RESOLU ---ZHP m'indique "système très infecté" !&#33

[casasax]

RAPPORT RSIT

 

 

Logfile of random's system information tool 1.07 (written by random/random)

Run by CASANOVA Pierre at 2010-05-23 17:13:06

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 57 GB (72%) free of 78 GB

Total RAM: 1022 MB (52% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:13:21, on 23/05/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Hercules\WiFi Station\WifiStation.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe

D:\PIERRE2\RSIT.exe

C:\Program Files\trend micro\CASANOVA Pierre.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll

O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll

O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"

O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: WiFi Station.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218883488640

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218891281656

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: 0072201248356952mcinstcleanup - - (no file)

O23 - Service: McAfee Application Installer Cleanup (0234421248622813) (0234421248622813mcinstcleanup) - Unknown owner - C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 

--

End of file - 9415 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]

Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]

WOT Helper - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-21 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-21 79648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240]

{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre0.dll [2010-05-20 2515552]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]

C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-21 26112]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]

C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-03-04 512000]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]

C:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]

C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

C:\Program Files\Logitech\Video\ManifestEngine.exe boot []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

C:\Program Files\Logitech\Video\ISStart.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

C:\Program Files\Logitech\Video\LogiTray.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]

C:\Program Files\VIA\RAID\raid_tool.exe [2005-02-22 589824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2]

C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager]

C:\Program Files\NOS\bin\getPlus_Helper.dll,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall getPlus® for Adobe]

C:\Program Files\NOS\bin\getPlus_HelperSvc.exe /UninstallGet1noarp []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]

C:\Program Files\Wanadoo\Shell.exe [2004-08-23 122880]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]

C:\PROGRA~1\Wanadoo\Watch.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]

C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 110592]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk]

C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

C:\PROGRA~1\MICROS~3\Office10\OSA.EXE []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiFi Station.lnk]

C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE [2008-08-25 654848]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]

C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]

D:\PIERRE\OFFICE\Office\OSA.EXE []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^CASANOVA Pierre^Menu Démarrer^Programmes^Démarrage^Secunia PSI.lnk]

C:\PROGRA~1\Secunia\PSI\psi.exe [2009-08-21 900816]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"InterBaseServer"=3

"InterBaseGuardian"=2

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\WINDOWS\system32\klogon.dll [2009-10-20 219664]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]

C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=255

"NoDriveAutorun"=255

"HonorAutoRunSetting"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

"NoDriveTypeAutoRun"=

"NoDriveAutoRun"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"

"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX"

"C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe:*:Disabled:Atout Pique sur Internet"

"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe:*:Disabled:AVG Anti-Spyware"

"C:\Program Files\MobaPhoto\MobaPhoto.exe"="C:\Program Files\MobaPhoto\MobaPhoto.exe:*:Disabled:The ultimate toolbox for digital photography"

"C:\Program Files\Hercules\Classic Link\Station2.exe"="C:\Program Files\Hercules\Classic Link\Station2.exe:*:Enabled:Hercules Webcam Station Evolution"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe"="C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:*:Enabled:IziSpot"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

 

======List of files/folders created in the last 1 months======

 

2010-05-23 16:48:48 ----A---- C:\TB.txt

2010-05-23 16:48:11 ----D---- C:\ToolBar SD

2010-05-22 19:21:52 ----RASHD---- C:\autorun.inf

2010-05-22 16:52:07 ----D---- C:\rsit

2010-05-12 07:36:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

2010-04-28 07:30:44 ----HD---- C:\Program Files\Uninstall Information

2010-04-26 16:37:30 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\vlc

2010-04-24 10:34:54 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\LiveCAD3

2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAudio2_6.dll

2010-04-24 10:32:46 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll

2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\xactengine3_6.dll

2010-04-24 10:32:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll

2010-04-24 10:32:44 ----A---- C:\WINDOWS\system32\XAudio2_5.dll

2010-04-24 10:32:43 ----A---- C:\WINDOWS\system32\xactengine3_5.dll

2010-04-24 10:32:41 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll

2010-04-24 10:32:40 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll

2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll

2010-04-24 10:32:39 ----A---- C:\WINDOWS\system32\d3dx10_42.dll

2010-04-24 10:32:38 ----A---- C:\WINDOWS\system32\D3DX9_42.dll

2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DX9_41.dll

2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll

2010-04-24 10:32:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll

2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll

2010-04-24 10:32:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll

2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll

2010-04-24 10:32:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll

2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll

2010-04-24 10:32:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll

2010-04-24 10:32:33 ----A---- C:\WINDOWS\system32\D3DX9_40.dll

2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAudio2_3.dll

2010-04-24 10:32:32 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll

2010-04-24 10:32:31 ----A---- C:\WINDOWS\system32\xactengine3_3.dll

2010-04-24 10:32:30 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll

2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAudio2_2.dll

2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll

2010-04-24 10:32:29 ----A---- C:\WINDOWS\system32\xactengine3_2.dll

2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\d3dx10_39.dll

2010-04-24 10:32:28 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll

2010-04-24 10:32:27 ----A---- C:\WINDOWS\system32\D3DX9_39.dll

2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll

2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll

2010-04-24 10:32:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll

2010-04-24 10:32:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll

2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DX9_38.dll

2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll

2010-04-24 10:32:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll

2010-04-24 10:32:23 ----A---- C:\WINDOWS\system32\XAudio2_0.dll

2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll

2010-04-24 10:32:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll

2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll

2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\d3dx10_37.dll

2010-04-24 10:32:21 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll

2010-04-24 10:32:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll

2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll

2010-04-24 10:32:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll

2010-04-24 10:32:18 ----A---- C:\WINDOWS\system32\d3dx9_36.dll

2010-04-24 10:32:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll

2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll

2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll

2010-04-24 10:32:16 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll

2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\xactengine2_8.dll

2010-04-24 10:32:15 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll

2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx9_34.dll

2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\d3dx10_34.dll

2010-04-24 10:32:14 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll

2010-04-24 10:32:12 ----A---- C:\WINDOWS\system32\xinput1_3.dll

2010-04-24 10:32:10 ----A---- C:\WINDOWS\system32\xactengine2_7.dll

2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\d3dx10_33.dll

2010-04-24 10:32:05 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll

2010-04-24 10:31:58 ----A---- C:\WINDOWS\system32\d3dx9_33.dll

2010-04-24 10:31:57 ----A---- C:\WINDOWS\system32\xactengine2_6.dll

2010-04-24 10:31:56 ----A---- C:\WINDOWS\system32\xactengine2_5.dll

2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\xactengine2_4.dll

2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll

2010-04-24 10:31:55 ----A---- C:\WINDOWS\system32\d3dx9_31.dll

2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xinput1_2.dll

2010-04-24 10:31:54 ----A---- C:\WINDOWS\system32\xactengine2_3.dll

2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xinput1_1.dll

2010-04-24 10:31:53 ----A---- C:\WINDOWS\system32\xactengine2_2.dll

2010-04-24 10:31:52 ----A---- C:\WINDOWS\system32\xactengine2_1.dll

2010-04-24 10:31:48 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\xactengine2_0.dll

2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll

2010-04-24 10:31:47 ----A---- C:\WINDOWS\system32\d3dx9_29.dll

2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll

2010-04-24 10:31:46 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

2010-04-24 10:31:45 ----A---- C:\WINDOWS\system32\d3dx9_26.dll

2010-04-24 10:31:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll

2010-04-24 10:31:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

2010-04-24 10:28:51 ----D---- C:\WINDOWS\Logs

 

======List of files/folders modified in the last 1 months======

 

2010-05-23 17:13:09 ----D---- C:\Program Files\Trend Micro

2010-05-23 17:05:17 ----D---- C:\WINDOWS\Temp

2010-05-23 16:36:31 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

2010-05-23 16:34:24 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-05-23 16:33:34 ----RD---- C:\Program Files

2010-05-23 16:33:18 ----D---- C:\WINDOWS\Prefetch

2010-05-22 19:45:29 ----D---- C:\WINDOWS\system32\CatRoot2

2010-05-22 19:39:45 ----D---- C:\WINDOWS

2010-05-22 19:20:13 ----SHD---- C:\RECYCLER

2010-05-22 16:55:47 ----D---- C:\Program Files\ZebHelpProcess

2010-05-22 09:40:27 ----D---- C:\Program Files\Mozilla Firefox

2010-05-20 18:21:57 ----D---- C:\Documents and Settings\CASANOVA Pierre\Application Data\Spyware Terminator

2010-05-20 18:16:28 ----D---- C:\Program Files\Freecorder

2010-05-19 19:16:57 ----D---- C:\WINDOWS\system32\CatRoot

2010-05-19 18:58:59 ----D---- C:\WINDOWS\system32\config

2010-05-19 18:58:25 ----D---- C:\WINDOWS\system32\wbem

2010-05-19 18:58:25 ----D---- C:\WINDOWS\Registration

2010-05-12 10:07:10 ----D---- C:\WINDOWS\Debug

2010-05-12 07:59:01 ----D---- C:\WINDOWS\system32

2010-05-12 07:44:32 ----SHD---- C:\WINDOWS\Installer

2010-05-12 07:42:44 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2010-05-12 07:37:12 ----HD---- C:\WINDOWS\inf

2010-05-12 07:36:59 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-05-12 07:36:59 ----D---- C:\Program Files\Outlook Express

2010-05-12 07:10:19 ----HD---- C:\WINDOWS\$hf_mig$

2010-05-08 08:53:42 ----D---- C:\Documents and Settings

2010-05-06 19:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator

2010-05-06 11:26:18 ----D---- C:\Documents and Settings\All Users\Application Data\albumphoto

2010-05-06 11:12:18 ----D---- C:\Program Files\monAlbumPhoto

2010-05-06 11:10:32 ----D---- C:\WINDOWS\WinSxS

2010-05-05 08:40:23 ----D---- C:\WINDOWS\system32\drivers

2010-05-03 14:18:29 ----D---- C:\Program Files\Spyware Terminator

2010-05-03 08:02:37 ----A---- C:\mbam-error.txt

2010-05-03 08:02:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe

2010-04-26 17:10:16 ----D---- C:\Program Files\TubeMaster++

2010-04-26 16:33:36 ----D---- C:\Program Files\VideoLAN

2010-04-24 12:16:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2010-04-24 12:16:01 ----D---- C:\Program Files\SpywareBlaster

2010-04-24 10:32:49 ----D---- C:\WINDOWS\system32\DirectX

2010-04-24 10:31:52 ----RSD---- C:\WINDOWS\assembly

2010-04-24 10:31:37 ----D---- C:\WINDOWS\Microsoft.NET

2010-04-24 10:31:20 ----HD---- C:\WINDOWS\msdownld.tmp

2010-04-24 09:26:01 ----SD---- C:\WINDOWS\Tasks

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []

R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-04-23 315408]

R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-04 5632]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-06 21419]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]

R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]

R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]

R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]

R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]

R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]

R3 RT61;802.11g Wireless Driver RT61; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-12-01 395648]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-02-01 176128]

S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []

S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []

S3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-27 98432]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]

S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]

S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []

S3 mbr;mbr; \??\C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\mbr.sys []

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]

S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []

S3 PAC7302;Hercules Classic Link; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]

S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys []

S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Rt73.sys []

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-21 153376]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-15 488960]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

S2 0234421248622813mcinstcleanup;McAfee Application Installer Cleanup (0234421248622813); C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE C:\PROGRA~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []

S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

[Apollo]

Relance Hijackthis avec Do a system scan only et coche les cases devant les lignes suivantes: SOUS VISTA/7: Clic droit sur Hijackthis/exécuter en temps qu'administrateur!

 

O23 - Service: 0072201248356952mcinstcleanup - - (no file)

O23 - Service: McAfee Application Installer Cleanup (0234421248622813) (0234421248622813mcinstcleanup) - Unknown owner - C:\DOCUME~1\CASANO~1\LOCALS~1\Temp\023442~1.EXE (file missing)

 

Ferme toutes les applications ouvertes et les navigateurs et clique sur Fix Checked

 

Comment va le pc?

 

+++

[casasax]

OK

Après toutes ces manœuvres, PLUS D'ANOMALIES

Tout semble revenu à la normale !!!

 

Merci pour tout

 

Je te souhaite une bonne soirée

 

Pierre CASANOVA

[Apollo]

Ok

 

Télécharge OTC d'Old Timer :

http://oldtimer.geekstogo.com/OTC.exe

Double clique dessus, puis clique sur le gros bouton CleanUp ! pour supprimer les outils spéciaux.

 

 

• Pense à éditer ton premier post pour rajouter "Résolu" dans le titre. Pour cela clique sur "Editer dans ton premier post. Tu pourras alors changer le titre.