JOELERIC

Voici, excuse moi jke n'avais pas joint car j'avais indiqué en tete de post que j'avais essaye malware sans résultat, mais voici le rapport Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1784 Windows 5.1.2600 Service Pack 2 21/02/2009 07:24:02 mbam-log-2009-02-21 (07-24-02).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 120789 Temps écoulé: 15 minute(s), 39 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Dans la'ttented e te lire

bjr et merci de ton aide, voici els rapports demandés :JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Sat Feb 21 10:44:15 2009 Found and removed: C:\Program Files\Java\jre1.5.0 Found and removed: Software\JavaSoft\Java2D\1.5.0 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510000 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510000 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510000 Found and removed: SOFTWARE\Classes\JavaPlugin.150 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510000 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510000 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150000} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0\ ------------------------------------ Finished reporting. et le rapport de smitfraud, dans l'attente de te lire : SmitFraudFix v2.398 Rapport fait à 10:56:20,51, 21/02/2009 Executé à partir de C:\Documents and Settings\Admin\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedul2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Power Translator 10\LogoMedia TranslateDotNet Server.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\ups.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedhlp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Mixer.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\AdventNet\ME\NetFlow\mysql\bin\mysqld-nt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\wbem\wmiprvse.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Admin\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Admin\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\adialhk.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\kloehk.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: IEEE 802.11g Wireless Cardbus/PCI Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 193.168.0.1 Description: IEEE 802.11g Wireless Cardbus/PCI Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 193.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{1067A1DF-9650-4854-A61D-D9DD240B3B5A}: DhcpNameServer=193.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{9F2CCE8E-06DF-4B08-B556-9508F50449A0}: NameServer=193.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{1067A1DF-9650-4854-A61D-D9DD240B3B5A}: DhcpNameServer=193.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{9F2CCE8E-06DF-4B08-B556-9508F50449A0}: NameServer=193.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{1067A1DF-9650-4854-A61D-D9DD240B3B5A}: DhcpNameServer=193.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{9F2CCE8E-06DF-4B08-B556-9508F50449A0}: NameServer=193.168.0.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

la suite : OTListIt Extras logfile created on: 20/02/2009 21:11:58 - Run OTListIt2 by OldTimer - Version 2.0.1.0 Folder = C:\Documents and Settings\Admin\Bureau Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,23 Mb Total Physical Memory | 296,02 Mb Available Physical Memory | 57,90% Memory free 1,22 Gb Paging File | 0,65 Gb Available in Paging File | 53,57% Paging File free Paging file location(s): C:\pagefile.sys 768 768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111,79 Gb Total Space | 28,13 Gb Free Space | 25,16% Space Free | Partition Type: NTFS Drive D: | 152,66 Gb Total Space | 17,64 Gb Free Space | 11,56% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BLACKJP Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Standard File Age = 30 Days Company Name Whitelist: On ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [2006/09/14 02:37:54 | 00,561,152 | ---- | M] () -- C:\Program Files\WinFax eXPert\BvrpKrnl.exe:*:Disabled:Bvrpkrnl File not found -- C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Disabled:McAfee Network Agent File not found -- C:\Program Files\Skype\Phone\Skype.exe:*:Disabled:Skype [2006/09/13 08:06:44 | 01,982,464 | ---- | M] (BVRP Software) -- C:\Program Files\WinFax eXPert\WinFax.exe:*:Disabled:Winfax [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0C123C63-84FD-4D13-96E7-EEB5C11893F2}" = LEC Translate "{143BE018-D8F8-4014-8CB6-AF63F5799D21}" = ULi LAN Driver "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{2E8D4B52-52E5-41EF-9C43-8CDF1527DDFD}" = EZVideo Mail "{313aa16e-8c61-410c-a225-917462421659}" = EZSuite For EZCam III "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{5DF68560-292A-11D5-99D1-00010256D40E}" = DV Studio3 "{5FB2EF0E-0254-4B7E-98C9-7F83E0C5E6C2}" = EZShowtime MMS "{60E5167C-F720-47F2-A0FD-9B34F94A8DC8}" = WinFax eXPert "{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software "{76F0FEBD-6C17-4D57-6002-1A0BFF7DE827}" = Ultimate ZIP Cracker Trial version "{7A393E43-9F1B-4B4D-AFC3-E4B6663F6DD3}" = EZPhoto Browser "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{81A60A13-224D-4637-8203-3EAC03B121A4}" = Maxtor MaxBlast "{887EF08A-011E-477C-B6CB-01E540538ADB}" = Rep-Listing "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009 "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support "{9A8EE170-395C-4B96-B992-B9FE823330E7}" = JS World "{9DA4493A-480C-4554-A02C-4B542D33A1D9}" = ManageEngine NetFlow Analyzer 4 "{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" = "{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}" = SPIF225 USB to SATA Bridge 98 Driver Installer "{AC76BA86-7AD7-1036-7B44-A70800000002}" = Adobe Reader 7.0.8 - Français "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B473BAC8-6A90-4D53-96C9-97A759A76EE8}" = EZPhoto Panorama "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{C4B76E93-3FC2-4E90-81EE-EE62948CFB03}" = Sony Ericsson Mobile Phone Monitor "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D995DF42-A2B6-43D6-AEA2-FDD296E74ED4}" = PC CameraQ "{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes "{DE4847A9-E86B-4BBB-B991-58C5ACA4FA04}" = Diskeeper Professional Edition "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools "{EBE171CC-C465-43FE-AA82-F0B4333764DD}" = WebCam Driver for Panasonic DVC "{ED8F2441-E5B9-4F48-82AD-759C17A68ADB}" = EZPhoto Tools "{ED9A325D-9622-4FD0-A731-73D23C6265F3}" = CapMan "{EF949584-D843-4F7F-A4B4-070CC9E48B45}" = UltraCompare Professional "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FC18114B-05A0-11D6-8140-000102E745A6}" = Sony Ericsson PC Suite 3.2.0 "ABC" = ABC (remove only) "ActiveScan 2.0" = Panda ActiveScan 2.0 "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "AdobeESD" = Adobe Download Manager 2.0 (Supprimer uniquement) "Applian FLV Player2.0.23" = Applian FLV Player "AutoSketch v6.0" = AutoSketch v6.0 "AviSplit Classic (Freeware)_is1" = AviSplit Classic Version 1.43 "BlindWrite 5_is1" = BlindWrite5 "DivX Content Uploader" = DivX Content Uploader "eMule" = eMule "Ezonics Greeting Cam Deluxe" = Ezonics Greeting Cam Deluxe "FAT32 Format" = FAT32 Format "ffdshow_is1" = ffdshow [rev 1723] [2007-12-24] "FTDICOMM" = SEMC DSS SyncStation Driver "GSpot 2.21 Fr_is1" = GSpot 2.21 Fr "HijackThis" = HijackThis 2.0.2 "InstallShield_{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC "InstallShield_{D995DF42-A2B6-43D6-AEA2-FDD296E74ED4}" = PC CameraQ "InstallShield_{EBE171CC-C465-43FE-AA82-F0B4333764DD}" = WebCam Driver for Panasonic DVC "InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009 "Kaspersky Online Scanner" = Kaspersky Online Scanner "LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation) "lphant_is1" = lphant v1.11 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MediaRescue Pro" = MediaRescue Pro 3.5 "NeroMultiInstaller!UninstallKey" = Nero Suite "Panda ActiveScan" = Panda ActiveScan "PCI Audio Driver" = PCI Audio Driver "SnadBoy's Revelation v2" = SnadBoy's Revelation v2 "SuperCopier2" = SuperCopier2 "TVersity Codec Pack" = TVersity Codec Pack 1.1 "TVersity Media Server " = TVersity Media Server 0.9.11.4 beta "VLC media player" = VideoLAN VLC media player 0.8.6f "Vodei Multimedia Processor" = Vodei Multimedia Processor 2.00 "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Lecteur Windows Media 10 "WinMerge_is1" = WinMerge 2.4.10.0 "WinRAR archiver" = Archiveur WinRAR "xvid" = XviD MPEG-4 video codec v2.1 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 04/02/2009 20:53:05 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There may be a configuration problem: please check the logs. Error - 06/02/2009 19:55:52 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There were 5 failed launches in a row, each lasting less than 300 seconds. Giving up. Error - 06/02/2009 19:55:52 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There may be a configuration problem: please check the logs. Error - 14/02/2009 02:02:00 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There were 5 failed launches in a row, each lasting less than 300 seconds. Giving up. Error - 14/02/2009 02:02:00 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There may be a configuration problem: please check the logs. Error - 16/02/2009 14:30:18 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There were 5 failed launches in a row, each lasting less than 300 seconds. Giving up. Error - 16/02/2009 14:30:18 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There may be a configuration problem: please check the logs. Error - 20/02/2009 09:52:58 | Computer Name = BLACKJP | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 20/02/2009 11:05:25 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There were 5 failed launches in a row, each lasting less than 300 seconds. Giving up. Error - 20/02/2009 11:05:25 | Computer Name = BLACKJP | Source = netflowanalyzer | ID = 100 Description = There may be a configuration problem: please check the logs. [ System Events ] Error - 20/02/2009 05:22:44 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service BDRSDRV n'a pas pu démarrer en raison de l'erreur : %%2 Error - 20/02/2009 05:22:44 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM Video Capture n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 20/02/2009 05:22:44 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM TVTuner n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 20/02/2009 05:22:44 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM Crossbar n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 20/02/2009 05:24:17 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7022 Description = Le service Kaspersky Internet Security est en attente de démarrage. Error - 20/02/2009 09:59:55 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service BDRSDRV n'a pas pu démarrer en raison de l'erreur : %%2 Error - 20/02/2009 09:59:55 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM Video Capture n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 20/02/2009 09:59:55 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM TVTuner n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 20/02/2009 09:59:55 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7000 Description = Le service WinFast TV2000 XP WDM Crossbar n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 20/02/2009 11:05:42 | Computer Name = BLACKJP | Source = Service Control Manager | ID = 7034 Description = Le service ManageEngine NetFlow Analyzer 4 s'est terminé de façon inattendue pour la 1ème fois. < End of report > OTListIt logfile created on: 20/02/2009 21:11:58 - Run OTListIt2 by OldTimer - Version 2.0.1.0 Folder = C:\Documents and Settings\Admin\Bureau Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,23 Mb Total Physical Memory | 296,02 Mb Available Physical Memory | 57,90% Memory free 1,22 Gb Paging File | 0,65 Gb Available in Paging File | 53,57% Paging File free Paging file location(s): C:\pagefile.sys 768 768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111,79 Gb Total Space | 28,13 Gb Free Space | 25,16% Space Free | Partition Type: NTFS Drive D: | 152,66 Gb Total Space | 17,64 Gb Free Space | 11,56% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BLACKJP Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Standard File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - [2009/02/20 07:56:35 | 00,950,096 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2007/06/14 09:43:32 | 00,411,168 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedul2.exe PRC - [2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/02/10 07:54:17 | 00,201,992 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe PRC - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2005/11/22 23:58:04 | 00,765,952 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe PRC - [2005/08/09 03:27:56 | 01,019,904 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Program Files\Power Translator 10\LogoMedia TranslateDotNet Server.exe PRC - [2007/12/30 13:42:34 | 00,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe PRC - [2004/12/12 21:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2004/08/10 15:05:14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2005/07/26 07:01:30 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2006/01/03 17:08:36 | 00,036,972 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0\bin\jusched.exe PRC - [2007/06/15 01:55:42 | 01,192,632 | ---- | M] (Maxtor) -- C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe PRC - [2001/10/02 10:17:20 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2007/06/15 01:58:10 | 01,966,384 | ---- | M] (Acronis) -- C:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe PRC - [2007/06/14 09:43:40 | 00,149,024 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedhlp.exe PRC - [2007/04/16 15:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2002/07/12 23:33:12 | 01,581,056 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\Mixer.exe PRC - [2004/08/19 08:10:06 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009/02/10 07:54:17 | 00,201,992 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe PRC - [2008/10/01 17:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009/02/20 07:56:39 | 00,509,784 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2004/03/22 13:50:58 | 02,265,088 | ---- | M] () -- C:\AdventNet\ME\NetFlow\mysql\bin\mysqld-nt.exe PRC - [2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009/02/20 21:02:38 | 00,494,080 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Bureau\OTListIt2.exe ========== Win32 Services (SafeList) ========== SRV - [2007/06/14 09:43:32 | 00,411,168 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedul2.exe -- (AcrSch2Svc [Auto | Running]) SRV - [2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2003/02/20 12:19:38 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2009/02/10 07:54:17 | 00,201,992 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running]) SRV - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2006/09/14 02:37:54 | 00,561,152 | ---- | M] () -- C:\Program Files\WinFax eXPert\BVRPKrnl.exe -- (BvrpKrnl [On_Demand | Stopped]) SRV - [2005/11/22 23:58:04 | 00,765,952 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper [Auto | Running]) SRV - [2004/08/19 08:09:38 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [On_Demand | Stopped]) SRV - [2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2009/02/20 07:56:35 | 00,950,096 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running]) SRV - [2005/08/09 03:27:56 | 01,019,904 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Program Files\Power Translator 10\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server [Auto | Running]) SRV - [2005/09/30 07:37:44 | 00,126,976 | ---- | M] () -- C:\AdventNet\ME\NetFlow\bin\wrapper.exe -- (netflowanalyzer [Auto | Stopped]) SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2007/12/30 13:42:34 | 00,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer [Auto | Running]) SRV - [2004/12/12 21:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running]) SRV - [2004/08/10 15:05:14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) ========== Driver Services (SafeList) ========== DRV - [2007/08/07 18:33:12 | 04,108,992 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Stopped]) DRV - [2003/03/06 09:32:28 | 00,007,311 | ---- | M] (ALi Corporation) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [boot | Running]) DRV - [2005/07/26 07:44:04 | 00,701,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) DRV - [2004/10/04 05:34:56 | 00,075,925 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848 [Auto | Stopped]) DRV - [2002/07/16 17:58:12 | 00,379,726 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci [On_Demand | Running]) DRV - [2008/08/29 18:03:08 | 00,019,572 | ---- | M] (FNet Co., Ltd.) -- C:\WINDOWS\system32\drivers\FNETDEVI.SYS -- (FNETDEVI [system | Running]) DRV - [2004/01/19 09:27:18 | 00,019,153 | R--- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS [On_Demand | Stopped]) DRV - [2004/01/19 09:27:26 | 00,006,828 | R--- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftlund.sys -- (FTLUND [On_Demand | Stopped]) DRV - [2004/01/19 09:27:32 | 00,050,396 | R--- | M] (FTDI Ltd.) -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K [On_Demand | Stopped]) DRV - [2005/07/26 07:44:04 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running]) DRV - [2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys -- (GearAspiWDM [On_Demand | Running]) DRV - [2005/07/26 06:44:04 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys -- (HSFHWBS2 [On_Demand | Stopped]) DRV - [2005/07/26 06:44:00 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys -- (HSF_DP [On_Demand | Stopped]) DRV - [2008/04/16 13:23:44 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running]) DRV - [2009/02/10 07:54:18 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [boot | Running]) DRV - [2008/03/13 18:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\DRIVERS\klfltdev.sys -- (KLFLTDEV [On_Demand | Running]) DRV - [2009/02/10 07:54:18 | 00,213,520 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\DRIVERS\klif.sys -- (KLIF [system | Running]) DRV - [2008/03/25 19:07:10 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running]) DRV - [2009/02/20 07:57:17 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [boot | Running]) DRV - [2004/12/01 02:49:18 | 00,051,840 | ---- | M] (ULi Electronics Inc.) -- C:\WINDOWS\system32\DRIVERS\m5289.sys -- (m5289 [boot | Running]) DRV - [2005/07/26 06:44:06 | 00,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running]) DRV - [2003/10/15 02:07:38 | 00,012,288 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DRIVERS\mtdv2ku2.sys -- (MTDVC2 [On_Demand | Stopped]) DRV - [2003/10/10 17:39:52 | 00,011,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DRIVERS\mtdv2ks2.sys -- (MTDVC2_ENUM [On_Demand | Stopped]) DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [boot | Running]) DRV - [2008/11/18 22:44:59 | 00,068,960 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\DRIVERS\Pcatip.sys -- (Pcatip [On_Demand | Running]) DRV - [2005/07/13 06:18:39 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Running]) DRV - [2001/10/02 10:17:04 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2006/07/27 11:28:33 | 00,020,640 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running]) DRV - [2004/07/17 03:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2007/09/04 23:43:37 | 00,120,992 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman [boot | Running]) DRV - [2004/06/17 02:05:46 | 00,136,832 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\pfc027.sys -- (SoC PC-Camera Service [On_Demand | Stopped]) DRV - [2007/09/04 23:43:45 | 00,032,768 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\tifsfilt.sys -- (tifsfilter [Auto | Running]) DRV - [2007/09/04 23:43:45 | 00,392,320 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter [boot | Running]) DRV - [2003/12/18 22:14:52 | 00,360,832 | R--- | M] (Texas Instruments) -- C:\WINDOWS\system32\DRIVERS\tnet1130.sys -- (TNET1130 [On_Demand | Running]) DRV - [2004/10/04 05:34:56 | 00,036,423 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr [Auto | Stopped]) DRV - [2004/10/04 05:34:56 | 00,010,005 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2kxbar.sys -- (Tv2kXbar [Auto | Stopped]) DRV - [2004/07/26 14:19:16 | 00,029,696 | ---- | M] (ULi Electronics Inc.) -- C:\WINDOWS\system32\DRIVERS\ULILAN.SYS -- (ULI5261 [On_Demand | Stopped]) DRV - [2008/10/01 12:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped]) DRV - [2005/07/26 06:44:04 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped]) DRV - [2005/07/26 06:44:06 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys -- (winachsf [On_Demand | Stopped]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm IE - URLSearchHook: {BE2A0A4D-9CD6-B15F-F68E-E83B8B0476BC} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm IE - URLSearchHook: {BE2A0A4D-9CD6-B15F-F68E-E83B8B0476BC} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\S-1-5-21-1220945662-1659004503-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\S-1-5-21-1220945662-1659004503-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local O1 HOSTS File: (769 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (LEC) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 10\Applications\LEC IE Translation Extension.dll (Language Engineering Corporation, LLC) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Reg Error: Key error. File not found O3 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Reg Error: Key error. File not found O4 - HKLM..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedhlp.exe" (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] "C:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe" (Acronis) O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab) O4 - HKLM..\Run: [C-Media Mixer] Mixer.exe /startup (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" (Diskeeper Corporation) O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.) O4 - HKLM..\Run: [MaxBlastMonitor.exe] "C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe" (Maxtor) O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.) O4 - HKLM..\Run: [RevHDD] C:\WINDOWS\SYSTEM\RevHDD.exe File not found O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Timer] File not found O4 - HKLM..\Run: [VolControl] File not found O4 - HKCU..\Run: [Entm] "C:\DOCUME~1\Admin\APPLIC~1\YMBOLS~1\cmd.exe" -vt ndrv File not found O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM) O4 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003..\Run: [Entm] "C:\DOCUME~1\Admin\APPLIC~1\YMBOLS~1\cmd.exe" -vt ndrv File not found O4 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM) O4 - HKU\S-1-5-19..\RunOnce: [Config] %systemroot%\system32\run.cmd () O4 - HKU\S-1-5-19..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [Config] %systemroot%\system32\run.cmd () O4 - HKU\S-1-5-20..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 00 00 00 [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 00 00 00 [binary data] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 00 00 00 [binary data] O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 00 00 00 [binary data] O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 00 00 00 [binary data] O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll (Sun Microsystems, Inc.) O9 - Extra Button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: secuser.com ([www] http in Sites de confiance) O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\..Trusted Domains: secuser.com ([www] http in Sites de confiance) O15 - HKU\S-1-5-21-1220945662-1659004503-839522115-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{9F2CCE8E-06DF-4B08-B556-9508F50449A0}\\NameServer = 193.168.0.1 O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/12/31 12:27:15 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{467cdeed-bf46-11dd-abd0-806d6172696f}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found O33 - MountPoints2\{627192be-da8e-11dc-9f03-0040f4b993cf}\Shell\AutoRun\command - "" = RavMon.exe O33 - MountPoints2\{b964ce17-7431-11dd-b84b-0040f4b993cf}\Shell\Auto\command - "" = tel.xls.exe ========== Files/Folders - Created Within 30 Days ========== [2009/02/20 21:03:22 | 00,494,080 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Bureau\OTListIt2.exe [2009/02/20 08:12:52 | 00,000,092 | -H-- | C] () -- C:\aaw7boot.cmd [2009/02/20 08:10:05 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2009/02/20 07:57:58 | 00,000,512 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009/02/20 07:57:54 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2009/02/20 07:52:46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} [2009/02/20 07:52:45 | 00,000,888 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk [2009/02/20 07:52:32 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2009/02/20 07:52:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2009/02/20 03:34:02 | 00,000,938 | ---- | C] () -- C:\Documents and Settings\Admin\Bureau\Spybot - Search & Destroy.lnk [2009/02/16 07:00:11 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Bureau\Nouveau Dessin AutoSketch (2).SKF [2009/01/27 06:40:36 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\Admin\Bureau\vXdownloader.exe.lnk [2009/01/27 06:39:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\vdownloader ========== Files - Modified Within 30 Days ========== [8 C:\WINDOWS\System32\*.tmp files] [4 C:\WINDOWS\*.tmp files] [2009/02/20 21:02:38 | 00,494,080 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Bureau\OTListIt2.exe [2009/02/20 08:12:52 | 00,000,092 | -H-- | M] () -- C:\aaw7boot.cmd [2009/02/20 07:59:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/02/20 07:59:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/02/20 07:58:42 | 00,086,048 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2009/02/20 07:58:42 | 00,004,896 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2009/02/20 07:58:42 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2009/02/20 07:58:42 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2009/02/20 07:58:18 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db [2009/02/20 07:57:58 | 00,000,512 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009/02/20 07:57:45 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2009/02/20 07:57:17 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2009/02/20 07:52:45 | 00,000,888 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk [2009/02/20 03:34:02 | 00,000,938 | ---- | M] () -- C:\Documents and Settings\Admin\Bureau\Spybot - Search & Destroy.lnk [2009/02/20 03:19:33 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/02/20 02:52:30 | 00,064,000 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/02/20 00:00:09 | 00,000,388 | ---- | M] () -- C:\WINDOWS\System32\tversity.cookies [2009/02/19 19:57:11 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009/02/16 07:00:11 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Admin\Bureau\Nouveau Dessin AutoSketch (2).SKF [2009/02/15 09:19:45 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009/02/11 20:25:52 | 00,447,772 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2009/02/11 20:25:52 | 00,383,254 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/02/11 20:25:52 | 00,064,492 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2009/02/11 20:25:52 | 00,053,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/02/11 20:25:51 | 00,959,724 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/02/10 07:54:18 | 00,213,520 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2009/02/10 07:54:18 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klbg.sys [2009/02/03 13:34:44 | 00,101,287 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2009/02/03 13:34:44 | 00,089,601 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2009/01/27 06:40:36 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\Admin\Bureau\vXdownloader.exe.lnk ========== Alternate Data Streams ========== @Alternate Data Stream - 0 bytes -> C:\WINDOWS\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Admin\Mes documents\Thumbs.db:encryptable < End of report >

Bonjour je suis victime de redirection intempestives. dès que je clique sur certain lien comme Zebulon Fr une fenetre complémentaire s'ouvre qui se recharge systématiquement, ou bien quand je recherjhe un site je suis reduirigé vers un autre site.Apres lecture des sujet j'ai déjà fait : - un hitjackthis log / un Ot liste qui m'a donné deux fichiers que je vous livre. Merci de m'aider car tous les antispyware n'ont rien donné : Ad aware, Spybot, MalwareByte, ne parlons pas de mon kapersky 2009 : Je commmence par vous livrer le hitjacklist log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:48:35, on 20/02/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedul2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Power Translator 10\LogoMedia TranslateDotNet Server.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\ups.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedhlp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Mixer.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\AdventNet\ME\NetFlow\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\download\vlc\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE2A0A4D-9CD6-B15F-F68E-E83B8B0476BC} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 10\Applications\LEC IE Translation Extension.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0\bin\jusched.exe" O4 - HKLM\..\Run: [MaxBlastMonitor.exe] "C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe" O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [AcronisTimounterMonitor] "C:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RevHDD] C:\WINDOWS\SYSTEM\RevHDD.exe O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [Entm] "C:\DOCUME~1\Admin\APPLIC~1\YMBOLS~1\cmd.exe" -vt ndrv O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O15 - Trusted Zone: http://www.secuser.com O17 - HKLM\System\CCS\Services\Tcpip\..\{9F2CCE8E-06DF-4B08-B556-9508F50449A0}: NameServer = 193.168.0.1 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Maxtor\Schedule2\schedul2.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BvrpKrnl - Unknown owner - C:\Program Files\WinFax eXPert\BVRPKrnl.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 10\LogoMedia TranslateDotNet Server.exe O23 - Service: ManageEngine NetFlow Analyzer 4 (netflowanalyzer) - Unknown owner - C:\AdventNet\ME\NetFlow\bin\wrapper.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 8599 bytes