folders created in the last 1 months====== 2010-05-22 16:52:07 ----D---- C:\rsit 2010-05-12 07:36:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-04-28 07:30:44 ----HD---- C:\Program Files\Uninstall Information 2010-04-26 16:37:30 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\vlc 2010-04-24 10:34:54 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\LiveCAD3 2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-04-24 10:32:44 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-04-24 10:32:43 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-04-24 10:32:41 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-04-24 10:32:40 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-04-24 10:32:38 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2010-04-24 10:32:33 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2010-04-24 10:32:31 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2010-04-24 10:32:30 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2010-04-24 10:32:27 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2010-04-24 10:32:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2010-04-24 10:32:23 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2010-04-24 10:32:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2010-04-24 10:32:18 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2010-04-24 10:32:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2010-04-24 10:32:12 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2010-04-24 10:32:10 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2010-04-24 10:31:58 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2010-04-24 10:31:57 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2010-04-24 10:31:56 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2010-04-24 10:31:52 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2010-04-24 10:31:48 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2010-04-24 10:31:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2010-04-24 10:31:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2010-04-24 10:28:51 ----D---- C:\WINDOWS\Logs 2010-04-23 13:34:29 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab ======List of files/folders modified in the last 1 months====== 2010-05-22 16:52:53 ----D---- C:\Program Files\Trend Micro 2010-05-22 16:51:45 ----D---- C:\WINDOWS\Prefetch 2010-05-22 16:36:53 ----D---- C:\WINDOWS\Temp 2010-05-22 09:40:27 ----D---- C:\Program Files\Mozilla Firefox 2010-05-21 14:59:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-21 09:18:09 ----D---- C:\WINDOWS 2010-05-20 18:21:57 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\Spyware Terminator 2010-05-20 18:16:28 ----D---- C:\Program Files\Freecorder 2010-05-20 14:31:12 ----RD---- C:\Program Files 2010-05-19 19:37:52 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-19 19:16:57 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-19 18:58:59 ----D---- C:\WINDOWS\system32\config 2010-05-19 18:58:25 ----D---- C:\WINDOWS\system32\wbem 2010-05-19 18:58:25 ----D---- C:\WINDOWS\Registration 2010-05-12 10:07:10 ----D---- C:\WINDOWS\Debug 2010-05-12 07:59:01 ----D---- C:\WINDOWS\system32 2010-05-12 07:44:32 ----SHD---- C:\WINDOWS\Installer 2010-05-12 07:42:44 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-05-12 07:37:12 ----HD---- C:\WINDOWS\inf 2010-05-12 07:36:59 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-05-12 07:36:59 ----D---- C:\Program Files\Outlook Express 2010-05-12 07:10:19 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-08 08:53:42 ----D---- C:\Documents and Settings 2010-05-06 19:47:46 ----D---- C:\Program Files\ZebHelpProcess 2010-05-06 19:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2010-05-06 11:26:18 ----D---- C:\Documents and Settings\All Users\Application Data\albumphoto 2010-05-06 11:12:18 ----D---- C:\Program Files\monAlbumPhoto 2010-05-06 11:10:32 ----D---- C:\WINDOWS\WinSxS 2010-05-05 08:40:23 ----D---- C:\WINDOWS\system32\drivers 2010-05-03 14:18:29 ----D---- C:\Program Files\Spyware Terminator 2010-05-03 08:02:37 ----A---- C:\mbam-error.txt 2010-05-03 08:02:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe 2010-04-26 17:10:16 ----D---- C:\Program Files\TubeMaster++ 2010-04-26 16:33:36 ----D---- C:\Program Files\VideoLAN 2010-04-24 12:16:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-04-24 12:16:01 ----D---- C:\Program Files\SpywareBlaster 2010-04-24 10:32:49 ----D---- C:\WINDOWS\system32\DirectX 2010-04-24 10:31:52 ----RSD---- C:\WINDOWS\assembly 2010-04-24 10:31:37 ----D---- C:\WINDOWS\Microsoft.NET 2010-04-24 10:31:20 ----HD---- C:\WINDOWS\msdownld.tmp 2010-04-24 09:26:01 ----SD---- C:\WINDOWS\Tasks 2010-04-23 13:44:24 ----SHD---- C:\System Volume Information 2010-04-23 13:34:29 ----D---- C:\Program Files\Kaspersky Lab 2010-04-23 13:28:47 ----SD---- C:\WINDOWS\system32\Microsoft 2010-04-23 12:47:28 ----D---- C:\Program Files\Fichiers communs 2010-04-23 12:15:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-04-23 315408] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-04 5632] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-06 21419] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792] R3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-27 98432] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944] R3 PAC7302;Hercules Classic Link; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984] R3 RT61;802.11g Wireless Driver RT61; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-12-01 395648] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-02-01 176128] S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [] S3 mbr;mbr; \??\C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\mbr.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys [] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [] S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Rt73.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504] R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-21 153376] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-15 488960] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 0234421248622813mcinstcleanup;McAfee Application Installer Cleanup (0234421248622813); C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE C:\PROGRA~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  15. casasax
    Personne depuis 12h ? Pas de problème, je reposerais la question un autre jour: je dois m'absenter. A bientôt CASASAX
×
×
  • Créer...