tolunq

voilà ... j'ai pris pas mal de retard car je n'etais pas là. oui, j'ai essayé de faire des analyses avec hijacktis, otmoveit3, ad remover et rsit je crois ... j'aurai pas dû j'ai donc mis 4 clés usb de toutes la famille. j'ai un ddur amovible mais je ne l'ai aps sous la main avant la semaine prochaine donc pas mis. mon ps a un multiboot xp et vista. mais je ne me suis jamais servi de vista. c'était pour essayé mais je n'ai aps du tout accroché à vista donc jamais utilisé. j'ai 3 ddur sur le pc - 500 go ide, en 3 parties (dont 2 pour les OS) - et 2 de 1 t en 3 parties chacun. je voulais m'en servir en raid (miroir) mais ça n'a jamais marché donc pas utilisé. ce qui me pose questions, c'est comme je le mettais avant, le keylogger trouvé par kis, le eorezo et sutout l'hisoire d'ip bloqué sur 1 site à cause de spam. voici le rapport : ComboFix 09-04-01.01 - moi 2009-04-03 10:55:52.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3327.2625 [GMT 2:00] Lancé depuis: c:\documents and settings\moi\Bureau\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) FW: Kaspersky Internet Security *disabled* * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\404Fix.exe c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\dumphive.exe c:\windows\system32\Dvbpws.dll c:\windows\system32\IEDFix.C.exe c:\windows\system32\IEDFix.exe c:\windows\system32\o4Patch.exe c:\windows\system32\Process.exe c:\windows\system32\pthreadGC2.dll c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe P:\AutoRun.inf . ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-03 au 2009-04-03 )))))))))))))))))))))))))))))))))))) . 2009-03-24 18:20 . 2009-03-24 18:20 <REP> d-------- c:\documents and settings\moi\Application Data\CyberLink 2009-03-24 18:10 . 2009-03-24 18:12 <REP> d-------- c:\program files\CyberLink 2009-03-24 18:10 . 2009-03-24 18:20 <REP> d-------- c:\documents and settings\All Users\Application Data\CyberLink 2009-03-21 16:15 . 2009-03-21 16:28 <REP> d-------- c:\program files\TagRename 2009-03-21 15:57 . 2009-03-21 16:15 <REP> d-------- c:\program files\Album Cover Art Downloader 2009-03-21 15:57 . 2009-03-21 16:06 <REP> d-------- c:\documents and settings\moi\Application Data\albumart 2009-03-21 13:29 . 2009-03-21 13:30 <REP> d-------- c:\program files\Mp3 tag editor 2009-03-18 13:58 . 2009-03-19 12:23 <REP> d-------- c:\documents and settings\All Users\Application Data\DVD Shrink 2009-03-18 12:42 . 2009-03-18 12:42 <REP> d-------- c:\program files\DVDShrink 2008 2009-03-16 16:38 . 2009-03-16 16:38 <REP> d-------- c:\program files\MMTVConfig 2009-03-16 16:38 . 2009-03-16 16:38 <REP> d-------- c:\documents and settings\moi\Application Data\MMTVConfig 2009-03-16 12:23 . 2009-04-01 21:00 <REP> d-------- c:\program files\splus 2009-03-16 12:23 . 2005-10-17 19:13 447,488 --a------ c:\windows\system32\splus.cpl 2009-03-16 12:15 . 2009-03-16 12:17 <REP> d-------- c:\program files\RegCleaner 2009-03-14 01:14 . 2009-03-14 01:15 <REP> d-------- c:\program files\K!TV 2009-03-12 20:16 . 2009-03-12 20:16 <REP> d-------- c:\program files\PhotomatixPro3 2009-03-09 23:16 . 2009-03-09 23:16 <REP> d-------- c:\documents and settings\moi\Application Data\TerraTec 2009-03-08 13:56 . 2009-03-08 13:56 <REP> d-------- C:\_OTMoveIt 2009-03-07 14:06 . 2008-12-13 00:02 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau 2009-03-07 14:06 . 2008-12-13 00:02 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression 2009-03-07 14:06 . 2008-12-12 23:10 <REP> d--h----- c:\documents and settings\Administrateur\Modèles 2009-03-07 14:06 . 2008-12-13 00:02 <REP> d-------- c:\documents and settings\Administrateur\Mes documents 2009-03-07 14:06 . 2008-12-13 00:02 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer 2009-03-07 14:06 . 2008-12-13 00:02 <REP> d-------- c:\documents and settings\Administrateur\Favoris 2009-03-07 14:06 . 2009-03-31 16:14 <REP> d-------- c:\documents and settings\Administrateur\Bureau 2009-03-07 14:06 . 2009-03-07 14:06 <REP> d-------- c:\documents and settings\Administrateur 2009-03-07 14:01 . 2009-03-31 16:14 <REP> d-------- C:\SmitfraudFix 2009-03-07 14:01 . 2009-03-07 13:55 1,662,785 --a------ C:\SmitfraudFix.exe 2009-03-03 20:35 . 2009-03-03 20:35 <REP> d-------- c:\program files\Micro Application . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-03 09:31 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-04-03 08:58 909,344 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-04-03 08:58 76,724 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-04-03 08:58 7,938,592 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-04-03 08:58 12,572 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-04-02 21:21 --------- d-----w c:\documents and settings\moi\Application Data\FileZilla 2009-04-01 21:13 89,601 ----a-w c:\windows\system32\drivers\klick.dat 2009-04-01 21:13 101,287 ----a-w c:\windows\system32\drivers\klin.dat 2009-04-01 20:57 --------- d-----w c:\documents and settings\moi\Application Data\Corel 2009-04-01 19:04 --------- d-----w c:\program files\Astro 2009-04-01 19:00 --------- d-----w c:\program files\Boris FX, Inc 2009-03-31 14:45 --------- d-----w c:\program files\Trojan Remover 2009-03-31 14:45 --------- d-----w c:\documents and settings\moi\Application Data\Simply Super Software 2009-03-31 14:44 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-03-31 11:21 --------- d-----w c:\documents and settings\moi\Application Data\VMNTOOLBAR 2009-03-30 16:22 --------- d-----w c:\documents and settings\moi\Application Data\dvdcss 2009-03-24 16:13 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-19 10:45 --------- d-----w c:\documents and settings\moi\Application Data\Nero 2009-03-08 11:00 --------- d-----w c:\documents and settings\moi\Application Data\EoRezo 2009-03-01 15:34 --------- d-----w c:\documents and settings\moi\Application Data\proDAD 2009-03-01 15:33 --------- d-----w c:\program files\proDAD 2009-03-01 15:33 --------- d-----w c:\program files\LooksBuilderSE 2009-03-01 15:30 --------- d-----w c:\program files\Pinnacle 2009-03-01 15:29 --------- d-----w c:\program files\SureThing Express Labeler 2009-03-01 15:12 --------- d-----w c:\program files\Fichiers communs\SureThing Shared 2009-03-01 15:10 --------- d-----w c:\program files\Fichiers communs\Pinnacle 2009-03-01 15:10 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle Studio Ultimate 2009-03-01 15:07 --------- d-----w c:\program files\Fichiers communs\Yahoo! 2009-03-01 15:07 --------- d-----w c:\documents and settings\All Users\Application Data\Studio 12 2009-03-01 15:07 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle Studio Plus 2009-03-01 14:43 --------- d-----w c:\program files\Stardock 2009-02-28 15:05 --------- d-----w c:\program files\Pando Networks 2009-02-26 21:18 --------- d-----w c:\program files\7-Zip 2009-02-26 00:07 --------- d-----w c:\program files\TVersity Codec Pack 2009-02-25 23:58 --------- d-----w c:\program files\ffdshow 2009-02-25 23:56 --------- d-----w c:\program files\TVersity 2009-02-20 20:49 --------- d-----w c:\program files\WinISO 2009-02-18 16:55 --------- d-----w c:\documents and settings\moi\Application Data\MeuhMeuhTV 2009-02-18 16:54 --------- d-----w c:\program files\MeuhMeuhTV Alpha 2009-02-17 18:54 --------- d-----w c:\program files\Rapidown 2009-02-04 14:39 33,808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-02-04 10:53 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle Studio 2009-02-04 10:53 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "SUPERAntiSpyware"="j:\superantispyware\SUPERAntiSpyware.exe" [2008-12-17 1809648] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-12-19 1434864] "LaunchList"="j:\pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2003-12-27 81920] "TrueImageMonitor.exe"="f:\acronis 2009\TrueImageMonitor.exe" [2008-10-17 4375856] "AcronisTimounterMonitor"="f:\acronis 2009\TimounterMonitor.exe" [2008-10-17 961640] "Acronis Scheduler2 Service"="c:\program files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2008-10-17 165144] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2008-10-24 90112] "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-11-20 178688] "SBCSTray"="c:\program files\Sunbelt Software\CounterSpy\SBCSTray.exe" [2007-08-27 698864] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-04 136600] "Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2008-12-14 3960552] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-04 206088] "RTHDCPL"="RTHDCPL.EXE" [2008-05-16 c:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "j:\superantispyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 15:56 352256 j:\superantispyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.xvid"= xvid.dll "VIDC.MJPG"= pvmjpg30.dll "vidc.dvsd"= pdvcodec.dll "vidc.mjpx"= Pvmjpg30.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "g:\\COD\\CoDWaW.exe"= "g:\\COD\\CoDWaWmp.exe"= "c:\\Program Files\\Webcam Zone Trigger 2\\ZoneTrigger.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "j:\\Assassin's Creed\\AssassinsCreed_Dx9.exe"= "j:\\Assassin's Creed\\AssassinsCreed_Dx10.exe"= "j:\\Assassin's Creed\\AssassinsCreed_Launcher.exe"= "j:\\Pinnacle\\Studio 11\\programs\\RM.exe"= "j:\\Pinnacle\\Studio 11\\programs\\Studio.exe"= "j:\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"= "j:\\Pinnacle\\Studio 11\\programs\\umi.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57029:TCP"= 57029:TCP:Pando P2P TCP Listening Port "57029:UDP"= 57029:UDP:Pando P2P UDP Listening Port R0 d344bus;d344bus;c:\windows\system32\drivers\d344bus.sys [2008-12-13 137216] R0 d344prt;d344prt;c:\windows\system32\drivers\d344prt.sys [2008-12-13 5248] R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 33808] R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2008-06-24 150568] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-03-31 28544] R0 SBHR;SBHR;c:\windows\system32\drivers\sbhr.sys [2008-12-18 15544] R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [2008-12-13 134272] R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [2008-12-13 971232] R1 SASDIFSV;SASDIFSV;j:\superantispyware\sasdifsv.sys [2008-12-04 8944] R1 SASKUTIL;SASKUTIL;j:\superantispyware\SASKUTIL.SYS [2008-12-04 55024] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2006-11-02 17:51:58 13560] R2 ARGUS;ARGUS;c:\windows\system32\drivers\ARGUS.sys [2008-12-13 65280] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-12-13 84992] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2008-12-13 36864] R3 SASENUM;SASENUM;j:\superantispyware\SASENUM.SYS [2008-12-04 7408] R3 SBAPIFS;SBAPIFS;\??\c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?] S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [2008-12-15 59776] S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [2008-12-15 19456] S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [2008-12-15 9600] S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - SBAPIFS [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98efeb7b-c891-11dd-ad83-806d6172696f}] \Shell\AutoRun\command - D:\atisetup.exe . - - - - ORPHELINS SUPPRIMES - - - - BHO-{140BD8E3-C167-11D4-B4A3-080000180323} - (no file) HKLM-Run-EoNet - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Connection Wizard,ShellNext = hxxp://www.leadtek.com.tw/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - f:\micros~1\OFFICE11\EXCEL.EXE/3000 IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\ FF - prefs.js: browser.startup.homepage - www.google.fr FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\program files\Virtools\3D Life Player\npvirtools.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.bookmark_page", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.current_page", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.restore_default", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importBookmarksHTML", true); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importDefaults", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.search.selectedEngine", "xeoo.com"); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("keyword.URL", "http://xeoo.com/?p=url&a=firefox&k="); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.startup.homepage", "http://www.xeoo.com/?p=h&a=firefox"); . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-03 11:32:00 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,49,93,b7,f0,c0, 94,1f,4f,c8,28,51,af,b0,29,a3,98,a8,8c,50,70,37,27,61,5f,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,3a,9b,da,09,55, fb,89,46,71,3b,04,66,8b,46,0d,96,92,a9,ed,24,b5,da,b7,14,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,99,c6,e9,0e,94, b7,d6,6d,25,da,ec,7e,55,20,c9,26,a8,92,fb,f7,81,77,94,85,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,c6,b8,64,78,73, 12,dc,1c,3e,1e,9e,e0,57,5a,93,61,54,2e,ee,e2,ce,73,db,ad,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,33,2d,5c,76,ad, 1f,9f,bc,cd,44,cd,b9,a6,33,6c,cd,94,de,66,78,8c,b1,f7,60,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,97,de,0c,ce,6e, 97,e6,69,b0,18,ed,a7,3f,8d,37,a4,92,c3,15,fd,2e,2c,c8,7f,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,9d,ef,5d,42,05, c4,ae,e7,31,77,e1,ba,b1,f8,68,02,37,d4,52,5e,34,c0,47,1b,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,b4,d5,9d,43,1d, f5,c9,1a,83,6c,56,8b,a0,85,96,ab,93,0e,df,da,bc,8d,3c,df,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,fb,1b,bb,be,9e, ac,cf,fc,51,fa,6e,91,28,9e,14,cc,9a,d3,1d,7a,77,0d,4b,35,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,c6,47,1a,07,a0, e8,2b,c0,b1,cd,45,5a,a8,c4,f8,b9,35,34,2d,94,24,b9,c4,9f,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,ac,61,be,34,f6, 52,e7,c0,e3,0e,66,d5,eb,bc,2f,6b,f7,d4,9e,a2,ae,78,b3,32,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,87,16,47,77,89, e2,4f,4a,fa,ea,66,7f,d4,3b,6b,70,c5,35,30,50,95,47,27,49,6c,43,2d,1e,aa,22,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1540) j:\superantispyware\SASWINLO.dll c:\documents and settings\moi\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL c:\windows\system32\Ati2evxx.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Fichiers communs\Acronis\Schedule2\schedul2.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\PSIService.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\Sunbelt Software\CounterSpy\SBCSSvc.exe c:\program files\TVersity\Media Server\MediaServer.exe c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\ati2evxx.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-04-03 11:33:40 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-03 09:33:37 Avant-CF: 100 981 907 456 octets libres Après-CF: 100,890,722,304 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe ; ;Warning: Boot.ini is used on Windows XP and earlier operating systems. ;Warning: Use BCDEDIT.exe to modify Windows Vista boot options. ; [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /NOEXECUTE=OPTIN /FASTDETECT 355 --- E O F --- 2009-03-21 21:03:32 merci encore

visiblement j'ai une ip fixe ... j'ai déjà essayé de débrancher et rebrancher le routeur-modem mais l'ip est toujours la même. voici le fichier log.txt : Logfile of random's system information tool 1.06 (written by random/random) Run by moi at 2009-04-01 22:40:55 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 97 GB (54%) free of 180 GB Total RAM: 3327 MB (62% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:41:03, on 01/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\D-Tools\daemon.exe F:\acronis 2009\TrueImageMonitor.exe F:\acronis 2009\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe J:\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe F:\Microsoft Office 2003\OFFICE11\WINWORD.EXE F:\PAINTSHOP PRO 11\Corel Paint Shop Pro Photo.exe C:\Documents and Settings\moi\Bureau\RSIT.exe C:\Documents and Settings\moi\Bureau\tout contre les trojans et autres\moi.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.leadtek.com.tw/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036 O4 - HKLM\..\Run: [TrueImageMonitor.exe] "F:\acronis 2009\TrueImageMonitor.exe" O4 - HKLM\..\Run: [AcronisTimounterMonitor] "F:\acronis 2009\TimounterMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinFastDTV] "C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" O4 - HKLM\..\Run: [sBCSTray] "C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [babylon Client] "C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] J:\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [LaunchList] "J:\Pinnacle\Studio 11\LaunchList2.exe" O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - J:\SUPERAntiSpyware\SASWINLO.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10005 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}] VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2006-11-17 2533376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-09-02 75272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440] "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176] "DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2003-12-27 81920] "TrueImageMonitor.exe"=F:\acronis 2009\TrueImageMonitor.exe [2008-10-17 4375856] "AcronisTimounterMonitor"=F:\acronis 2009\TimounterMonitor.exe [2008-10-17 961640] "Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2008-10-17 165144] "WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2008-10-24 90112] "ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688] ""= [] "SBCSTray"=C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe [2007-08-27 698864] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-04 136600] "Babylon Client"=C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [2008-12-14 3960552] "EoNet"= [] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-04 206088] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "SUPERAntiSpyware"=J:\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-17 1809648] "ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-12-19 1434864] "LaunchList"=J:\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496] ""= [] "AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-12-13 2356088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] J:\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2008-06-03 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-11-11 218376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=J:\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBCSSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "G:\COD\CoDWaW.exe"="G:\COD\CoDWaW.exe:*:Enabled:Call of Duty® - World at War " "G:\COD\CoDWaWmp.exe"="G:\COD\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War " "C:\Program Files\Webcam Zone Trigger 2\ZoneTrigger.exe"="C:\Program Files\Webcam Zone Trigger 2\ZoneTrigger.exe:*:Enabled:Zone Trigger 2" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "J:\Assassin's Creed\AssassinsCreed_Dx9.exe"="J:\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9" "J:\Assassin's Creed\AssassinsCreed_Dx10.exe"="J:\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10" "J:\Assassin's Creed\AssassinsCreed_Launcher.exe"="J:\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update" "J:\Pinnacle\Studio 11\programs\RM.exe"="J:\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager" "J:\Pinnacle\Studio 11\programs\Studio.exe"="J:\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio" "J:\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="J:\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile" "J:\Pinnacle\Studio 11\programs\umi.exe"="J:\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager" "C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio" "C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi" "C:\Documents and Settings\moi\Local Settings\Temp\{5A0D905C-C3DB-4C87-B8FF-EEE1C511121F}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrHelper.exe"="C:\Documents and Settings\moi\Local Settings\Temp\{5A0D905C-C3DB-4C87-B8FF-EEE1C511121F}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98efeb7b-c891-11dd-ad83-806d6172696f}] shell\AutoRun\command - D:\atisetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}] shell\AutoRun\command - EXPLORER.EXE shell\explore\command - EXPLORER.EXE shell\open\command - EXPLORER.EXE ======List of files/folders created in the last 1 months====== 2009-04-01 22:40:55 ----D---- C:\rsit 2009-04-01 19:17:54 ----D---- C:\Program Files\Ad-remover 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\VACFix.exe 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\o4Patch.exe 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\IEDFix.exe 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe 2009-03-31 16:04:38 ----A---- C:\WINDOWS\system32\404Fix.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\swxcacls.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\swsc.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\swreg.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\Process.exe 2009-03-31 16:04:37 ----A---- C:\WINDOWS\system32\dumphive.exe 2009-03-24 18:20:43 ----D---- C:\Documents and Settings\moi\Application Data\CyberLink 2009-03-24 18:10:25 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2009-03-24 18:10:12 ----D---- C:\Program Files\CyberLink 2009-03-21 16:15:30 ----D---- C:\Program Files\TagRename 2009-03-21 15:57:49 ----D---- C:\Documents and Settings\moi\Application Data\albumart 2009-03-21 15:57:41 ----D---- C:\Program Files\Album Cover Art Downloader 2009-03-21 13:29:56 ----D---- C:\Program Files\Mp3 tag editor 2009-03-18 13:58:07 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink 2009-03-18 12:42:40 ----D---- C:\Program Files\DVDShrink 2008 2009-03-16 16:38:14 ----D---- C:\Documents and Settings\moi\Application Data\MMTVConfig 2009-03-16 16:38:06 ----D---- C:\Program Files\MMTVConfig 2009-03-16 12:23:50 ----D---- C:\Program Files\splus 2009-03-16 12:15:15 ----D---- C:\Program Files\RegCleaner 2009-03-14 01:14:50 ----D---- C:\Program Files\K!TV 2009-03-12 20:16:21 ----D---- C:\Program Files\PhotomatixPro3 2009-03-11 23:42:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-03-11 01:27:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-03-11 01:27:43 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-03-11 01:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-03-09 23:16:56 ----D---- C:\Documents and Settings\moi\Application Data\TerraTec 2009-03-08 13:56:08 ----D---- C:\_OTMoveIt 2009-03-07 14:09:46 ----A---- C:\rapport smit mode sans echec.txt 2009-03-07 14:01:18 ----A---- C:\SmitfraudFix.exe 2009-03-07 14:01:17 ----D---- C:\SmitfraudFix 2009-03-07 14:00:49 ----A---- C:\rapport smit.txt 2009-03-07 13:57:42 ----A---- C:\WINDOWS\system32\tmp.txt 2009-03-07 13:56:53 ----A---- C:\rapport.txt 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\wndtls32.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\txtls32.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\txobj32.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\Tx32.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\tx_word.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\tx_rtf32.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\tx_htm32.dll 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\ic32.ini 2009-03-03 20:35:22 ----A---- C:\WINDOWS\system32\ic32.dll 2009-03-03 20:35:08 ----D---- C:\Program Files\Micro Application ======List of files/folders modified in the last 1 months====== 2009-04-01 22:40:49 ----D---- C:\WINDOWS\Prefetch 2009-04-01 22:39:14 ----D---- C:\Documents and Settings\moi\Application Data\Corel 2009-04-01 22:31:04 ----D---- C:\WINDOWS\Temp 2009-04-01 21:55:26 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-04-01 21:54:04 ----D---- C:\Documents and Settings\moi\Application Data\FileZilla 2009-04-01 21:04:50 ----D---- C:\Program Files\Astro 2009-04-01 21:02:21 ----D---- C:\WINDOWS 2009-04-01 21:02:02 ----A---- C:\WINDOWS\SIERRA.INI 2009-04-01 21:00:45 ----D---- C:\Program Files\Boris FX, Inc 2009-04-01 21:00:24 ----A---- C:\WINDOWS\Graffiti5.2Pin.ini 2009-04-01 20:58:30 ----RD---- C:\Program Files 2009-04-01 20:58:30 ----D---- C:\WINDOWS\system32 2009-04-01 20:57:11 ----D---- C:\WINDOWS\system32\drivers 2009-04-01 20:57:09 ----D---- C:\Documents and Settings 2009-04-01 17:18:15 ----D---- C:\Program Files\Mozilla Firefox 2009-04-01 15:34:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-01 15:30:34 ----D---- C:\WINDOWS\system32\CatRoot2 2009-03-31 22:48:29 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-03-31 16:45:27 ----D---- C:\Program Files\Trojan Remover 2009-03-31 16:45:27 ----D---- C:\Documents and Settings\moi\Application Data\Simply Super Software 2009-03-31 16:44:48 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-03-31 13:23:40 ----HD---- C:\WINDOWS\inf 2009-03-31 13:22:36 ----D---- C:\WINDOWS\BDOSCAN8 2009-03-31 13:21:58 ----D---- C:\Documents and Settings\moi\Application Data\VMNTOOLBAR 2009-03-30 18:22:32 ----D---- C:\Documents and Settings\moi\Application Data\dvdcss 2009-03-24 18:13:15 ----HD---- C:\Program Files\InstallShield Installation Information 2009-03-24 18:12:45 ----SHD---- C:\WINDOWS\Installer 2009-03-24 18:11:19 ----A---- C:\WINDOWS\system32\msvcp71.dll 2009-03-22 12:27:47 ----D---- C:\WINDOWS\Debug 2009-03-19 12:45:04 ----D---- C:\Documents and Settings\moi\Application Data\Nero 2009-03-11 01:27:49 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-03-11 01:27:43 ----D---- C:\WINDOWS\WinSxS 2009-03-11 00:03:41 ----D---- C:\Program Files\Fichiers communs 2009-03-10 23:58:43 ----HD---- C:\WINDOWS\$hf_mig$ 2009-03-08 13:00:12 ----D---- C:\Documents and Settings\moi\Application Data\EoRezo 2009-03-07 14:08:54 ----SHD---- C:\RECYCLER 2009-03-07 12:11:11 ----SD---- C:\Documents and Settings\moi\Application Data\Microsoft 2009-03-06 13:06:54 ----HD---- C:\BJPrinter 2009-03-06 04:00:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-03-06 04:00:47 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-03-03 20:37:57 ----D---- C:\temp 2009-03-02 21:34:43 ----SD---- C:\WINDOWS\Downloaded Program Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-02-04 226832] R1 SASDIFSV;SASDIFSV; \??\J:\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\J:\SUPERAntiSpyware\SASKUTIL.sys [] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [] R2 ARGUS;ARGUS; C:\WINDOWS\system32\drivers\ARGUS.sys [2003-06-17 65280] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-12-13 44704] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-03 3100160] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000] R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-06-25 36864] R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 SASENUM;SASENUM; \??\J:\SUPERAntiSpyware\SASENUM.SYS [] R3 SBAPIFS;SBAPIFS; \??\C:\WINDOWS\system32\drivers\sbapifs.sys [] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 59776] S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 19456] S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 9600] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056] R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2008-10-17 554264] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-03 552960] R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-04 206088] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-04 152984] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208] R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616] R2 SBCSSvc;Sunbelt CounterSpy Antispyware; C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe [2007-08-27 788976] R2 TVersityMediaServer;TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [2007-12-30 724992] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920] S2 PCLEPCI;PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [2005-02-09 14165] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-18 654848] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- et le fichier info.txt : info.txt logfile of random's system information tool 1.06 2009-04-01 22:41:05 ======Uninstall list====== -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{74224F8D-4A17-4816-9EDB-7BB854DE532C} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3DVIA player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79} 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07} Acronis True Image Home-->MsiExec.exe /X{37C8899D-FD70-481F-94AA-1F1B08765E22} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A} Adobe Reader 8.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003} Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Ad-remover-->C:\Program Files\Ad-remover\Uninstall ADR.exe Album Cover Art Downloader 1.6.0-->"C:\Program Files\Album Cover Art Downloader\unins000.exe" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ashampoo Core Tuner 1.00-->"f:\shampoo Core Tuner\unins000.exe" Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Astro-->C:\Program Files\Astro\astrouninst.exe ASUSUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x040c -removeonly ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3} ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7} ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8} A-Z Video Converter Ultimate 8.45-->"f:\-Z\A-Z Video Converter Ultimate\unins000.exe" Babylon-->C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe BD/HD Advisor 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall BenVista PhotoZoom Pro 2.3.2-->C:\Program Files\PhotoZoom Pro 2\Uninstall.exe Brothers in Arms - Deadly Road-->F:\jeux\BROTHE~1\UNWISE.EXE F:\jeux\BROTHE~1\INSTALL.LOG Brothers in Arms: Hell's Highway-->g:\brothers in Arms - Hell's Highway\Binaries\uninst.exe Call of Duty® - World at War 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409 Call of Duty® - World at War-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c Canon i865-->C:\WINDOWS\system32\CNMCP5m.exe "-PRINTERNAMECanon i865" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i865 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i865 Installer\Inst2\cnmi040c.dll" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB} CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe Corel Paint Shop Pro Photo XI-->MsiExec.exe /X{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4} Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" DAEMON Tools-->MsiExec.exe /I{83895843-3A51-4C93-9DF3-2BDB65C7E54A} Default-->MsiExec.exe /I{22BED295-8AE7-4BDE-9E4E-FA038D83B194} DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DVDShrink 2008-->MsiExec.exe /I{EE3FBA20-AB77-46E0-9825-565807A24A66} Encyclopaedia Universalis-->"J:\universalis 2009\Encyclopaedia Universalis\Uninstall_Encyclopaedia Universalis\Désinstaller Encyclopaedia Universalis 2009.exe" Express Gate-->MsiExec.exe /I{A0494B41-EBD7-4C0D-91B7-DC39741B27BB} ffdshow [rev 1723] [2007-12-24]-->"C:\Program Files\ffdshow\unins000.exe" FileZilla Client 3.1.6-->C:\Program Files\FileZilla FTP Client\uninstall.exe Fraps-->"C:\Fraps\uninstall.exe" FTP Expert 3-->"F:\FTP Expert 3\uninst-ftp.exe" GPL Ghostscript 8.54-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.54\uninstal.txt" GPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\moi\Bureau\HijackThis.exe" /uninstall Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} JMicron JMB36X Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly K!TV-->C:\Program Files\K!TV\UninstKTV.exe Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} Le bricolage pratique (Electricité - plomberie)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1499819F-1E2E-419E-A363-6058CD700A5E}\setup.exe" -l0x40c Leroy Merlin - RéussirVotreProjetCouleur-->"C:\leroy Merlin\uninstall.exe" Magic Bullet Looks Studio-->C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Studio 12\Plugins\RTFx\mblooksstudio.log marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe MeuhMeuhTV Alpha 3.0.0.32-->"C:\Program Files\MeuhMeuhTV Alpha\unins000.exe" Micro Application - 3D Architecte Expert CAD 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8BC7043-62D2-4A0D-918C-CBDF0BD70ABD}\SETUP.EXE" -l0x40c Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" MMTVConfig (désinstallation seulement)-->C:\Program Files\MMTVConfig\cfguninst.exe Mozilla Firefox (3.0.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 9-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX v8.04.25-->MsiExec.exe /X{74224F8D-4A17-4816-9EDB-7BB854DE532C} Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe Pando-->MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB} PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PDF Writer-->C:\WINDOWS\system32\uninstpw.exe C:\Program Files\PDF Writer Photo Viewer 2.3-->"C:\Program Files\Photo Viewer\uninstall.exe" Photomatix Pro version 3.0.1-->"C:\Program Files\PhotomatixPro3\unins000.exe" Pilote vidéo Pinnacle-->MsiExec.exe /X{5EB90C06-964F-4195-B83E-BD7E55C88415} Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x40c UNINSTALL Pinnacle Studio 12 Ultimate Plugins-->MsiExec.exe /I{D1860E6E-520E-4380-8433-E58E8F88B473} Pinnacle Studio 12-->MsiExec.exe /I{D041EB9E-890A-4098-8F94-51DA194AC72A} PowerDVD-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x00040c /z-uninstall proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly Retouch Pilot Full 3.1-->"j:\Retouch Pilot\unins000.exe" Security BOX® Freeware 2.0-->MsiExec.exe /X{1326473A-0200-0037-0000-8E44E2204A03} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} SoftwareUpdate 1.0-->"C:\Documents and Settings\moi\Application Data\eoRezo\SoftwareUpdate\unins000.exe" Studio 11-->C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x040c UNINSTALL -removeonly SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe" SureThing Express Labeler-->"C:\Program Files\SureThing Express Labeler\unins000.exe" Sweet Home 3D version 1.5.1-->"j:\Sweet Home 3D\unins000.exe" Système de vidéo surveillance numérique - RemoteManager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2A34EE8-F7E7-11D6-9D38-0050BAEF4D56}\Setup.exe" -l0x40c -L0x40c -uninst Système de vidéo surveillance numérique-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94E53DD-9428-11D6-90F5-0048545B0D01}\Setup.exe" -l0x40c -L0x40c -uninst Tag&Rename 3.3.5-->"C:\Program Files\TagRename\unins000.exe" TVersity Codec Pack 1.1-->C:\Program Files\TVersity Codec Pack\uninst.exe TVersity Media Server 0.9.11.4 beta-->C:\Program Files\TVersity\Media Server\uninst.exe Ulead Disc-Direct SDK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D2C1E44-7685-4D05-8342-B0DC6422FA47}\Setup.exe" -l0x9 UltraSplitter-->C:\Program Files\UltraSplitter\uninstall.exe VirtualDub 1.8.6 Fr-->"C:\Program Files\VirtualDub\unins000.exe" VirtualDub Plugin Pack 1.0.0.5 Fr-->"C:\Program Files\VirtualDub\unins001.exe" VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe VMN Toolbar-->C:\Program Files\vmntoolbar\uninstall.exe Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{868EC13B-52DA-43B9-8C05-50CD897674DF} Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinFast Codec-TS SDK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}\Setup.exe" -l0x9 WinFast De-interlace SDK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0E0340-C3D7-42D1-96D4-64179FD456AE}\Setup.exe" -l0x9 WinFast Multimedia Driver Installation -->C:\Program Files\InstallShield Installation Information\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}\setup.exe -runfromtemp -l0x0009 -removeonly WinFast PVR2-->C:\Program Files\InstallShield Installation Information\{C92C584E-C781-475E-A8E2-C67D993A6B95}\setup.exe -runfromtemp -l0x040c -removeonly WinFast TT-SB SDK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9848E2-5F19-4E49-9E6E-044FBDC28404}\Setup.exe" -l0x9 WinISO 5.3-->F:\WinISO\unins000.exe XnView 1.95.4-->"C:\Program Files\XnView\unins000.exe" xp-AntiSpy 3.96-4-->C:\Program Files\xp-AntiSpy\Uninstall.exe XviD MPEG-4 Codec-->"C:\Program Files\XviD\UninstXviD.exe" Yahoo! Desktop Login-->MsiExec.exe /I{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685} =====HijackThis Backups===== O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-01] ======Security center information====== AV: Kaspersky Internet Security FW: Kaspersky Internet Security ======System event log====== Computer Name: GIGABYTE Event Code: 7001 Message: Le service Client DNS dépend du service Pilote du protocole TCP/IP qui n'a pas pu démarrer en raison de l'erreur : Un périphérique attaché au système ne fonctionne pas correctement. Record Number: 6128 Source Name: Service Control Manager Time Written: 20090307130647.000000+060 Event Type: erreur User: Computer Name: GIGABYTE Event Code: 7001 Message: Le service Client DHCP dépend du service NetBIOS sur TCP/IP qui n'a pas pu démarrer en raison de l'erreur : Un périphérique attaché au système ne fonctionne pas correctement. Record Number: 6127 Source Name: Service Control Manager Time Written: 20090307130647.000000+060 Event Type: erreur User: Computer Name: GIGABYTE Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 6126 Source Name: DCOM Time Written: 20090307130630.000000+060 Event Type: erreur User: AUTORITE NT\SYSTEM Computer Name: GIGABYTE Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 6125 Source Name: DCOM Time Written: 20090307130623.000000+060 Event Type: erreur User: GIGABYTE\Administrateur Computer Name: GIGABYTE Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 6124 Source Name: EventLog Time Written: 20090307130536.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: GIGABYTE Event Code: 1000 Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 1901 Source Name: LoadPerf Time Written: 20090224153134.000000+060 Event Type: Informations User: Computer Name: GIGABYTE Event Code: 1001 Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide. Record Number: 1900 Source Name: LoadPerf Time Written: 20090224153129.000000+060 Event Type: Informations User: Computer Name: GIGABYTE Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 1899 Source Name: SecurityCenter Time Written: 20090224152714.000000+060 Event Type: Informations User: Computer Name: GIGABYTE Event Code: 1 Message: Record Number: 1898 Source Name: Bonjour Service Time Written: 20090224152703.000000+060 Event Type: Informations User: Computer Name: GIGABYTE Event Code: 105 Message: The service was started. Record Number: 1897 Source Name: ATI Smart Time Written: 20090224152701.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\Fichiers communs\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Pinnacle\Shared Files\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel "PROCESSOR_REVISION"=0f0b "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------

juste à l'instant ... ça fait environ 1/4 d'heure, j'ia mon antivirus qui me previent avec le message suivant : 'comportement semblable à keylogger. impossible de mettre en quarantaine". qu'est ce encore ?

bon ben je ne vois toujours pas pourquoi mon ip a été bloquée sur dvbkivabien2.info ???? encore un grand merci pour ton aide et le temps que tu as pris à me répondre. je désinstalle de suite les 2 autres antispywares. cordialement

- pour eonet, je ne sais mêm pas ce que c'est et ce que cela veut dire ... après renseignement sur google, je me souviens bien avoir téléchargé cet outil pour connaitre la vitesse de ma connection à numericable, vu que je venais de changer d'operateur. là, je suis allé sous dos et j'ai viré la dll du dossier c:\program files\eorezo et j'ai ensuite supprimé le dossier eorezo. cela suffit il ? je ne savias pas que c'était un truc à spam cet outil c'est surement à cause de lui que j'ai été bloqué à cause de spam. - pour la VMN Toolbar, je l'ai enlevé après avoir fait une analyse avec hijackthis. en fait, elle a dû se mettre d'office avec internet explorer car je ne me sers pas de ça. j'utilise toujours firefox. mais je ne savais pas que c'était une "merde". pourtant ce n'est qu'une barre d'outils. non ? - pour C:\WINDOWS\NAVIGMA.INI ... impossible à enlever même en passant par otmovieit3 et en marquant : C:\WINDOWS\NAVIGMA.INI dans la fenêtre pour l'enlever .... il met met : "Error: Unable to interpret <C:\WINDOWS\NAVIGMA.INI > in the current context! OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 04012009_201456" je n'ai pas compris pourquoi ... et dans le rapport hijackthis, je ne l'ai pas vu ... et qu'est ce que c'est que ce navigma.ini - pour les antispywares, j'ai 2 versions d'evaluation et une complete ---> superantispyware (j'ai aussi viré les 3 cracks rar ... )

bon ben ... déjà merci pour l'analyse ... quel anti spywares garder des 3 ? et tu vois à quel endroit que j'ai une infection par l'adware Eorezo, l'adware VMN et encore une autre infection ?

merci beaucoup l'aide voici donc les 2 rapports demandés. - OTViewIt OTViewIt logfile created on: 01/04/2009 17:16:49 - Run OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\moi\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 175,78 Gb Total Space | 102,33 Gb Free Space | 58,21% Space Free | Partition Type: NTFS Drive D: | 234,38 Gb Total Space | 230,45 Gb Free Space | 98,32% Space Free | Partition Type: NTFS Drive E: | 175,78 Gb Total Space | 100,91 Gb Free Space | 57,40% Space Free | Partition Type: NTFS Drive F: | 114,19 Gb Total Space | 34,66 Gb Free Space | 30,35% Space Free | Partition Type: NTFS Drive G: | 234,38 Gb Total Space | 215,03 Gb Free Space | 91,74% Space Free | Partition Type: NTFS H: Drive not present or media not loaded Drive I: | 234,38 Gb Total Space | 132,93 Gb Free Space | 56,72% Space Free | Partition Type: NTFS Drive J: | 228,38 Gb Total Space | 18,35 Gb Free Space | 8,03% Space Free | Partition Type: NTFS Computer Name: GIGABYTE Current User Name: moi Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days ========== Processes ========== [2008/06/03 05:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe [2008/11/19 10:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2008/10/17 14:25:42 | 00,554,264 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [2009/01/04 19:00:08 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe [2008/09/30 13:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe [2007/02/07 17:29:50 | 00,173,616 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007/08/27 13:09:12 | 00,788,976 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe [2007/12/30 21:42:34 | 00,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [2008/01/04 21:56:52 | 03,572,592 | ---- | M] (Webroot Software, Inc.) -- F:\Spy Sweeper\SpySweeper.exe [2008/06/03 05:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe [2008/05/16 08:39:00 | 16,862,720 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe [2007/07/17 12:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2003/12/27 21:43:26 | 00,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exe [2008/10/17 14:09:24 | 04,375,856 | ---- | M] (Acronis) -- F:\acronis 2009\TrueImageMonitor.exe [2008/10/17 14:31:10 | 00,961,640 | ---- | M] (Acronis) -- F:\acronis 2009\TimounterMonitor.exe [2008/10/17 14:25:48 | 00,165,144 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2008/10/24 11:36:10 | 00,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2008/11/20 11:06:14 | 00,178,688 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007/08/27 13:09:14 | 00,698,864 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe [2009/01/04 19:00:08 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe [2007/02/07 17:24:52 | 00,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008/01/04 21:56:58 | 05,367,664 | ---- | M] (Webroot Software, Inc.) -- F:\Spy Sweeper\SpySweeperUI.exe [2008/12/17 04:25:02 | 01,809,648 | ---- | M] (SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\SUPERAntiSpyware.exe [2007/07/17 12:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2009/01/04 19:00:08 | 00,382,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe [2008/12/28 12:29:50 | 07,757,384 | ---- | M] (http://cryptload.info) -- C:\Documents and Settings\moi\Bureau\CryptLoad\CryptLoad.exe [2008/01/04 21:34:36 | 00,214,384 | ---- | M] () -- F:\Spy Sweeper\ssu.exe [2009/04/01 17:08:45 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe [2009/04/01 17:08:45 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe ========== (O23) Win32 Services ========== [2008/11/19 10:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running]) [2008/10/17 14:25:42 | 00,554,264 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc [Auto | Running]) [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) [2008/06/03 05:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) [2008/06/02 22:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped]) [2009/02/04 16:39:23 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running]) [2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) [2008/12/18 17:03:23 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped]) [2009/01/04 19:00:08 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) [2008/09/30 13:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running]) [2003/07/28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) [2005/02/09 13:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI [Auto | Stopped]) [2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Auto | Running]) [2007/02/07 17:29:50 | 00,173,616 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running]) [2007/08/27 13:09:12 | 00,788,976 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe -- (SBCSSvc [Auto | Running]) [2007/12/30 21:42:34 | 00,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer [Auto | Running]) [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running]) [2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped]) [2008/01/04 21:56:52 | 03,572,592 | ---- | M] (Webroot Software, Inc.) -- F:\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running]) [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped]) ========== Driver Services ========== [2008/04/13 12:46:22 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883 [On_Demand | Stopped]) [2003/06/17 05:31:06 | 00,065,280 | R--- | M] (AVerMedia Systems, Inc.) -- C:\WINDOWS\system32\drivers\ARGUS.sys -- (ARGUS [Auto | Running]) [2008/06/03 08:20:54 | 03,100,160 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) [2007/11/14 21:48:20 | 00,084,992 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running]) [2008/04/13 12:46:22 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc [On_Demand | Stopped]) [2006/04/20 15:50:34 | 00,059,776 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848 [Auto | Stopped]) [2003/12/27 21:42:12 | 00,137,216 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\d344bus.sys -- (d344bus [boot | Running]) [2003/12/27 03:38:10 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\d344prt.sys -- (d344prt [boot | Running]) [2008/04/13 10:36:06 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running]) [2008/05/20 11:53:00 | 04,800,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) [2008/11/22 00:10:40 | 00,082,784 | ---- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID [boot | Running]) [2008/07/21 18:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running]) [2009/02/04 16:39:23 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [boot | Running]) [2008/03/13 19:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV [On_Demand | Running]) [2009/02/04 16:39:23 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [system | Running]) [2008/04/30 18:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5 [On_Demand | Running]) [2008/06/25 18:47:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e [On_Demand | Running]) [2007/01/04 11:07:00 | 00,171,520 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus [On_Demand | Running]) [2008/04/13 12:46:10 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV [On_Demand | Stopped]) [2004/08/13 12:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor [On_Demand | Running]) [2008/06/24 00:21:48 | 00,150,568 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\drivers\mv61xx.sys -- (mv61xx [boot | Running]) [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [boot | Running]) [2004/08/05 11:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running]) [2008/12/04 14:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [system | Running]) [2008/12/04 14:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running]) [2008/12/04 14:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [system | Running]) [2008/12/18 18:31:26 | 00,015,544 | ---- | M] () -- C:\WINDOWS\system32\drivers\sbhr.sys -- (SBHR [boot | Running]) [2008/04/13 12:40:50 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [boot | Running]) [2008/04/13 10:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped]) [2008/12/13 15:31:06 | 00,134,272 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\snman380.sys -- (snapman380 [boot | Running]) [2008/01/04 21:34:34 | 00,020,336 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\SSFS0BB9.sys -- (SSFS0BB9 [boot | Running]) [2008/01/04 21:34:34 | 00,021,872 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\sshrmd.sys -- (SSHRMD [boot | Running]) [2008/01/04 21:34:34 | 00,163,696 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\ssidrv.sys -- (SSIDRV [boot | Running]) [2008/01/04 21:34:36 | 00,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD [On_Demand | Running]) [2008/12/13 15:31:13 | 00,971,232 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tdrpm147.sys -- (tdrpman147 [boot | Running]) [2008/12/13 15:31:10 | 00,044,704 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter [Auto | Running]) [2008/12/13 15:31:10 | 00,540,000 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter [boot | Running]) [2006/04/20 16:20:22 | 00,019,456 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr [Auto | Stopped]) [2006/04/20 15:49:26 | 00,009,600 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar [Auto | Stopped]) [2008/04/13 12:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped]) [2006/11/02 17:51:58 | 00,013,560 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B} [Auto | Running]) File not found -- -- (SBAPIFS [On_Demand | Running]) ========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Extensions Off Page"=about:NoAdd-ons "Local Page"=%SystemRoot%\system32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main] "Local Page"=C:\WINDOWS\system32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.google.fr/ [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 "ProxyOverride" = *.local ========== (O1) Hosts File ========== HOSTS File = (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost ========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) {140BD8E3-C167-11D4-B4A3-080000180323} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. ) {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (HKLM) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab) {5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- C:\Program Files\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation) {9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) ========== (O3) Toolbars ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}" (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. ) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}" (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. ) ========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ""= File not found "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" boot (JMicron Technology Corp.) "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" (Acronis) "AcronisTimounterMonitor"="F:\acronis 2009\TimounterMonitor.exe" (Acronis) "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) "Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.) "ArcSoft Connection Service"="C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" (ArcSoft Inc.) "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab) "Babylon Client"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart (Babylon Ltd.) "DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" -lang 1036 (DAEMON'S HOME) "EoNet"= File not found "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe () "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k File not found "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" () "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.) "RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.) "SBCSTray"="C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" (Sunbelt Software) "SpySweeper"="F:\Spy Sweeper\SpySweeperUI.exe" /startintray (Webroot Software, Inc.) "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.) "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) "TrueImageMonitor.exe"="F:\acronis 2009\TrueImageMonitor.exe" (Acronis) "WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" (Leadtek Research Inc.) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ""= File not found "AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" (Adobe Systems Incorporated) "ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" /AUTO (Piriform Ltd) "LaunchList"="J:\Pinnacle\Studio 11\LaunchList2.exe" (Pinnacle Systems) "SUPERAntiSpyware"=J:\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) ========== (O4) Startup Folders ========== ========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=145 "ClearRecentDocsOnExit"=1 ========== (O8) IE Context Menu Extensions ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\] Ajouter à Kaspersky Anti-Bannière: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm [2008/11/11 20:47:00 | 00,001,411 | ---- | M] () E&xporter vers Microsoft Excel: F:\Microsoft Office 2003\OFFICE11\EXCEL.EXE [2008/10/13 12:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation) Translate with &Babylon: C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2008/09/25 17:47:42 | 00,121,856 | ---- | M] (Babylon Ltd.) ========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}: Button: Statistiques de la protection du trafic Internet -- %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab) {85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 02:22:06 | 00,053,248 | ---- | M] () {92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Recherche -- F:\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL [2007/04/19 15:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) {e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\] CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [statistiques de la protection du trafic Internet] -> [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab) CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> F:\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL [Recherche] -> [2007/04/19 15:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found ========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\] PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery ========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// ========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\] 1 domain(s) and sub-domain(s) not assigned to a zone. ========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\] {00000161-0000-0010-8000-00AA00389B71}: http://codecs.microsoft.com/codecs/i386/msaudio.cab -- Reg Error: Key does not exist or could not be opened. {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}: http://www.pandasecurity.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.zebulon.fr/scan8/oscan8.cab -- BDSCANONLINE Control {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11 {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11 {D27CDB6E-AE6D-11CF-96B8-444553540000}: https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab -- Shockwave Flash Object ========== (O17) DNS Name Servers ========== {52581B2C-C913-4D77-AAB1-7BB129D38ED4} (Servers: | Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller) {5C85A740-3D65-4DAE-A0F1-2735CED994A3} (Servers: | Description: ) {AAC9D48A-5BAD-4DFD-9D29-7E9CC24409C9} (Servers: | Description: Carte réseau 1394) ========== (O20) AppInit_DLLs ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll >[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll >[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll >[2008/11/11 20:59:38 | 00,083,208 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll >[2008/11/11 21:00:02 | 00,011,016 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll ========== (O20) Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\] !SASWinLogon: "DllName" = J:\SUPERAntiSpyware\SASWINLO.dll -- J:\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.) klogon: "DllName" = C:\WINDOWS\system32\klogon.dll -- C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) WRNotifier: "DllName" = WRLogonNTF.dll -- C:\WINDOWS\system32\WRLogonNtf.dll (Webroot Software, Inc.) ========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- J:\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) ========== Safeboot Options ========== "AlternateShell"=cmd.exe ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== AUTOEXEC.BAT [sET PATH=C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter | ] [2009/02/04 12:44:18 | 00,000,095 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ] autoexec.bat [REM Dummy file for NTVDM | ] [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- E:\autoexec.bat -- [ NTFS ] ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98efeb7b-c891-11dd-ad83-806d6172696f}\Shell] ""=AutoRun [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98efeb7b-c891-11dd-ad83-806d6172696f}\Shell\AutoRun\command] ""=D:\atisetup.exe -- File not found [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}\Shell\AutoRun\command] ""=C:\WINDOWS\explorer.exe -- [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}\Shell\explore\Command] ""=C:\WINDOWS\explorer.exe -- [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}\Shell\open\Command] ""=C:\WINDOWS\explorer.exe -- [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2009/04/01 17:08:35 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe [2009/04/01 17:06:33 | 56,732,410 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\L'Envol裠Sauvage for vikingland.avi.006.xtm ** - C:\Documents and Settings\moi\Bureau\L'Envol?Sauvage for vikingland.avi.006.xtm [2009/04/01 17:03:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage [2009/04/01 16:45:23 | 12,384,06056 | ---- | C] () -- C:\The.Spirit.720p.FRENCH.BluRay.x264-ForceBleue.mkv [2009/04/01 16:35:23 | 73,337,8560 | ---- | C] () -- C:\The Last Kiss.avi [2009/04/01 16:34:18 | 00,185,296 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage.htm [2009/04/01 16:34:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage_fichiers [2009/03/31 19:38:36 | 73,382,9120 | ---- | C] () -- C:\The.Spirit.REPACK.FRENCH.DVDRiP.XviD-ULTRASON.avi [2009/03/31 19:21:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\new Windows Genuine Advantage WGA 25 Mars 2009 [2009/03/31 16:04:38 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe [2009/03/31 16:04:38 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe [2009/03/31 16:04:38 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe [2009/03/31 16:04:38 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe [2009/03/31 16:04:38 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe [2009/03/31 16:04:38 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe [2009/03/31 16:04:38 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe [2009/03/31 16:04:37 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe [2009/03/31 16:04:37 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe [2009/03/31 16:04:37 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe [2009/03/31 16:04:37 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe [2009/03/31 16:04:37 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe [2009/03/31 16:04:37 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe [2009/03/31 16:04:37 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe [2009/03/31 13:24:02 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2009/03/30 16:14:42 | 79,570,1458 | ---- | C] () -- C:\American.History.X.1998.MULTi.CUSTOM.720p.BluRay.x264-GKS.mkv [2009/03/30 08:58:41 | 00,039,283 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\entre les murs.htm [2009/03/30 08:58:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\entre les murs_fichiers [2009/03/29 11:44:27 | 00,001,201 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\NonNon.gif [2009/03/29 00:36:42 | 00,104,461 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\La planète des singes.htm [2009/03/29 00:36:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\La planète des singes_fichiers [2009/03/26 23:46:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\D-Tools [2009/03/26 18:28:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\dernier firmware ptv philips [2009/03/25 12:10:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\BashBest [2009/03/25 11:59:37 | 02,936,832 | ---- | C] () -- C:\WINDOWS\System32\MA2_6.scr [2009/03/25 11:59:37 | 00,000,000 | ---D | C] -- C:\Program Files\SereneScreen [2009/03/25 00:26:30 | 00,906,763 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\amega.pdf [2009/03/24 22:53:15 | 00,400,533 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\Datasheet%20SAGEM%20ISD91%20HD%20TNTSAT%20V9.pdf [2009/03/24 22:52:55 | 00,485,019 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\SAGEM%20DTR%2094160.pdf [2009/03/24 21:24:12 | 00,328,262 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\11760d1218642596-digital8-numeriser-hi8-liste-exhaustive-digital8-1.jpg [2009/03/24 19:17:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\C_PDU_Ub_g06(2) [2009/03/24 18:25:42 | 00,459,590 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\depliant.pdf [2009/03/24 18:20:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\CyberLink [2009/03/24 18:13:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\CyberLink [2009/03/24 18:10:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2009/03/24 18:10:12 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink [2009/03/24 11:45:34 | 86,549,151 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\PowerDVD.Deluxe.v9.0.1428.by.Konoha.rar [2009/03/24 11:44:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\power dvd9 ultra_fichiers [2009/03/24 11:44:53 | 00,064,973 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\power dvd9 ultra.htm [2009/03/22 17:20:14 | 01,070,592 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\TweakMCE.msi [2009/03/21 16:48:08 | 00,109,959 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\folder.jpg [2009/03/21 16:15:30 | 00,000,000 | ---D | C] -- C:\Program Files\TagRename [2009/03/21 15:57:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\albumart [2009/03/21 15:57:41 | 00,000,000 | ---D | C] -- C:\Program Files\Album Cover Art Downloader [2009/03/21 13:29:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mp3 tag editor [2009/03/20 18:44:27 | 02,792,353 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Alain Bashung - Angora.mp3 [2009/03/19 12:23:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\Kaspersky_Key_Finder_(KKF [2009/03/19 11:28:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\pour kis 2009 [2009/03/19 01:39:25 | 00,018,207 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\winfast.jpg [2009/03/18 14:14:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Bashung - 1998 - Fantaisie militaire [2009/03/18 13:58:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink [2009/03/18 12:42:40 | 00,000,000 | ---D | C] -- C:\Program Files\DVDShrink 2008 [2009/03/18 12:12:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Alain Bashung - Climax. - 320Kbps [2009/03/16 17:43:45 | 00,567,539 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\winfast_tv2000xp_deluxe.pdf [2009/03/16 16:38:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\MMTVConfig [2009/03/16 16:38:06 | 00,000,000 | ---D | C] -- C:\Program Files\MMTVConfig [2009/03/16 12:23:50 | 00,447,488 | ---- | C] () -- C:\WINDOWS\System32\splus.cpl [2009/03/16 12:23:50 | 00,000,000 | ---D | C] -- C:\Program Files\splus [2009/03/16 12:15:15 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2009/03/15 00:45:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\lfp 2008 [2009/03/15 00:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Alain_B_B_P_for_TeamSwisspartage [2009/03/15 00:20:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Fernandel_Collection d'Or by moreno [2009/03/14 01:14:50 | 00,000,000 | ---D | C] -- C:\Program Files\K!TV [2009/03/14 00:59:43 | 03,927,248 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\NNSGuenuine-2.5.rar [2009/03/12 20:16:21 | 00,000,000 | ---D | C] -- C:\Program Files\PhotomatixPro3 [2009/03/12 14:51:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\dell [2009/03/11 23:42:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/03/11 19:24:55 | 01,549,416 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\TvApp_fra.chm [2009/03/09 23:16:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\TerraTec [2009/03/09 23:02:39 | 00,613,333 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\terratec ht pci telecommande.pdf [2009/03/08 16:22:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\anti wga windows media center [2009/03/08 16:06:11 | 78,951,8373 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Windows XP Édition Media Center 2005 Fr.rar [2009/03/08 13:56:08 | 00,000,000 | ---D | C] -- C:\_OTMoveIt [2009/03/08 13:02:54 | 00,348,160 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTMoveIt3.exe [2009/03/08 02:54:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\pour pchc [2009/03/07 14:01:18 | 01,662,785 | ---- | C] () -- C:\SmitfraudFix.exe [2009/03/07 14:01:17 | 00,000,000 | ---D | C] -- C:\SmitfraudFix [2009/03/07 13:57:41 | 00,004,562 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg [2009/03/06 12:12:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\10290306 [2009/03/05 16:18:40 | 00,386,123 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\boitier frederic.pdf [2009/03/05 02:33:41 | 00,137,252 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Voici le pack Bonus DVD pour Pinnacle 11.htm [2009/03/05 02:33:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Voici le pack Bonus DVD pour Pinnacle 11_fichiers [2009/03/03 20:35:22 | 00,446,464 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll [2009/03/03 20:35:22 | 00,337,672 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\SSTree.ocx [2009/03/03 20:35:22 | 00,327,680 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\txobj32.dll [2009/03/03 20:35:22 | 00,323,584 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_word.dll [2009/03/03 20:35:22 | 00,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX [2009/03/03 20:35:22 | 00,135,168 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_htm32.dll [2009/03/03 20:35:22 | 00,131,072 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_rtf32.dll [2009/03/03 20:35:22 | 00,081,920 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\txtls32.dll [2009/03/03 20:35:22 | 00,069,632 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\ic32.dll [2009/03/03 20:35:22 | 00,061,440 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\wndtls32.dll [2009/03/03 20:35:22 | 00,045,056 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_tif32.flt [2009/03/03 20:35:22 | 00,032,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_wmf32.flt [2009/03/03 20:35:22 | 00,032,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_bmp32.flt [2009/03/03 20:35:22 | 00,000,151 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini [2009/03/03 20:35:21 | 00,290,816 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\Tx4ole.ocx [2009/03/03 20:35:08 | 00,000,000 | ---D | C] -- C:\Program Files\Micro Application ========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files] [5 C:\WINDOWS\*.tmp files] [2009/04/01 17:15:49 | 56,732,410 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\L'Envol裠Sauvage for vikingland.avi.006.xtm ** - C:\Documents and Settings\moi\Bureau\L'Envol?Sauvage for vikingland.avi.006.xtm [2009/04/01 17:13:34 | 12,384,06056 | ---- | M] () -- C:\The.Spirit.720p.FRENCH.BluRay.x264-ForceBleue.mkv [2009/04/01 17:08:45 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe [2009/04/01 16:58:27 | 00,245,760 | ---- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/01 16:45:22 | 73,337,8560 | ---- | M] () -- C:\The Last Kiss.avi [2009/04/01 16:34:19 | 00,185,296 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage.htm [2009/04/01 15:34:22 | 01,018,544 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/04/01 15:34:22 | 00,467,620 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2009/04/01 15:34:22 | 00,400,624 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/04/01 15:34:22 | 00,075,696 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2009/04/01 15:34:22 | 00,062,286 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/04/01 15:29:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/04/01 15:29:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/03/31 22:48:33 | 07,809,568 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2009/03/31 22:48:33 | 00,909,344 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2009/03/31 22:48:33 | 00,075,716 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2009/03/31 22:48:33 | 00,012,572 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2009/03/31 19:47:58 | 73,382,9120 | ---- | M] () -- C:\The.Spirit.REPACK.FRENCH.DVDRiP.XviD-ULTRASON.avi [2009/03/31 16:42:49 | 00,079,096 | ---- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/03/31 16:39:42 | 01,577,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/03/31 16:13:20 | 00,004,562 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg [2009/03/31 15:54:04 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/03/31 00:00:02 | 00,000,310 | ---- | M] () -- C:\WINDOWS\System32\tversity.cookies [2009/03/30 19:48:31 | 00,000,573 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\Mes dossiers de partage.lnk [2009/03/30 17:48:57 | 79,570,1458 | ---- | M] () -- C:\American.History.X.1998.MULTi.CUSTOM.720p.BluRay.x264-GKS.mkv [2009/03/30 12:02:06 | 00,001,682 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009/03/30 08:58:42 | 00,039,283 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\entre les murs.htm [2009/03/29 13:59:33 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI [2009/03/29 11:44:28 | 00,001,201 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\NonNon.gif [2009/03/29 00:36:47 | 00,104,461 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\La planète des singes.htm [2009/03/25 21:26:30 | 03,701,772 | -H-- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\IconCache.db [2009/03/25 00:26:30 | 00,906,763 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\amega.pdf [2009/03/24 22:53:15 | 00,400,533 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\Datasheet%20SAGEM%20ISD91%20HD%20TNTSAT%20V9.pdf [2009/03/24 22:52:55 | 00,485,019 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\SAGEM%20DTR%2094160.pdf [2009/03/24 21:24:14 | 00,328,262 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\11760d1218642596-digital8-numeriser-hi8-liste-exhaustive-digital8-1.jpg [2009/03/24 18:25:42 | 00,459,590 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\depliant.pdf [2009/03/24 18:11:19 | 00,505,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2009/03/24 11:52:01 | 86,549,151 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\PowerDVD.Deluxe.v9.0.1428.by.Konoha.rar [2009/03/24 11:44:55 | 00,064,973 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\power dvd9 ultra.htm [2009/03/23 21:13:00 | 00,012,800 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\Settings.cfg [2009/03/23 21:13:00 | 00,004,096 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\monpetitsiteperso.ftp [2009/03/23 21:13:00 | 00,002,560 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\Par défaut.cls [2009/03/22 17:20:14 | 01,070,592 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\TweakMCE.msi [2009/03/21 16:48:08 | 02,792,353 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Alain Bashung - Angora.mp3 [2009/03/21 16:48:06 | 00,109,959 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\folder.jpg [2009/03/20 19:21:51 | 00,193,536 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\potins de famille.ftp [2009/03/19 01:39:25 | 00,018,207 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\winfast.jpg [2009/03/16 17:43:45 | 00,567,539 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\winfast_tv2000xp_deluxe.pdf [2009/03/14 00:59:58 | 03,927,248 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\NNSGuenuine-2.5.rar [2009/03/11 00:04:20 | 00,002,145 | ---- | M] () -- C:\WINDOWS\Graffiti5.2Pin.ini [2009/03/09 23:02:39 | 00,613,333 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\terratec ht pci telecommande.pdf [2009/03/09 19:17:58 | 00,527,360 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\LISTE FILMS version 3.xls [2009/03/08 16:25:48 | 78,951,8373 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Windows XP Édition Media Center 2005 Fr.rar [2009/03/08 13:02:55 | 00,348,160 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTMoveIt3.exe [2009/03/07 22:09:35 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2009/03/07 22:09:35 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2009/03/07 13:55:53 | 01,662,785 | ---- | M] () -- C:\SmitfraudFix.exe [2009/03/05 16:18:40 | 00,386,123 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\boitier frederic.pdf [2009/03/05 02:33:43 | 00,137,252 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Voici le pack Bonus DVD pour Pinnacle 11.htm [2009/03/03 20:34:23 | 00,000,348 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI < End of report > - extras : OTViewIt Extras logfile created on: 01/04/2009 17:16:49 - Run OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\moi\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 175,78 Gb Total Space | 102,33 Gb Free Space | 58,21% Space Free | Partition Type: NTFS Drive D: | 234,38 Gb Total Space | 230,45 Gb Free Space | 98,32% Space Free | Partition Type: NTFS Drive E: | 175,78 Gb Total Space | 100,91 Gb Free Space | 57,40% Space Free | Partition Type: NTFS Drive F: | 114,19 Gb Total Space | 34,66 Gb Free Space | 30,35% Space Free | Partition Type: NTFS Drive G: | 234,38 Gb Total Space | 215,03 Gb Free Space | 91,74% Space Free | Partition Type: NTFS H: Drive not present or media not loaded Drive I: | 234,38 Gb Total Space | 132,93 Gb Free Space | 56,72% Space Free | Partition Type: NTFS Drive J: | 228,38 Gb Total Space | 18,35 Gb Free Space | 8,03% Space Free | Partition Type: NTFS Computer Name: GIGABYTE Current User Name: moi Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = FirefoxURL] -- ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled"=1 "AntiVirusDisableNotify"=0 "FirewallDisableNotify"=0 "UpdatesDisableNotify"=0 "AntiVirusOverride"=0 "FirewallOverride"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=1 ""= [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall"=0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [2008/04/13 20:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [2008/09/02 22:02:16 | 00,582,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger [2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [2008/04/13 20:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [2008/09/02 22:02:16 | 00,582,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call [2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour [2008/11/12 18:03:10 | 05,488,640 | ---- | M] (Activision Blizzard, Inc.) -- G:\COD\CoDWaW.exe:*:Enabled:Call of Duty® - World at War [2008/11/10 00:47:14 | 05,444,880 | ---- | M] (Activision Blizzard, Inc.) -- G:\COD\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War [2008/05/04 14:16:27 | 04,419,584 | ---- | M] (Omega Unfold Inc.) -- C:\Program Files\Webcam Zone Trigger 2\ZoneTrigger.exe:*:Enabled:Zone Trigger 2 [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger [2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [2008/05/05 13:25:39 | 24,662,016 | ---- | M] (Ubisoft) -- J:\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 [2008/05/05 13:36:27 | 24,182,784 | ---- | M] (Ubisoft) -- J:\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 [2008/02/22 12:08:44 | 00,619,144 | R--- | M] (Ubisoft) -- J:\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update [2007/04/06 14:17:06 | 00,073,728 | ---- | M] (Pinnacle Systems) -- J:\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager [2007/04/06 14:40:20 | 05,505,024 | ---- | M] (Pinnacle Systems) -- J:\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio [2006/11/21 06:05:58 | 00,024,576 | ---- | M] ( ) -- J:\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile [2007/04/06 14:16:44 | 00,081,920 | ---- | M] (Pinnacle Systems) -- J:\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi [2009/02/19 07:40:26 | 03,913,032 | ---- | M] (Pando Networks) -- C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application [2008/05/13 13:42:40 | 00,079,120 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager [2008/05/13 13:26:04 | 06,034,704 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio [2008/05/13 13:42:42 | 00,087,312 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi File not found -- C:\Documents and Settings\moi\Local Settings\Temp\{5A0D905C-C3DB-4C87-B8FF-EEE1C511121F}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup) ========== (O10) Winsock2 Catalogs ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\] NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) ========== (O18) Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] ipp: [HKLM - No CLSID value] [2005/09/20 13:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER] [2007/10/18 12:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.]) msdaipp: [HKLM - No CLSID value] [2005/09/20 13:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER] [2005/09/20 13:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER] [2007/10/18 12:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.]) [2007/03/14 14:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler]) [2007/05/10 14:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler]) ========== (O18) Protocol Filters ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters [2007/04/19 14:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02627ee5-eaca-4742-a9cc-e687631773e4}"=Nero ShowTime "{03E494A7-F504-DA41-3079-9E2FB36736BC}"=CCC Help English "{04A94422-A264-81D4-D65E-87276F5B402D}"=Catalyst Control Center Localization Italian "{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3 "{055EE59D-217B-43A7-ABFF-507B966405D8}"=ATI Catalyst Control Center "{086a7d8c-0a38-4c7f-819a-620275550d5c}"=Nero BurningROM "{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting "{0E73A14F-23FD-E1B8-ED38-108ECFA08440}"=Catalyst Control Center Localization Portuguese "{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}"=Studio 11 "{1326473A-0200-0037-0000-8E44E2204A03}"=Security BOX® Freeware 2.0 "{1499819F-1E2E-419E-A363-6058CD700A5E}"=Le bricolage pratique (Electricité - plomberie) "{14BC810B-5907-B9C3-B2F4-12D5EEA253F4}"=Catalyst Control Center Graphics Previews Common "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin "{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate "{1c00c7c5-e615-4139-b817-7f4003de68c0}"=Nero PhotoSnap Help "{1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1"=VirtualDub 1.8.6 Fr "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}"=Nero InfoTool "{215741EE-19FD-40FE-AA83-2FF0812D54C8}"=Webcam Zone Trigger 2 "{22BED295-8AE7-4BDE-9E4E-FA038D83B194}"=Default "{2348b586-c9ae-46ce-936c-a68e9426e214}"=Nero StartSmart Help "{23655B51-F898-DC12-A2A1-3348D875F659}"=CCC Help Czech "{25611B0A-54C2-69B9-723D-668201C22CD4}"=ccc-core-static "{262BF2CD-601D-4F43-919C-4B00B1D1F338}"=Boris Graffiti "{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11 "{27F38AC0-298C-F7E2-F3AE-F7D12BBBE9D5}"=CCC Help Chinese Traditional "{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}"=WinFast Codec-TS SDK "{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3 "{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}"=BD/HD Advisor 1.0 "{2F952048-3220-4AC7-A206-D01EFC774BB2}"=Studio 11 "{30B695C3-C7B0-69E1-197B-409587BC1FD7}"=CCC Help Norwegian "{3108C217-BE83-42E4-AE9E-A56A2A92E549}"=Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{33cf58f5-48d8-4575-83d6-96f574e4d83a}"=Nero DriveSpeed "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP "{359cfc0a-beb1-440d-95ba-cf63a86da34f}"=Nero Recode "{368ba326-73ad-4351-84ed-3c0a7a52cc53}"=Nero Rescue Agent "{36CDA33B-909B-4719-97D1-C4B99309BDC7}"=ATI Parental Control & Encoder "{37C8899D-FD70-481F-94AA-1F1B08765E22}"=Acronis True Image Home "{399B10AC-4E84-20F8-5913-82526B16F561}"=Catalyst Control Center Graphics Light "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}"=JMicron JMB36X Driver "{3EC34F85-AF61-5B18-42D6-306B6B80E92E}"=Catalyst Control Center Localization Swedish "{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}"=WinFast Multimedia Driver Installation "{43e39830-1826-415d-8bae-86845787b54b}"=Nero Vision "{4B494547-1410-C77E-B6F0-86F394ABAF94}"=CCC Help Hungarian "{4D7E8B72-AEA2-8493-F5F3-DA10E2EE2D22}"=Catalyst Control Center Localization Chinese Traditional "{4E868D3D-6EEB-4273-926C-2287236B5B79}"=3DVIA player 4.1 "{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3 "{55663DF0-3559-AE1E-0B9E-ED5353914B5D}"=CCC Help Japanese "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml "{587178E7-B1DF-494E-9838-FA4DD36E873C}"=ASUSUpdate "{595a3116-40bb-4e0f-a2e8-d7951da56270}"=NeroExpress "{59F83B00-970D-511C-D9DE-52B233780020}"=CCC Help Portuguese "{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}"=Nero Vision "{5DA6F06A-B389-407B-BF8C-1548767914D8}"=ATI Problem Report Wizard "{5e08ecd1-c98e-4711-bf65-8fd736b3f969}"=Nero RescueAgent Help "{5EB90C06-964F-4195-B83E-BD7E55C88415}"=Pilote vidéo Pinnacle "{60c731fb-c951-41ce-ad41-8e54c8594609}"=Nero Disc Copy Gadget Help "{62ac81f6-bdd3-4110-9d36-3e9eaab40999}"=Nero CoverDesigner "{64ACFE24-FB82-84A6-9FB8-B90539752E5B}"=Catalyst Control Center Localization German "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD "{68DD4EAE-C5E4-1E34-F991-B99ABA6DC8E3}"=Catalyst Control Center Graphics Full New "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3 "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0 "{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable "{73B5D990-04EA-4751-B10F-5534770B91F2}"=Adobe Color EU Recommended Settings "{74224F8D-4A17-4816-9EDB-7BB854DE532C}"=NVIDIA PhysX v8.04.25 "{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1"=Spy Sweeper "{7748ac8c-18e3-43bb-959b-088faea16fb2}"=Nero StartSmart "{77e33d87-255e-413e-9c8d-eed2a7f9bebf}"=Nero Live Help "{7829db6f-a066-4e40-8912-cb07887c20bb}"=Nero BurnRights "{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec "{7F4C1C17-C647-3CE0-4426-F368132A66A6}"=CCC Help Turkish "{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3 "{81946C2A-5269-A6F5-4566-A9F253007A7E}"=Catalyst Control Center Localization Turkish "{83202942-84b3-4c50-8622-b8c0aa2d2885}"=Nero Express "{83895843-3A51-4C93-9DF3-2BDB65C7E54A}"=DAEMON Tools "{8615E5FC-8906-AACF-5A1A-FB65046F647B}"=CCC Help Swedish "{868EC13B-52DA-43B9-8C05-50CD897674DF}"=Windows Live Call "{869200db-287a-4dc0-b02b-2b6787fbcd4c}"=Nero DiscSpeed "{8959A774-3FB3-B315-ACDF-4B7B70F5A169}"=Catalyst Control Center Core Implementation "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}"=ATI AVIVO Codecs "{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009 "{8CFA9151-6404-409A-AF22-4632D04582FD}"=Assassin's Creed "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3 "{8D2C1E44-7685-4D05-8342-B0DC6422FA47}"=Ulead Disc-Direct SDK "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support "{9011040C-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003 "{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3 "{906B417C-6F6C-2A5A-DB5E-5C7499941C58}"=CCC Help Spanish "{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}"=Adobe Setup "{93CB830F-517E-1695-C61B-2A1AA105CD78}"=Catalyst Control Center Localization French "{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting "{95DCA618-9717-BBD3-B438-A5A9B1EB30C8}"=CCC Help German "{984880C1-7AC7-5267-A7D9-AEC19C932950}"=Catalyst Control Center Graphics Full Existing "{98a67610-a3b5-4098-a423-3708040026d3}"="Nero SoundTrax Help "{9A0E0340-C3D7-42D1-96D4-64179FD456AE}"=WinFast De-interlace SDK "{9A394342-4A68-4EBA-85A6-55B559F4E700}"=Microsoft .NET Framework 1.1 French Language Pack "{9A3F8688-4F15-B77D-73A1-B0363517D1B1}"=Catalyst Control Center Localization Danish "{9B1BFDE6-3B65-FB41-BC54-353227EE742A}"=CCC Help Italian "{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3 "{9e82b934-9a25-445b-b8df-8012808074ac}"=Nero PhotoSnap "{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}"=Express Gate "{A0793FD9-9505-BF02-FF47-83C984DC814B}"=Catalyst Control Center Localization Chinese Standard "{a209525b-3377-43f4-b886-32f6b6e7356f}"=Nero WaveEditor "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific "{A32A0DF0-6650-6503-293D-64AAF212CBF8}"=Catalyst Control Center Localization Japanese "{A44D0AC2-0891-5AB9-EE23-3EF3339BC2FE}"=Catalyst Control Center Localization Russian "{A54BEBF5-D7F9-2B34-6475-FB07780C80CA}"=Catalyst Control Center Localization Polish "{A5CC3E6E-CAC7-4D47-A5C8-743E549890D5}"=Sunbelt CounterSpy "{A8280D9A-D6A4-1E52-E85F-99E3BB19CEEA}"=Catalyst Control Center Localization Czech "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}"=ImagXpress "{A960DA53-C5C4-37A4-3671-C0236BF41E99}"=CCC Help Chinese Standard "{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}"=ABBYY FineReader 8.0 Professional Edition "{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}"=Pando "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings "{AC76BA86-7AD7-1033-7B44-A81100000003}"=Adobe Reader 8.1.1 "{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}"=Nero Recode Help "{AF9848E2-5F19-4E49-9E6E-044FBDC28404}"=WinFast TT-SB SDK "{AFAE2B15-89A0-4215-A030-F7B5B478886B}"=Call of Duty® - World at War 1.1 Patch "{B0D2BC40-119B-AD18-E697-E6073DD6D149}"=ccc-utility "{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter "{b1adf008-e898-4fe2-8a1f-690d9a06acaf}"=DolbyFiles "{B2C78A98-20EA-D90A-69E3-B15587D51588}"=CCC Help Thai "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}"=Advertising Center "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0 "{B59DA9F5-3630-FFF1-C47C-B2CA172CF876}"=CCC Help Polish "{b78120a0-cf84-4366-a393-4d0a59bc546c}"=Menu Templates - Starter Kit "{B84AE471-81DD-D81F-CD20-B3464877E525}"=Skins "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3 "{BADF6744-3787-48F6-B8C9-4C4995401D65}"=Windows Live Messenger "{BBFEA1AF-ECCE-1114-2EC8-AC304AB6B753}"=Catalyst Control Center Localization Hungarian "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}"=Nero ControlCenter "{BF794769-8875-4E01-B7BE-E00104604F4A}"=Adobe Photoshop CS3 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2 "{C397AE7E-CFA4-9D60-880D-D0BA7CF3F596}"=CCC Help Finnish "{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}"=SoundTrax "{C92C584E-C781-475E-A8E2-C67D993A6B95}"=WinFast PVR2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1 "{cc019e3f-59d2-4486-8d4b-878105b62a71}"=Nero DiscSpeed "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}"=SUPERAntiSpyware Professional "{ce96f5a5-584d-4f8f-aa3e-9baed413db72}"=Nero CoverDesigner Help "{d025a639-b9c9-417d-8531-208859000af8}"=NeroBurningROM "{D041EB9E-890A-4098-8F94-51DA194AC72A}"=Pinnacle Studio 12 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client "{D1860E6E-520E-4380-8433-E58E8F88B473}"=Pinnacle Studio 12 Ultimate Plugins "{D20100AC-608D-1A4C-372E-75009E7C168E}"=CCC Help Danish "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}"=Assistant de connexion Windows Live "{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1"=VirtualDub Plugin Pack 1.0.0.5 Fr "{D801FEB6-53DF-CE1C-67E2-A977E43A7E8F}"=CCC Help Russian "{D80A6A73-E58A-4673-AFF5-F12D7110661F}"=Call of Duty® - World at War "{D8BC7043-62D2-4A0D-918C-CBDF0BD70ABD}"=Micro Application - 3D Architecte Expert CAD 2007 "{D94E53DD-9428-11D6-90F5-0048545B0D01}"=Système de vidéo surveillance numérique "{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}"=Nero ShowTime "{DAA29BAD-1C06-E8E0-CFE6-557F818C7AF7}"=CCC Help Dutch "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings "{DB7EBA4A-44AF-DF22-EBA7-6BF4E011E319}"=CCC Help French "{DBB18C43-FE45-36DF-D171-E209B79A76F3}"=Catalyst Control Center Localization Dutch "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings "{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}"=Nero Live "{E1BCF465-85F4-C303-944E-9E416977C560}"=CCC Help Korean "{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}"=Corel Paint Shop Pro Photo XI "{E3AEC354-AD4C-51D3-E345-CEE6CA8A9C3A}"=Catalyst Control Center Localization Greek "{e498385e-1c51-459a-b45f-1721e37aa1a0}"=Movie Templates - Starter Kit "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}"=Nero DriveSpeed "{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3 "{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}"=Nero WaveEditor Help "{e8a80433-302b-4ff1-815d-fcc8eac482ff}"=Nero Installer "{EA024A36-5934-05B8-550B-60DA131B90C4}"=CCC Help Greek "{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}"=Choice Guard "{EE3FBA20-AB77-46E0-9825-565807A24A66}"=DVDShrink 2008 "{EE5AC826-8731-6406-9947-D0420143A7BD}"=ccc-core-preinstall "{EEB193CE-2B04-B568-29FF-FAFA34BB3F19}"=Catalyst Control Center Localization Spanish "{EF0A8C24-E239-45D5-492D-D5895518ACB3}"=Catalyst Control Center Localization Thai "{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}"=Pinnacle Instant DVD Recorder "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver "{f1861f30-3419-44db-b2a1-c274825698b3}"=Nero Disc Copy Gadget "{F2A34EE8-F7E7-11D6-9D38-0050BAEF4D56}"=Système de vidéo surveillance numérique - RemoteManager "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}"=Nero ControlCenter "{f6bdd7c5-89ed-4569-9318-469aa9732572}"=Nero BurnRights "{F88183B1-BD65-F87C-855F-BB7D1AA3AEA2}"=Catalyst Control Center Localization Norwegian "{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}"=Yahoo! Desktop Login "{fbcdfd61-7dcf-4e71-9226-873ba0053139}"=Nero InfoTool "{FC70949F-1417-A3F5-8E84-EBF5ACB93B58}"=Catalyst Control Center Localization Korean "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}"=Windows Live installer "{fde86273-04e9-4840-bcfe-b97db748a015}"=Nero 9 "{FE22679C-7CE4-8633-CE7F-8122B52C52CF}"=Catalyst Control Center Localization Finnish "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}"=Adobe Color NA Extra Settings "7-Zip"=7-Zip 4.65 "ActiveScan 2.0"=Panda ActiveScan 2.0 "Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin "Adobe_32e9033392a51340b32fdc6ad893ab7"=Adobe Photoshop CS3 "Album Cover Art Downloader_is1"=Album Cover Art Downloader 1.6.0 "All ATI Software"=ATI - Utilitaire de désinstallation du logiciel "Ashampoo Core Tuner_is1"=Ashampoo Core Tuner 1.00 "Astro"=Astro "ATI Display Driver"=ATI Display Driver "A-Z Video Converter Ultimate_is1"=A-Z Video Converter Ultimate 8.45 "Babylon"=Babylon "Brothers in Arms - Deadly Road"=Brothers in Arms - Deadly Road "Brothers in Arms - Hell's Highway"=Brothers in Arms: Hell's Highway "CANONBJ_Deinstall_CNMCP5m.DLL"=Canon i865 "CCleaner"=CCleaner (remove only) "CleanUp!"=CleanUp! "Encyclopaedia Universalis"=Encyclopaedia Universalis "ffdshow_is1"=ffdshow [rev 1723] [2007-12-24] "FileZilla Client"=FileZilla Client 3.1.6 "Fraps"=Fraps "FTP Expert 3"=FTP Expert 3 "GPL Ghostscript 8.54"=GPL Ghostscript 8.54 "GPL Ghostscript Fonts"=GPL Ghostscript Fonts "HijackThis"=HijackThis 2.0.2 "IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs "ie7"=Windows Internet Explorer 7 "InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}"=Call of Duty® - World at War 1.1 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}"=Call of Duty® - World at War "InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009 "K!TV"=K!TV "Leroy Merlin"=Leroy Merlin - RéussirVotreProjetCouleur "Magic Bullet Looks Studio"=Magic Bullet Looks Studio "MeuhMeuhTV Alpha_is1"=MeuhMeuhTV Alpha 3.0.0.32 "Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0 "MMTVConfig"=MMTVConfig (désinstallation seulement) "Mozilla Firefox (3.0."=Mozilla Firefox (3.0. "MSNINST"=MSN "mv61xxDriver"=marvell 61xx "NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs "PDF Writer"=PDF Writer "Pharaon"=Pharaon "Photo Viewer"=Photo Viewer 2.3 "PhotomatixPro3_is1"=Photomatix Pro version 3.0.1 "PhotoZoom Pro 2"=BenVista PhotoZoom Pro 2.3.2 "proDAD-Vitascene-1.0"=proDAD Vitascene 1.0 "Retouch Pilot Full_is1"=Retouch Pilot Full 3.1 "SereneScreen Marine Aquarium 2.6_is1"=SereneScreen Marine Aquarium 2.6 "SoftwareUpdate_is1"=SoftwareUpdate 1.0 "stax-Pinnacle_is1"=SureThing Express Labeler "Suppress plus_is1"=Suppress plus 1.8 "Sweet Home 3D_is1"=Sweet Home 3D version 1.5.1 "Tag&Rename_is1"=Tag&Rename 3.3.5 "TVersity Codec Pack"=TVersity Codec Pack 1.1 "TVersity Media Server "=TVersity Media Server 0.9.11.4 beta "UltraSplitter"=UltraSplitter "VLC media player"=VLC media player 0.9.4 "vmntoolbar"=VMN Toolbar "Windows Media Format Runtime"=Windows Media Format Runtime "Windows XP Service"=Windows XP Service Pack 3 "WinISO_is1"=WinISO 5.3 "WinRAR archiver"=Archiveur WinRAR "XnView_is1"=XnView 1.95.4 "xp-AntiSpy"=xp-AntiSpy 3.96-4 "XviD"=XviD MPEG-4 Codec ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 04/03/2009 17:39:35 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01. Error - 05/03/2009 02:53:32 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01. Error - 07/03/2009 08:24:53 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01. Error - 08/03/2009 06:58:31 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01. Error - 14/03/2009 09:45:12 | Computer Name = GIGABYTE | Source = Userenv | ID = 1509 Description = Windows ne peut pas copier le fichier C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{8B8BFC13-F615-E555-AAAB-67F21339F7B6}\01\11-{8B8BFC13-F615-E555-AAAB-67F21339F7B6}-v1-{8A04D731-7BD0-4771-9CE2-C8C38D817AD3}-v11-Downloaded.frx vers l'emplacement C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{8B8BFC13-F615-E555-AAAB-67F21339F7B6}\01\11-{8B8BFC13-F615-E555-AAAB-67F21339F7B6}-v1-{8A04D731-7BD0-4771-9CE2-C8C38D817AD3}-v11-Downloaded.frx. Les causes possibles de cette erreur incluent des problèmes réseau ou des autorisations insuffisantes. Contactez votre administrateur réseau. DÉTAIL - Nom de fichier ou extension trop long. Error - 14/03/2009 09:45:12 | Computer Name = GIGABYTE | Source = Userenv | ID = 1515 Description = Windows a sauvegardé le profil de cet utilisateur. Windows tentera automatiquement d'utiliser le profil sauvegardé la prochaine fois que cet utilisateur ouvre une connexion. Error - 14/03/2009 09:45:12 | Computer Name = GIGABYTE | Source = Userenv | ID = 1511 Description = Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez. Error - 16/03/2009 06:13:12 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x075e90e3. Error - 19/03/2009 06:26:12 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante ds.exe, version 3.2.0.15, module défaillant ds.exe, version 3.2.0.15, adresse de défaillance 0x0007c98a. Error - 23/03/2009 06:31:59 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000 Description = Application défaillante vlc.exe, version 0.9.4.0, module défaillant libvout_directx_plugin.dll, version 0.0.0.0, adresse de défaillance 0x00006886. [ System Events ] Error - 31/03/2009 16:46:58 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding Error - 01/04/2009 09:30:21 | Computer Name = GIGABYTE | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM Video Capture n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 01/04/2009 09:30:21 | Computer Name = GIGABYTE | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM TVTuner n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 01/04/2009 09:30:21 | Computer Name = GIGABYTE | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM Crossbar n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 01/04/2009 09:35:10 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding Error - 01/04/2009 10:02:45 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding Error - 01/04/2009 10:27:33 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding Error - 01/04/2009 10:37:08 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding Error - 01/04/2009 11:06:54 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding Error - 01/04/2009 11:13:20 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000 Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541} n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande : "C:\Program Files\Messenger\msmsgs.exe" -Embedding < End of report >

voilà le message que j'ai : http://www.spamhaus.org/query/bl?ip=213.245.111.18 après, il y a un lien qui envoie visiblement vers une procedure pour s'enlever de la liste noire mais je n'y ai rien compris. j'ai écrit à l'administrateur du site qui m'a répondu : "Ce n'est peut être pas toi, ça peut être une autre personne qui aurai eu la même ip que toi. Tu as peut être un virus sur ton pc qui envoi des spam. Il se peut aussi que l'outil se trompe." un virus qui envoie des spam ? ah bon ? que puis je y faire ? j'aurais peut être un virus ? il faut que je post quoi et où sur le forum zebulon pour faire une recherche de virus et que quelqu'un de pro y voit plus clair dans mon pb ? merci encore pour votre aide car là, je suis paumé !!!

bonjour j'ai comme un problème depuis hier soir sur un site .... je ne sais pas trop si c'est la bonne question pour mon post ... il me semble que oui. mon ip est bloquée sur un site (que celui-là !). quand je veux poster dessus, j'ai un message qui me dit : "Votre adresse IP ..................... a été bloquée car elle est dans la liste noire. Pour plus d’informations, veuillez consulter http://www.spamhaus.org/query/bl?ip=.................." les expications sont toutes en anglais et je n'ai pas compris grand chose ... visiblement je spam ????? ah bon ???? pourtant c'est sur un site où je vais régulièrement et je n'ai jamais eu aucun pb ... que dois je faire ? qu'est ce que ce message veut il dire ? comment y remédier ? ai je un virus ? un cheval de troie ou autre ? dois je faire une analyse sur le site ? merci encore pour votre aide cordialement

j'ai donc mis ça : Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\.mkv] @="avifile" "PerceivedType"="video" "Content Type"="video/avi" "MP2.Last"="Default" [HKEY_CLASSES_ROOT\.mkv\OpenWithList] [HKEY_CLASSES_ROOT\.mkv\OpenWithList\wmplayer.exe] [HKEY_CLASSES_ROOT\.mkv\OpenWithProgIds] "avifile"=hex(0): [HKEY_CLASSES_ROOT\.mkv\PersistentHandler] @="{098f2470-bae0-11cd-b579-08002b30bfeb}" [HKEY_CLASSES_ROOT\.mkv\ShellEx] [HKEY_CLASSES_ROOT\.mkv\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}] @="{c5a40261-cd64-4ccf-84cb-c394da41d590}" mais ça ne marche toujours pas. windows xp media center me dit qu'il ne peut pas les lire. par contre je peux les lire avec vlc par exemple. mais le but est de ne se servir que de winwows xp media center help

marche pas

bonjour je viens de me monter un pchc avec windows xp media center mais j'ai un pb : impossible de lire les mkv en passant par windows media center. comment faire ? car je veux surtout utiliser ce media center et pas un autre lecteur du genre vlc ou autre ... merci encore pour votre aide cordialement

bon ben ... c'est un peu du crypté pour moi ... tant pis, pas grave ... c'est déjà très sympa d'avoir perdu un peu de votre temps pour moi. si c'est tout bon, je vous remercie encore et je m'en vais marquer [resolu] dans mon titre cordialement

ben ... je m'étais dit juste après .... que ça allait beaucoup mieux ... beaucoup plus rapide ... je vois nettement une difference ... visiblement, si j'en crois ta phrase ... c'est du tout bon ? qu'est ce qui avait qui "foirait" ? virus ? ... autres ...

voilà, c'est fait ... ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== c:\documents and settings\moi\application data\eorezo\softwareupdate\SoftwareUpdateHP.exe moved successfully. File/Folder c:\program files\eorezo\eoengine.exe not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper deleted successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\moi\LOCALS~1\Temp\etilqs_gx0ZE3ck83UJHJhhw0li scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\moi\LOCALS~1\Temp\etilqs_gx0ZE3ck83UJHJhhw0li-journal scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\moi\LOCALS~1\Temp\etilqs_J90Wa6RjXNdgRh7XN1YS scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\cch~4297f0642f8.htp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\cch~4297f3c9602.htp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\cch~ab7dd7a774d.htp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\cch~ab7dd9d8e1c.htp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\cch~b047bde3b0a.htp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\cch~b047c02e718.htp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_420.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\OfflineCache\index.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\moi\Local Settings\Application Data\Mozilla\Firefox\Profiles\sk3g6ll2.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03082009_125608

oups ... j'ai peur de n'avoir pas tout compris ... je suis sous xp. j'ai donc telechargé OTMoveIt3 by OldTimer. je l'ai lancé. ensuite, si j'ai bien compris ... il faut que je copie les lignes : :Processes explorer.exe :Files c:\documents and settings\moi\application data\eorezo\softwareupdate\softwareupdatehp.exe c:\program files\eorezo\eoengine.exe :Reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EoEngine"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoftwareHelper"=- :Commands [purity] [emptytemp] [start explorer] [Reboot] dans la fenetre "Paste Instructions for Items to be Moved" de OTMoveIt3 by OldTimer ? c'est bien cela ? et ensuite je clic sur le bouton MovIt ...

voilà ... j'ai tout fait ce qui m'a été demandé. je poste le 1er rapport que SmitfraudFix m'a fait après avoir terminé l'option 1 : recherche. SmitFraudFix v2.400 Rapport fait à 12:56:53,23, 07/03/2009 Executé à partir de C:\Documents and Settings\moi\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe F:\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\D-Tools\daemon.exe F:\acronis 2009\TrueImageMonitor.exe F:\acronis 2009\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Java\jre6\bin\jusched.exe F:\Spy Sweeper\SpySweeperUI.exe C:\WINDOWS\system32\ctfmon.exe J:\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe F:\Spy Sweeper\SSU.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\moi »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\moi\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\moi\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\moi\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\adialhk.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\kloehk.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller - Miniport d'ordonnancement de paquets DNS Server Search Order: 89.2.0.1 DNS Server Search Order: 89.2.0.2 HKLM\SYSTEM\CCS\Services\Tcpip\..\{52581B2C-C913-4D77-AAB1-7BB129D38ED4}: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS1\Services\Tcpip\..\{52581B2C-C913-4D77-AAB1-7BB129D38ED4}: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS3\Services\Tcpip\..\{52581B2C-C913-4D77-AAB1-7BB129D38ED4}: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin voici maintenant, le 2eme rapport que SmitfraudFix m'a fait après avoir terminé l'option 2 : supprimer par contre, je n'ai jamais eu la question "corriger le fichier infecté" (fichier wininet.dll) SmitFraudFix v2.400 Rapport fait à 13:07:39,12, 07/03/2009 Executé à partir de C:\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{52581B2C-C913-4D77-AAB1-7BB129D38ED4}: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS1\Services\Tcpip\..\{52581B2C-C913-4D77-AAB1-7BB129D38ED4}: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS3\Services\Tcpip\..\{52581B2C-C913-4D77-AAB1-7BB129D38ED4}: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin et voici le nouveau rapport hijackthis que je viens de faire en dernier : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:37:53, on 07/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe F:\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\D-Tools\daemon.exe F:\acronis 2009\TrueImageMonitor.exe F:\acronis 2009\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Documents and Settings\moi\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe F:\Spy Sweeper\SpySweeperUI.exe C:\WINDOWS\system32\ctfmon.exe J:\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe F:\Spy Sweeper\SSU.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\moi\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st#first R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.leadtek.com.tw/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036 O4 - HKLM\..\Run: [TrueImageMonitor.exe] "F:\acronis 2009\TrueImageMonitor.exe" O4 - HKLM\..\Run: [AcronisTimounterMonitor] "F:\acronis 2009\TimounterMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinFastDTV] "C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" O4 - HKLM\..\Run: [sBCSTray] "C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k O4 - HKLM\..\Run: [TrojanScanner] "C:\Program Files\Trojan Remover\Trjscan.exe" /boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [babylon Client] "C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe" O4 - HKLM\..\Run: [softwareHelper] C:\Documents and Settings\moi\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [spySweeper] F:\Spy Sweeper\SpySweeperUI.exe /startintray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] J:\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [LaunchList] "J:\Pinnacle\Studio 11\LaunchList2.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - J:\SUPERAntiSpyware\SASWINLO.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - F:\Spy Sweeper\SpySweeper.exe -- End of file - 10155 bytes merci encore

bonjour mon pc devient de + en + lent .... je pense qu'il est atteint mon kaspersky ne m'a rien dit et il est à jour ... je pose là mon petit rapport ... au cas où quelqu'un trouve quelque chose .... merci encore et bonne journée Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:16:59, on 07/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe F:\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\D-Tools\daemon.exe F:\acronis 2009\TrueImageMonitor.exe F:\acronis 2009\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Java\jre6\bin\jusched.exe F:\shampoo Core Tuner\ct.exe F:\Spy Sweeper\SpySweeperUI.exe C:\WINDOWS\system32\ctfmon.exe J:\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe F:\Spy Sweeper\SSU.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe C:\Documents and Settings\moi\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st#first R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.leadtek.com.tw/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036 O4 - HKLM\..\Run: [TrueImageMonitor.exe] "F:\acronis 2009\TrueImageMonitor.exe" O4 - HKLM\..\Run: [AcronisTimounterMonitor] "F:\acronis 2009\TimounterMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinFastDTV] "C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" O4 - HKLM\..\Run: [sBCSTray] "C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k O4 - HKLM\..\Run: [TrojanScanner] "C:\Program Files\Trojan Remover\Trjscan.exe" /boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Ashampoo Core Tuner] "F:\shampoo Core Tuner\ct.exe" -TRAY O4 - HKLM\..\Run: [babylon Client] "C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe" O4 - HKLM\..\Run: [softwareHelper] "C:\Documents and Settings\moi\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" O4 - HKLM\..\Run: [spySweeper] "F:\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] J:\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [LaunchList] "J:\Pinnacle\Studio 11\LaunchList2.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - J:\SUPERAntiSpyware\SASWINLO.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - F:\Spy Sweeper\SpySweeper.exe -- End of file - 10282 bytes

c'est fait et ça marche .... thanks well :P

ok merci merci je fais de suite .... car j'avais essayé avec le bloc note mais pas bon j'avais pas mis : Windows Registry Editor Version 5.00

je pose surement une question con mais ... je copie/colle et enregistre avec quel prg pour avoir un fichier reg ?

oui mais ... la clé n'existe pas donc elle n'est pas ecrite. je n'ai rien, même pas "AutoAdminLogon", donc encore moins "AutoAdminLogon"=- donc rien qu'il soit = à 0 là je n'ai pas compris

merci beaucoup. je vais faire de suite ... mais pourquoi, n'ayant pas cette clé, j'ai quand même ce message à l'ouverture de xp ?

merci merci ... mais ce que je désire savoir, c'est si je peux créer cette clé dans la base de registre ... ?

au démarrage de xp, il y a une demande de mot de pass, que j'aimerais bien enlever, car je n'ai pas de mot de pass dans ma cession de xp. je fais donc : 1. Dans "Démarrer/Exécuter" ---> : regedit 2. Recherche de la clé de Registre suivante : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon 3. Dans "AutoAdminLogon", mettre 1 à la place du 0 le pb est que je n'ai pas cette clé "AutoAdminLogon". Elle n'est pas créee. dois je l'a créer et lui donner la valeur 1 pour que le message à l'ouverture de xp disparaisse ? et d'abord, comment se fait il que j'ai ce message si la clé n'exista pas et n'est donc pas = 0 La clé "DefaultPassword" ---> "mot de passe", n'existe pas non plus. merci encore pour toute aide cordialement