[Résolu] Mon IP est bloquée sur un site

[tolunq]

bonjour

 

j'ai comme un problème depuis hier soir sur un site .... je ne sais pas trop si c'est la bonne question pour mon post ... il me semble que oui.

 

mon ip est bloquée sur un site (que celui-là !). quand je veux poster dessus, j'ai un message qui me dit :

 

"Votre adresse IP ..................... a été bloquée car elle est dans la liste noire. Pour plus d’informations, veuillez consulter http://www.spamhaus.org/query/bl?ip=.................."

 

les expications sont toutes en anglais et je n'ai pas compris grand chose ...

 

visiblement je spam ????? ah bon ???? pourtant c'est sur un site où je vais régulièrement et je n'ai jamais eu aucun pb ...

 

que dois je faire ? qu'est ce que ce message veut il dire ? comment y remédier ?

 

ai je un virus ? un cheval de troie ou autre ? dois je faire une analyse sur le site ?

 

merci encore pour votre aide

 

cordialement

[tolunq]

voilà le message que j'ai : http://www.spamhaus.org/query/bl?ip=213.245.111.18

 

après, il y a un lien qui envoie visiblement vers une procedure pour s'enlever de la liste noire mais je n'y ai rien compris.

 

j'ai écrit à l'administrateur du site qui m'a répondu : "Ce n'est peut être pas toi, ça peut être une autre personne qui aurai eu la même ip que toi.

Tu as peut être un virus sur ton pc qui envoi des spam. Il se peut aussi que l'outil se trompe."

 

un virus qui envoie des spam ? ah bon ?

 

que puis je y faire ? j'aurais peut être un virus ? il faut que je post quoi et où sur le forum zebulon pour faire une recherche de virus et que quelqu'un de pro y voit plus clair dans mon pb ?

 

merci encore pour votre aide car là, je suis paumé !!!

Modifié le 1 avril 2009 par tolunq

[Curson]

Bonjour,

 

Es-tu en IP fixe ?

 

Il existe actuellement un certain nombre de malwares capable de transformer un ordinateur en spambot.

 

Nous pouvons vérifier si tu es infecté :

 

Télécharge OTViewIt de OldTimer sur ton bureau.

 

- Ferme toutes les fenêtres et applications.

- Double clique sur OTViewIt.exe pour le lancer.

- Dans la liste déroulante "File Age" choisis : 30 days (ou selon votre choix)

- Clique sur le bouton "Run Scan".

- Patiente quelques minutes.

- le bloc note va s'ouvrir, poste les deux rapports obtenus dans ta prochaine réponse.

 

Si le bloc note ne s'ouvre pas, tu les trouveras sur ton bureau : OTViewIt.txt et Extras.txt

 

Cordialement.

[tolunq]

merci beaucoup l'aide

 

voici donc les 2 rapports demandés.

 

- OTViewIt

 

OTViewIt logfile created on: 01/04/2009 17:16:49 - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\moi\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free

4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 175,78 Gb Total Space | 102,33 Gb Free Space | 58,21% Space Free | Partition Type: NTFS

Drive D: | 234,38 Gb Total Space | 230,45 Gb Free Space | 98,32% Space Free | Partition Type: NTFS

Drive E: | 175,78 Gb Total Space | 100,91 Gb Free Space | 57,40% Space Free | Partition Type: NTFS

Drive F: | 114,19 Gb Total Space | 34,66 Gb Free Space | 30,35% Space Free | Partition Type: NTFS

Drive G: | 234,38 Gb Total Space | 215,03 Gb Free Space | 91,74% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

Drive I: | 234,38 Gb Total Space | 132,93 Gb Free Space | 56,72% Space Free | Partition Type: NTFS

Drive J: | 228,38 Gb Total Space | 18,35 Gb Free Space | 8,03% Space Free | Partition Type: NTFS

 

Computer Name: GIGABYTE

Current User Name: moi

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2008/06/03 05:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2008/11/19 10:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe

[2008/10/17 14:25:42 | 00,554,264 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

[2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe

[2009/01/04 19:00:08 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

[2008/09/30 13:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

[2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe

[2007/02/07 17:29:50 | 00,173,616 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe

[2007/08/27 13:09:12 | 00,788,976 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

[2007/12/30 21:42:34 | 00,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe

[2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

[2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe

[2008/01/04 21:56:52 | 03,572,592 | ---- | M] (Webroot Software, Inc.) -- F:\Spy Sweeper\SpySweeper.exe

[2008/06/03 05:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2008/05/16 08:39:00 | 16,862,720 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe

[2007/07/17 12:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

[2003/12/27 21:43:26 | 00,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exe

[2008/10/17 14:09:24 | 04,375,856 | ---- | M] (Acronis) -- F:\acronis 2009\TrueImageMonitor.exe

[2008/10/17 14:31:10 | 00,961,640 | ---- | M] (Acronis) -- F:\acronis 2009\TimounterMonitor.exe

[2008/10/17 14:25:48 | 00,165,144 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

[2008/10/24 11:36:10 | 00,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe

[2008/11/20 11:06:14 | 00,178,688 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe

[2007/08/27 13:09:14 | 00,698,864 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

[2009/01/04 19:00:08 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

[2007/02/07 17:24:52 | 00,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[2008/01/04 21:56:58 | 05,367,664 | ---- | M] (Webroot Software, Inc.) -- F:\Spy Sweeper\SpySweeperUI.exe

[2008/12/17 04:25:02 | 01,809,648 | ---- | M] (SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\SUPERAntiSpyware.exe

[2007/07/17 12:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

[2009/01/04 19:00:08 | 00,382,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe

[2008/12/28 12:29:50 | 07,757,384 | ---- | M] (http://cryptload.info) -- C:\Documents and Settings\moi\Bureau\CryptLoad\CryptLoad.exe

[2008/01/04 21:34:36 | 00,214,384 | ---- | M] () -- F:\Spy Sweeper\ssu.exe

[2009/04/01 17:08:45 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe

[2009/04/01 17:08:45 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2008/11/19 10:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])

[2008/10/17 14:25:42 | 00,554,264 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc [Auto | Running])

[2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2008/06/03 05:09:36 | 00,552,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

[2008/06/02 22:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])

[2009/02/04 16:39:23 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running])

[2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])

[2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2008/12/18 17:03:23 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])

[2009/01/04 19:00:08 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

[2008/09/30 13:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running])

[2003/07/28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2005/02/09 13:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI [Auto | Stopped])

[2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Auto | Running])

[2007/02/07 17:29:50 | 00,173,616 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running])

[2007/08/27 13:09:12 | 00,788,976 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe -- (SBCSSvc [Auto | Running])

[2007/12/30 21:42:34 | 00,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer [Auto | Running])

[2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])

[2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

[2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2008/01/04 21:56:52 | 03,572,592 | ---- | M] (Webroot Software, Inc.) -- F:\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running])

[2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

 

========== Driver Services ==========

 

[2008/04/13 12:46:22 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883 [On_Demand | Stopped])

[2003/06/17 05:31:06 | 00,065,280 | R--- | M] (AVerMedia Systems, Inc.) -- C:\WINDOWS\system32\drivers\ARGUS.sys -- (ARGUS [Auto | Running])

[2008/06/03 08:20:54 | 03,100,160 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

[2007/11/14 21:48:20 | 00,084,992 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])

[2008/04/13 12:46:22 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc [On_Demand | Stopped])

[2006/04/20 15:50:34 | 00,059,776 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848 [Auto | Stopped])

[2003/12/27 21:42:12 | 00,137,216 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\d344bus.sys -- (d344bus [boot | Running])

[2003/12/27 03:38:10 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\d344prt.sys -- (d344prt [boot | Running])

[2008/04/13 10:36:06 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2008/05/20 11:53:00 | 04,800,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

[2008/11/22 00:10:40 | 00,082,784 | ---- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID [boot | Running])

[2008/07/21 18:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running])

[2009/02/04 16:39:23 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [boot | Running])

[2008/03/13 19:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV [On_Demand | Running])

[2009/02/04 16:39:23 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [system | Running])

[2008/04/30 18:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5 [On_Demand | Running])

[2008/06/25 18:47:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e [On_Demand | Running])

[2007/01/04 11:07:00 | 00,171,520 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus [On_Demand | Running])

[2008/04/13 12:46:10 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV [On_Demand | Stopped])

[2004/08/13 12:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor [On_Demand | Running])

[2008/06/24 00:21:48 | 00,150,568 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\drivers\mv61xx.sys -- (mv61xx [boot | Running])

[2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [boot | Running])

[2004/08/05 11:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2008/12/04 14:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [system | Running])

[2008/12/04 14:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])

[2008/12/04 14:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [system | Running])

[2008/12/18 18:31:26 | 00,015,544 | ---- | M] () -- C:\WINDOWS\system32\drivers\sbhr.sys -- (SBHR [boot | Running])

[2008/04/13 12:40:50 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [boot | Running])

[2008/04/13 10:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2008/12/13 15:31:06 | 00,134,272 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\snman380.sys -- (snapman380 [boot | Running])

[2008/01/04 21:34:34 | 00,020,336 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\SSFS0BB9.sys -- (SSFS0BB9 [boot | Running])

[2008/01/04 21:34:34 | 00,021,872 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\sshrmd.sys -- (SSHRMD [boot | Running])

[2008/01/04 21:34:34 | 00,163,696 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\ssidrv.sys -- (SSIDRV [boot | Running])

[2008/01/04 21:34:36 | 00,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD [On_Demand | Running])

[2008/12/13 15:31:13 | 00,971,232 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tdrpm147.sys -- (tdrpman147 [boot | Running])

[2008/12/13 15:31:10 | 00,044,704 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter [Auto | Running])

[2008/12/13 15:31:10 | 00,540,000 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter [boot | Running])

[2006/04/20 16:20:22 | 00,019,456 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr [Auto | Stopped])

[2006/04/20 15:49:26 | 00,009,600 | ---- | M] (Leadtek Research Inc.) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar [Auto | Stopped])

[2008/04/13 12:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])

[2006/11/02 17:51:58 | 00,013,560 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B} [Auto | Running])

File not found -- -- (SBAPIFS [On_Demand | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.google.fr/

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

========== (O1) Hosts File ==========

 

HOSTS File = (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{140BD8E3-C167-11D4-B4A3-080000180323} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. )

{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (HKLM) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)

{5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- C:\Program Files\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation)

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}" (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. )

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}" (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. )

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

""= File not found

"36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" boot (JMicron Technology Corp.)

"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" (Acronis)

"AcronisTimounterMonitor"="F:\acronis 2009\TimounterMonitor.exe" (Acronis)

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.)

"ArcSoft Connection Service"="C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" (ArcSoft Inc.)

"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab)

"Babylon Client"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart (Babylon Ltd.)

"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" -lang 1036 (DAEMON'S HOME)

"EoNet"= File not found

"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe ()

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k File not found

"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" ()

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)

"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)

"SBCSTray"="C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" (Sunbelt Software)

"SpySweeper"="F:\Spy Sweeper\SpySweeperUI.exe" /startintray (Webroot Software, Inc.)

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

"TrueImageMonitor.exe"="F:\acronis 2009\TrueImageMonitor.exe" (Acronis)

"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" (Leadtek Research Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

""= File not found

"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" (Adobe Systems Incorporated)

"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" /AUTO (Piriform Ltd)

"LaunchList"="J:\Pinnacle\Studio 11\LaunchList2.exe" (Pinnacle Systems)

"SUPERAntiSpyware"=J:\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

 

========== (O4) Startup Folders ==========

 

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"HonorAutoRunSetting"=1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

"ClearRecentDocsOnExit"=1

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

Ajouter à Kaspersky Anti-Bannière: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm [2008/11/11 20:47:00 | 00,001,411 | ---- | M] ()

E&xporter vers Microsoft Excel: F:\Microsoft Office 2003\OFFICE11\EXCEL.EXE [2008/10/13 12:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

Translate with &Babylon: C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2008/09/25 17:47:42 | 00,121,856 | ---- | M] (Babylon Ltd.)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}: Button: Statistiques de la protection du trafic Internet -- %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab)

{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 02:22:06 | 00,053,248 | ---- | M] ()

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Recherche -- F:\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL [2007/04/19 15:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [statistiques de la protection du trafic Internet] -> [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab)

CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> F:\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL [Recherche] -> [2007/04/19 15:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{00000161-0000-0010-8000-00AA00389B71}: http://codecs.microsoft.com/codecs/i386/msaudio.cab -- Reg Error: Key does not exist or could not be opened.

{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}: http://www.pandasecurity.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class

{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.zebulon.fr/scan8/oscan8.cab -- BDSCANONLINE Control

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11

{D27CDB6E-AE6D-11CF-96B8-444553540000}: https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab -- Shockwave Flash Object

 

========== (O17) DNS Name Servers ==========

 

{52581B2C-C913-4D77-AAB1-7BB129D38ED4} (Servers: | Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller)

{5C85A740-3D65-4DAE-A0F1-2735CED994A3} (Servers: | Description: )

{AAC9D48A-5BAD-4DFD-9D29-7E9CC24409C9} (Servers: | Description: Carte réseau 1394)

 

========== (O20) AppInit_DLLs ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_Dlls"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

>[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll

>[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll

>[2008/11/11 20:59:38 | 00,083,208 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll

>[2008/11/11 21:00:02 | 00,011,016 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

!SASWinLogon: "DllName" = J:\SUPERAntiSpyware\SASWINLO.dll -- J:\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

klogon: "DllName" = C:\WINDOWS\system32\klogon.dll -- C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)

WRNotifier: "DllName" = WRLogonNTF.dll -- C:\WINDOWS\system32\WRLogonNtf.dll (Webroot Software, Inc.)

 

========== Shell Execute Hooks ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- J:\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

AUTOEXEC.BAT [sET PATH=C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter | ]

[2009/02/04 12:44:18 | 00,000,095 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

 

autoexec.bat [REM Dummy file for NTVDM | ]

[2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- E:\autoexec.bat -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98efeb7b-c891-11dd-ad83-806d6172696f}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98efeb7b-c891-11dd-ad83-806d6172696f}\Shell\AutoRun\command]

""=D:\atisetup.exe -- File not found

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}\Shell\AutoRun\command]

""=C:\WINDOWS\explorer.exe -- [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation)

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}\Shell\explore\Command]

""=C:\WINDOWS\explorer.exe -- [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation)

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c78bd3cb-c8a7-11dd-aec7-002215f404f5}\Shell\open\Command]

""=C:\WINDOWS\explorer.exe -- [2008/04/13 20:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2009/04/01 17:08:35 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe

[2009/04/01 17:06:33 | 56,732,410 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\L'Envol裠Sauvage for vikingland.avi.006.xtm

** - C:\Documents and Settings\moi\Bureau\L'Envol?Sauvage for vikingland.avi.006.xtm

[2009/04/01 17:03:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage

[2009/04/01 16:45:23 | 12,384,06056 | ---- | C] () -- C:\The.Spirit.720p.FRENCH.BluRay.x264-ForceBleue.mkv

[2009/04/01 16:35:23 | 73,337,8560 | ---- | C] () -- C:\The Last Kiss.avi

[2009/04/01 16:34:18 | 00,185,296 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage.htm

[2009/04/01 16:34:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage_fichiers

[2009/03/31 19:38:36 | 73,382,9120 | ---- | C] () -- C:\The.Spirit.REPACK.FRENCH.DVDRiP.XviD-ULTRASON.avi

[2009/03/31 19:21:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\new Windows Genuine Advantage WGA 25 Mars 2009

[2009/03/31 16:04:38 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe

[2009/03/31 16:04:38 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe

[2009/03/31 16:04:38 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe

[2009/03/31 16:04:38 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe

[2009/03/31 16:04:38 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe

[2009/03/31 16:04:38 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe

[2009/03/31 16:04:38 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe

[2009/03/31 16:04:37 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe

[2009/03/31 16:04:37 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe

[2009/03/31 16:04:37 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe

[2009/03/31 16:04:37 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe

[2009/03/31 16:04:37 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe

[2009/03/31 16:04:37 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe

[2009/03/31 16:04:37 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe

[2009/03/31 13:24:02 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2009/03/30 16:14:42 | 79,570,1458 | ---- | C] () -- C:\American.History.X.1998.MULTi.CUSTOM.720p.BluRay.x264-GKS.mkv

[2009/03/30 08:58:41 | 00,039,283 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\entre les murs.htm

[2009/03/30 08:58:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\entre les murs_fichiers

[2009/03/29 11:44:27 | 00,001,201 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\NonNon.gif

[2009/03/29 00:36:42 | 00,104,461 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\La planète des singes.htm

[2009/03/29 00:36:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\La planète des singes_fichiers

[2009/03/26 23:46:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\D-Tools

[2009/03/26 18:28:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\dernier firmware ptv philips

[2009/03/25 12:10:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\BashBest

[2009/03/25 11:59:37 | 02,936,832 | ---- | C] () -- C:\WINDOWS\System32\MA2_6.scr

[2009/03/25 11:59:37 | 00,000,000 | ---D | C] -- C:\Program Files\SereneScreen

[2009/03/25 00:26:30 | 00,906,763 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\amega.pdf

[2009/03/24 22:53:15 | 00,400,533 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\Datasheet%20SAGEM%20ISD91%20HD%20TNTSAT%20V9.pdf

[2009/03/24 22:52:55 | 00,485,019 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\SAGEM%20DTR%2094160.pdf

[2009/03/24 21:24:12 | 00,328,262 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\11760d1218642596-digital8-numeriser-hi8-liste-exhaustive-digital8-1.jpg

[2009/03/24 19:17:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\C_PDU_Ub_g06(2)

[2009/03/24 18:25:42 | 00,459,590 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\depliant.pdf

[2009/03/24 18:20:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\CyberLink

[2009/03/24 18:13:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\CyberLink

[2009/03/24 18:10:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink

[2009/03/24 18:10:12 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink

[2009/03/24 11:45:34 | 86,549,151 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\PowerDVD.Deluxe.v9.0.1428.by.Konoha.rar

[2009/03/24 11:44:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\power dvd9 ultra_fichiers

[2009/03/24 11:44:53 | 00,064,973 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\power dvd9 ultra.htm

[2009/03/22 17:20:14 | 01,070,592 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\TweakMCE.msi

[2009/03/21 16:48:08 | 00,109,959 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\folder.jpg

[2009/03/21 16:15:30 | 00,000,000 | ---D | C] -- C:\Program Files\TagRename

[2009/03/21 15:57:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\albumart

[2009/03/21 15:57:41 | 00,000,000 | ---D | C] -- C:\Program Files\Album Cover Art Downloader

[2009/03/21 13:29:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mp3 tag editor

[2009/03/20 18:44:27 | 02,792,353 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Alain Bashung - Angora.mp3

[2009/03/19 12:23:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\Kaspersky_Key_Finder_(KKF

[2009/03/19 11:28:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\pour kis 2009

[2009/03/19 01:39:25 | 00,018,207 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\winfast.jpg

[2009/03/18 14:14:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Bashung - 1998 - Fantaisie militaire

[2009/03/18 13:58:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink

[2009/03/18 12:42:40 | 00,000,000 | ---D | C] -- C:\Program Files\DVDShrink 2008

[2009/03/18 12:12:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Alain Bashung - Climax. - 320Kbps

[2009/03/16 17:43:45 | 00,567,539 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\winfast_tv2000xp_deluxe.pdf

[2009/03/16 16:38:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\MMTVConfig

[2009/03/16 16:38:06 | 00,000,000 | ---D | C] -- C:\Program Files\MMTVConfig

[2009/03/16 12:23:50 | 00,447,488 | ---- | C] () -- C:\WINDOWS\System32\splus.cpl

[2009/03/16 12:23:50 | 00,000,000 | ---D | C] -- C:\Program Files\splus

[2009/03/16 12:15:15 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner

[2009/03/15 00:45:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\lfp 2008

[2009/03/15 00:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Alain_B_B_P_for_TeamSwisspartage

[2009/03/15 00:20:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Fernandel_Collection d'Or by moreno

[2009/03/14 01:14:50 | 00,000,000 | ---D | C] -- C:\Program Files\K!TV

[2009/03/14 00:59:43 | 03,927,248 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\NNSGuenuine-2.5.rar

[2009/03/12 20:16:21 | 00,000,000 | ---D | C] -- C:\Program Files\PhotomatixPro3

[2009/03/12 14:51:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\dell

[2009/03/11 23:42:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2009/03/11 19:24:55 | 01,549,416 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\TvApp_fra.chm

[2009/03/09 23:16:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\TerraTec

[2009/03/09 23:02:39 | 00,613,333 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\terratec ht pci telecommande.pdf

[2009/03/08 16:22:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\anti wga windows media center

[2009/03/08 16:06:11 | 78,951,8373 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Windows XP Édition Media Center 2005 Fr.rar

[2009/03/08 13:56:08 | 00,000,000 | ---D | C] -- C:\_OTMoveIt

[2009/03/08 13:02:54 | 00,348,160 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTMoveIt3.exe

[2009/03/08 02:54:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\pour pchc

[2009/03/07 14:01:18 | 01,662,785 | ---- | C] () -- C:\SmitfraudFix.exe

[2009/03/07 14:01:17 | 00,000,000 | ---D | C] -- C:\SmitfraudFix

[2009/03/07 13:57:41 | 00,004,562 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg

[2009/03/06 12:12:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\10290306

[2009/03/05 16:18:40 | 00,386,123 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\boitier frederic.pdf

[2009/03/05 02:33:41 | 00,137,252 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Voici le pack Bonus DVD pour Pinnacle 11.htm

[2009/03/05 02:33:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\moi\Bureau\Voici le pack Bonus DVD pour Pinnacle 11_fichiers

[2009/03/03 20:35:22 | 00,446,464 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll

[2009/03/03 20:35:22 | 00,337,672 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\SSTree.ocx

[2009/03/03 20:35:22 | 00,327,680 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\txobj32.dll

[2009/03/03 20:35:22 | 00,323,584 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_word.dll

[2009/03/03 20:35:22 | 00,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX

[2009/03/03 20:35:22 | 00,135,168 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_htm32.dll

[2009/03/03 20:35:22 | 00,131,072 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_rtf32.dll

[2009/03/03 20:35:22 | 00,081,920 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\txtls32.dll

[2009/03/03 20:35:22 | 00,069,632 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\ic32.dll

[2009/03/03 20:35:22 | 00,061,440 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\wndtls32.dll

[2009/03/03 20:35:22 | 00,045,056 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_tif32.flt

[2009/03/03 20:35:22 | 00,032,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_wmf32.flt

[2009/03/03 20:35:22 | 00,032,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx_bmp32.flt

[2009/03/03 20:35:22 | 00,000,151 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini

[2009/03/03 20:35:21 | 00,290,816 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\Tx4ole.ocx

[2009/03/03 20:35:08 | 00,000,000 | ---D | C] -- C:\Program Files\Micro Application

 

========== Files - Modified Within 30 Days ==========

 

[1 C:\WINDOWS\System32\*.tmp files]

[5 C:\WINDOWS\*.tmp files]

[2009/04/01 17:15:49 | 56,732,410 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\L'Envol裠Sauvage for vikingland.avi.006.xtm

** - C:\Documents and Settings\moi\Bureau\L'Envol?Sauvage for vikingland.avi.006.xtm

[2009/04/01 17:13:34 | 12,384,06056 | ---- | M] () -- C:\The.Spirit.720p.FRENCH.BluRay.x264-ForceBleue.mkv

[2009/04/01 17:08:45 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTViewIt.exe

[2009/04/01 16:58:27 | 00,245,760 | ---- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/04/01 16:45:22 | 73,337,8560 | ---- | M] () -- C:\The Last Kiss.avi

[2009/04/01 16:34:19 | 00,185,296 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\l'envolée sauvage.htm

[2009/04/01 15:34:22 | 01,018,544 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/04/01 15:34:22 | 00,467,620 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2009/04/01 15:34:22 | 00,400,624 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/04/01 15:34:22 | 00,075,696 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2009/04/01 15:34:22 | 00,062,286 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/04/01 15:29:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/04/01 15:29:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/03/31 22:48:33 | 07,809,568 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/03/31 22:48:33 | 00,909,344 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009/03/31 22:48:33 | 00,075,716 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009/03/31 22:48:33 | 00,012,572 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx

[2009/03/31 19:47:58 | 73,382,9120 | ---- | M] () -- C:\The.Spirit.REPACK.FRENCH.DVDRiP.XviD-ULTRASON.avi

[2009/03/31 16:42:49 | 00,079,096 | ---- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2009/03/31 16:39:42 | 01,577,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/03/31 16:13:20 | 00,004,562 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg

[2009/03/31 15:54:04 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/03/31 00:00:02 | 00,000,310 | ---- | M] () -- C:\WINDOWS\System32\tversity.cookies

[2009/03/30 19:48:31 | 00,000,573 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\Mes dossiers de partage.lnk

[2009/03/30 17:48:57 | 79,570,1458 | ---- | M] () -- C:\American.History.X.1998.MULTi.CUSTOM.720p.BluRay.x264-GKS.mkv

[2009/03/30 12:02:06 | 00,001,682 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2009/03/30 08:58:42 | 00,039,283 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\entre les murs.htm

[2009/03/29 13:59:33 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI

[2009/03/29 11:44:28 | 00,001,201 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\NonNon.gif

[2009/03/29 00:36:47 | 00,104,461 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\La planète des singes.htm

[2009/03/25 21:26:30 | 03,701,772 | -H-- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\IconCache.db

[2009/03/25 00:26:30 | 00,906,763 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\amega.pdf

[2009/03/24 22:53:15 | 00,400,533 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\Datasheet%20SAGEM%20ISD91%20HD%20TNTSAT%20V9.pdf

[2009/03/24 22:52:55 | 00,485,019 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\SAGEM%20DTR%2094160.pdf

[2009/03/24 21:24:14 | 00,328,262 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\11760d1218642596-digital8-numeriser-hi8-liste-exhaustive-digital8-1.jpg

[2009/03/24 18:25:42 | 00,459,590 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\depliant.pdf

[2009/03/24 18:11:19 | 00,505,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll

[2009/03/24 11:52:01 | 86,549,151 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\PowerDVD.Deluxe.v9.0.1428.by.Konoha.rar

[2009/03/24 11:44:55 | 00,064,973 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\power dvd9 ultra.htm

[2009/03/23 21:13:00 | 00,012,800 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\Settings.cfg

[2009/03/23 21:13:00 | 00,004,096 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\monpetitsiteperso.ftp

[2009/03/23 21:13:00 | 00,002,560 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\Par défaut.cls

[2009/03/22 17:20:14 | 01,070,592 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\TweakMCE.msi

[2009/03/21 16:48:08 | 02,792,353 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Alain Bashung - Angora.mp3

[2009/03/21 16:48:06 | 00,109,959 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\folder.jpg

[2009/03/20 19:21:51 | 00,193,536 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\potins de famille.ftp

[2009/03/19 01:39:25 | 00,018,207 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\winfast.jpg

[2009/03/16 17:43:45 | 00,567,539 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\winfast_tv2000xp_deluxe.pdf

[2009/03/14 00:59:58 | 03,927,248 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\NNSGuenuine-2.5.rar

[2009/03/11 00:04:20 | 00,002,145 | ---- | M] () -- C:\WINDOWS\Graffiti5.2Pin.ini

[2009/03/09 23:02:39 | 00,613,333 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\terratec ht pci telecommande.pdf

[2009/03/09 19:17:58 | 00,527,360 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\LISTE FILMS version 3.xls

[2009/03/08 16:25:48 | 78,951,8373 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Windows XP Édition Media Center 2005 Fr.rar

[2009/03/08 13:02:55 | 00,348,160 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTMoveIt3.exe

[2009/03/07 22:09:35 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagwrn.xml

[2009/03/07 22:09:35 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml

[2009/03/07 13:55:53 | 01,662,785 | ---- | M] () -- C:\SmitfraudFix.exe

[2009/03/05 16:18:40 | 00,386,123 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\boitier frederic.pdf

[2009/03/05 02:33:43 | 00,137,252 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Voici le pack Bonus DVD pour Pinnacle 11.htm

[2009/03/03 20:34:23 | 00,000,348 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI

< End of report >

 

- extras :

 

OTViewIt Extras logfile created on: 01/04/2009 17:16:49 - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\moi\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free

4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 175,78 Gb Total Space | 102,33 Gb Free Space | 58,21% Space Free | Partition Type: NTFS

Drive D: | 234,38 Gb Total Space | 230,45 Gb Free Space | 98,32% Space Free | Partition Type: NTFS

Drive E: | 175,78 Gb Total Space | 100,91 Gb Free Space | 57,40% Space Free | Partition Type: NTFS

Drive F: | 114,19 Gb Total Space | 34,66 Gb Free Space | 30,35% Space Free | Partition Type: NTFS

Drive G: | 234,38 Gb Total Space | 215,03 Gb Free Space | 91,74% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

Drive I: | 234,38 Gb Total Space | 132,93 Gb Free Space | 56,72% Space Free | Partition Type: NTFS

Drive J: | 228,38 Gb Total Space | 18,35 Gb Free Space | 8,03% Space Free | Partition Type: NTFS

 

Computer Name: GIGABYTE

Current User Name: moi

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxURL] --

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled"=1

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=0

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=1

""=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2008/04/13 20:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2008/09/02 22:02:16 | 00,582,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call

[2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2008/04/13 20:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008/04/13 12:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2008/09/02 22:02:16 | 00,582,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call

[2006/02/28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour

[2008/11/12 18:03:10 | 05,488,640 | ---- | M] (Activision Blizzard, Inc.) -- G:\COD\CoDWaW.exe:*:Enabled:Call of Duty® - World at War

[2008/11/10 00:47:14 | 05,444,880 | ---- | M] (Activision Blizzard, Inc.) -- G:\COD\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War

[2008/05/04 14:16:27 | 04,419,584 | ---- | M] (Omega Unfold Inc.) -- C:\Program Files\Webcam Zone Trigger 2\ZoneTrigger.exe:*:Enabled:Zone Trigger 2

[2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[2008/05/05 13:25:39 | 24,662,016 | ---- | M] (Ubisoft) -- J:\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9

[2008/05/05 13:36:27 | 24,182,784 | ---- | M] (Ubisoft) -- J:\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10

[2008/02/22 12:08:44 | 00,619,144 | R--- | M] (Ubisoft) -- J:\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update

[2007/04/06 14:17:06 | 00,073,728 | ---- | M] (Pinnacle Systems) -- J:\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager

[2007/04/06 14:40:20 | 05,505,024 | ---- | M] (Pinnacle Systems) -- J:\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio

[2006/11/21 06:05:58 | 00,024,576 | ---- | M] ( ) -- J:\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile

[2007/04/06 14:16:44 | 00,081,920 | ---- | M] (Pinnacle Systems) -- J:\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi

[2009/02/19 07:40:26 | 03,913,032 | ---- | M] (Pando Networks) -- C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application

[2008/05/13 13:42:40 | 00,079,120 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager

[2008/05/13 13:26:04 | 06,034,704 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio

[2008/05/13 13:42:42 | 00,087,312 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi

File not found -- C:\Documents and Settings\moi\Local Settings\Temp\{5A0D905C-C3DB-4C87-B8FF-EEE1C511121F}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

[2005/09/20 13:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[2007/10/18 12:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

msdaipp: [HKLM - No CLSID value]

[2005/09/20 13:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[2005/09/20 13:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[2007/10/18 12:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[2007/03/14 14:10:22 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

[2007/05/10 14:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

[2007/04/19 14:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02627ee5-eaca-4742-a9cc-e687631773e4}"=Nero ShowTime

"{03E494A7-F504-DA41-3079-9E2FB36736BC}"=CCC Help English

"{04A94422-A264-81D4-D65E-87276F5B402D}"=Catalyst Control Center Localization Italian

"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3

"{055EE59D-217B-43A7-ABFF-507B966405D8}"=ATI Catalyst Control Center

"{086a7d8c-0a38-4c7f-819a-620275550d5c}"=Nero BurningROM

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting

"{0E73A14F-23FD-E1B8-ED38-108ECFA08440}"=Catalyst Control Center Localization Portuguese

"{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}"=Studio 11

"{1326473A-0200-0037-0000-8E44E2204A03}"=Security BOX® Freeware 2.0

"{1499819F-1E2E-419E-A363-6058CD700A5E}"=Le bricolage pratique (Electricité - plomberie)

"{14BC810B-5907-B9C3-B2F4-12D5EEA253F4}"=Catalyst Control Center Graphics Previews Common

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin

"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate

"{1c00c7c5-e615-4139-b817-7f4003de68c0}"=Nero PhotoSnap Help

"{1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1"=VirtualDub 1.8.6 Fr

"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}"=Nero InfoTool

"{215741EE-19FD-40FE-AA83-2FF0812D54C8}"=Webcam Zone Trigger 2

"{22BED295-8AE7-4BDE-9E4E-FA038D83B194}"=Default

"{2348b586-c9ae-46ce-936c-a68e9426e214}"=Nero StartSmart Help

"{23655B51-F898-DC12-A2A1-3348D875F659}"=CCC Help Czech

"{25611B0A-54C2-69B9-723D-668201C22CD4}"=ccc-core-static

"{262BF2CD-601D-4F43-919C-4B00B1D1F338}"=Boris Graffiti

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{27F38AC0-298C-F7E2-F3AE-F7D12BBBE9D5}"=CCC Help Chinese Traditional

"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}"=WinFast Codec-TS SDK

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3

"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}"=BD/HD Advisor 1.0

"{2F952048-3220-4AC7-A206-D01EFC774BB2}"=Studio 11

"{30B695C3-C7B0-69E1-197B-409587BC1FD7}"=CCC Help Norwegian

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}"=Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

"{33cf58f5-48d8-4575-83d6-96f574e4d83a}"=Nero DriveSpeed

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{359cfc0a-beb1-440d-95ba-cf63a86da34f}"=Nero Recode

"{368ba326-73ad-4351-84ed-3c0a7a52cc53}"=Nero Rescue Agent

"{36CDA33B-909B-4719-97D1-C4B99309BDC7}"=ATI Parental Control & Encoder

"{37C8899D-FD70-481F-94AA-1F1B08765E22}"=Acronis True Image Home

"{399B10AC-4E84-20F8-5913-82526B16F561}"=Catalyst Control Center Graphics Light

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}"=JMicron JMB36X Driver

"{3EC34F85-AF61-5B18-42D6-306B6B80E92E}"=Catalyst Control Center Localization Swedish

"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}"=WinFast Multimedia Driver Installation

"{43e39830-1826-415d-8bae-86845787b54b}"=Nero Vision

"{4B494547-1410-C77E-B6F0-86F394ABAF94}"=CCC Help Hungarian

"{4D7E8B72-AEA2-8493-F5F3-DA10E2EE2D22}"=Catalyst Control Center Localization Chinese Traditional

"{4E868D3D-6EEB-4273-926C-2287236B5B79}"=3DVIA player 4.1

"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3

"{55663DF0-3559-AE1E-0B9E-ED5353914B5D}"=CCC Help Japanese

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml

"{587178E7-B1DF-494E-9838-FA4DD36E873C}"=ASUSUpdate

"{595a3116-40bb-4e0f-a2e8-d7951da56270}"=NeroExpress

"{59F83B00-970D-511C-D9DE-52B233780020}"=CCC Help Portuguese

"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}"=Nero Vision

"{5DA6F06A-B389-407B-BF8C-1548767914D8}"=ATI Problem Report Wizard

"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}"=Nero RescueAgent Help

"{5EB90C06-964F-4195-B83E-BD7E55C88415}"=Pilote vidéo Pinnacle

"{60c731fb-c951-41ce-ad41-8e54c8594609}"=Nero Disc Copy Gadget Help

"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}"=Nero CoverDesigner

"{64ACFE24-FB82-84A6-9FB8-B90539752E5B}"=Catalyst Control Center Localization German

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"{68DD4EAE-C5E4-1E34-F991-B99ABA6DC8E3}"=Catalyst Control Center Graphics Full New

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{73B5D990-04EA-4751-B10F-5534770B91F2}"=Adobe Color EU Recommended Settings

"{74224F8D-4A17-4816-9EDB-7BB854DE532C}"=NVIDIA PhysX v8.04.25

"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1"=Spy Sweeper

"{7748ac8c-18e3-43bb-959b-088faea16fb2}"=Nero StartSmart

"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}"=Nero Live Help

"{7829db6f-a066-4e40-8912-cb07887c20bb}"=Nero BurnRights

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec

"{7F4C1C17-C647-3CE0-4426-F368132A66A6}"=CCC Help Turkish

"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3

"{81946C2A-5269-A6F5-4566-A9F253007A7E}"=Catalyst Control Center Localization Turkish

"{83202942-84b3-4c50-8622-b8c0aa2d2885}"=Nero Express

"{83895843-3A51-4C93-9DF3-2BDB65C7E54A}"=DAEMON Tools

"{8615E5FC-8906-AACF-5A1A-FB65046F647B}"=CCC Help Swedish

"{868EC13B-52DA-43B9-8C05-50CD897674DF}"=Windows Live Call

"{869200db-287a-4dc0-b02b-2b6787fbcd4c}"=Nero DiscSpeed

"{8959A774-3FB3-B315-ACDF-4B7B70F5A169}"=Catalyst Control Center Core Implementation

"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}"=ATI AVIVO Codecs

"{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009

"{8CFA9151-6404-409A-AF22-4632D04582FD}"=Assassin's Creed

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3

"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}"=Ulead Disc-Direct SDK

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support

"{9011040C-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003

"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3

"{906B417C-6F6C-2A5A-DB5E-5C7499941C58}"=CCC Help Spanish

"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}"=Adobe Setup

"{93CB830F-517E-1695-C61B-2A1AA105CD78}"=Catalyst Control Center Localization French

"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting

"{95DCA618-9717-BBD3-B438-A5A9B1EB30C8}"=CCC Help German

"{984880C1-7AC7-5267-A7D9-AEC19C932950}"=Catalyst Control Center Graphics Full Existing

"{98a67610-a3b5-4098-a423-3708040026d3}"="Nero SoundTrax Help

"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}"=WinFast De-interlace SDK

"{9A394342-4A68-4EBA-85A6-55B559F4E700}"=Microsoft .NET Framework 1.1 French Language Pack

"{9A3F8688-4F15-B77D-73A1-B0363517D1B1}"=Catalyst Control Center Localization Danish

"{9B1BFDE6-3B65-FB41-BC54-353227EE742A}"=CCC Help Italian

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3

"{9e82b934-9a25-445b-b8df-8012808074ac}"=Nero PhotoSnap

"{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}"=Express Gate

"{A0793FD9-9505-BF02-FF47-83C984DC814B}"=Catalyst Control Center Localization Chinese Standard

"{a209525b-3377-43f4-b886-32f6b6e7356f}"=Nero WaveEditor

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific

"{A32A0DF0-6650-6503-293D-64AAF212CBF8}"=Catalyst Control Center Localization Japanese

"{A44D0AC2-0891-5AB9-EE23-3EF3339BC2FE}"=Catalyst Control Center Localization Russian

"{A54BEBF5-D7F9-2B34-6475-FB07780C80CA}"=Catalyst Control Center Localization Polish

"{A5CC3E6E-CAC7-4D47-A5C8-743E549890D5}"=Sunbelt CounterSpy

"{A8280D9A-D6A4-1E52-E85F-99E3BB19CEEA}"=Catalyst Control Center Localization Czech

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}"=ImagXpress

"{A960DA53-C5C4-37A4-3671-C0236BF41E99}"=CCC Help Chinese Standard

"{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}"=ABBYY FineReader 8.0 Professional Edition

"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}"=Pando

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings

"{AC76BA86-7AD7-1033-7B44-A81100000003}"=Adobe Reader 8.1.1

"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}"=Nero Recode Help

"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}"=WinFast TT-SB SDK

"{AFAE2B15-89A0-4215-A030-F7B5B478886B}"=Call of Duty® - World at War 1.1 Patch

"{B0D2BC40-119B-AD18-E697-E6073DD6D149}"=ccc-utility

"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter

"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}"=DolbyFiles

"{B2C78A98-20EA-D90A-69E3-B15587D51588}"=CCC Help Thai

"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}"=Advertising Center

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0

"{B59DA9F5-3630-FFF1-C47C-B2CA172CF876}"=CCC Help Polish

"{b78120a0-cf84-4366-a393-4d0a59bc546c}"=Menu Templates - Starter Kit

"{B84AE471-81DD-D81F-CD20-B3464877E525}"=Skins

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3

"{BADF6744-3787-48F6-B8C9-4C4995401D65}"=Windows Live Messenger

"{BBFEA1AF-ECCE-1114-2EC8-AC304AB6B753}"=Catalyst Control Center Localization Hungarian

"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}"=Nero ControlCenter

"{BF794769-8875-4E01-B7BE-E00104604F4A}"=Adobe Photoshop CS3

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2

"{C397AE7E-CFA4-9D60-880D-D0BA7CF3F596}"=CCC Help Finnish

"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}"=SoundTrax

"{C92C584E-C781-475E-A8E2-C67D993A6B95}"=WinFast PVR2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{cc019e3f-59d2-4486-8d4b-878105b62a71}"=Nero DiscSpeed

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}"=SUPERAntiSpyware Professional

"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}"=Nero CoverDesigner Help

"{d025a639-b9c9-417d-8531-208859000af8}"=NeroBurningROM

"{D041EB9E-890A-4098-8F94-51DA194AC72A}"=Pinnacle Studio 12

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client

"{D1860E6E-520E-4380-8433-E58E8F88B473}"=Pinnacle Studio 12 Ultimate Plugins

"{D20100AC-608D-1A4C-372E-75009E7C168E}"=CCC Help Danish

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files

"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}"=Assistant de connexion Windows Live

"{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1"=VirtualDub Plugin Pack 1.0.0.5 Fr

"{D801FEB6-53DF-CE1C-67E2-A977E43A7E8F}"=CCC Help Russian

"{D80A6A73-E58A-4673-AFF5-F12D7110661F}"=Call of Duty® - World at War

"{D8BC7043-62D2-4A0D-918C-CBDF0BD70ABD}"=Micro Application - 3D Architecte Expert CAD 2007

"{D94E53DD-9428-11D6-90F5-0048545B0D01}"=Système de vidéo surveillance numérique

"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}"=Nero ShowTime

"{DAA29BAD-1C06-E8E0-CFE6-557F818C7AF7}"=CCC Help Dutch

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings

"{DB7EBA4A-44AF-DF22-EBA7-6BF4E011E319}"=CCC Help French

"{DBB18C43-FE45-36DF-D171-E209B79A76F3}"=Catalyst Control Center Localization Dutch

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings

"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}"=Nero Live

"{E1BCF465-85F4-C303-944E-9E416977C560}"=CCC Help Korean

"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}"=Corel Paint Shop Pro Photo XI

"{E3AEC354-AD4C-51D3-E345-CEE6CA8A9C3A}"=Catalyst Control Center Localization Greek

"{e498385e-1c51-459a-b45f-1721e37aa1a0}"=Movie Templates - Starter Kit

"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}"=Nero DriveSpeed

"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3

"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}"=Nero WaveEditor Help

"{e8a80433-302b-4ff1-815d-fcc8eac482ff}"=Nero Installer

"{EA024A36-5934-05B8-550B-60DA131B90C4}"=CCC Help Greek

"{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}"=Choice Guard

"{EE3FBA20-AB77-46E0-9825-565807A24A66}"=DVDShrink 2008

"{EE5AC826-8731-6406-9947-D0420143A7BD}"=ccc-core-preinstall

"{EEB193CE-2B04-B568-29FF-FAFA34BB3F19}"=Catalyst Control Center Localization Spanish

"{EF0A8C24-E239-45D5-492D-D5895518ACB3}"=Catalyst Control Center Localization Thai

"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}"=Pinnacle Instant DVD Recorder

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{f1861f30-3419-44db-b2a1-c274825698b3}"=Nero Disc Copy Gadget

"{F2A34EE8-F7E7-11D6-9D38-0050BAEF4D56}"=Système de vidéo surveillance numérique - RemoteManager

"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}"=Nero ControlCenter

"{f6bdd7c5-89ed-4569-9318-469aa9732572}"=Nero BurnRights

"{F88183B1-BD65-F87C-855F-BB7D1AA3AEA2}"=Catalyst Control Center Localization Norwegian

"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}"=Yahoo! Desktop Login

"{fbcdfd61-7dcf-4e71-9226-873ba0053139}"=Nero InfoTool

"{FC70949F-1417-A3F5-8E84-EBF5ACB93B58}"=Catalyst Control Center Localization Korean

"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}"=Windows Live installer

"{fde86273-04e9-4840-bcfe-b97db748a015}"=Nero 9

"{FE22679C-7CE4-8633-CE7F-8122B52C52CF}"=Catalyst Control Center Localization Finnish

"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}"=Adobe Color NA Extra Settings

"7-Zip"=7-Zip 4.65

"ActiveScan 2.0"=Panda ActiveScan 2.0

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"Adobe_32e9033392a51340b32fdc6ad893ab7"=Adobe Photoshop CS3

"Album Cover Art Downloader_is1"=Album Cover Art Downloader 1.6.0

"All ATI Software"=ATI - Utilitaire de désinstallation du logiciel

"Ashampoo Core Tuner_is1"=Ashampoo Core Tuner 1.00

"Astro"=Astro

"ATI Display Driver"=ATI Display Driver

"A-Z Video Converter Ultimate_is1"=A-Z Video Converter Ultimate 8.45

"Babylon"=Babylon

"Brothers in Arms - Deadly Road"=Brothers in Arms - Deadly Road

"Brothers in Arms - Hell's Highway"=Brothers in Arms: Hell's Highway

"CANONBJ_Deinstall_CNMCP5m.DLL"=Canon i865

"CCleaner"=CCleaner (remove only)

"CleanUp!"=CleanUp!

"Encyclopaedia Universalis"=Encyclopaedia Universalis

"ffdshow_is1"=ffdshow [rev 1723] [2007-12-24]

"FileZilla Client"=FileZilla Client 3.1.6

"Fraps"=Fraps

"FTP Expert 3"=FTP Expert 3

"GPL Ghostscript 8.54"=GPL Ghostscript 8.54

"GPL Ghostscript Fonts"=GPL Ghostscript Fonts

"HijackThis"=HijackThis 2.0.2

"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs

"ie7"=Windows Internet Explorer 7

"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}"=Call of Duty® - World at War 1.1 Patch

"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}"=Call of Duty® - World at War

"InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009

"K!TV"=K!TV

"Leroy Merlin"=Leroy Merlin - RéussirVotreProjetCouleur

"Magic Bullet Looks Studio"=Magic Bullet Looks Studio

"MeuhMeuhTV Alpha_is1"=MeuhMeuhTV Alpha 3.0.0.32

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0

"MMTVConfig"=MMTVConfig (désinstallation seulement)

"Mozilla Firefox (3.0."=Mozilla Firefox (3.0.

"MSNINST"=MSN

"mv61xxDriver"=marvell 61xx

"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs

"PDF Writer"=PDF Writer

"Pharaon"=Pharaon

"Photo Viewer"=Photo Viewer 2.3

"PhotomatixPro3_is1"=Photomatix Pro version 3.0.1

"PhotoZoom Pro 2"=BenVista PhotoZoom Pro 2.3.2

"proDAD-Vitascene-1.0"=proDAD Vitascene 1.0

"Retouch Pilot Full_is1"=Retouch Pilot Full 3.1

"SereneScreen Marine Aquarium 2.6_is1"=SereneScreen Marine Aquarium 2.6

"SoftwareUpdate_is1"=SoftwareUpdate 1.0

"stax-Pinnacle_is1"=SureThing Express Labeler

"Suppress plus_is1"=Suppress plus 1.8

"Sweet Home 3D_is1"=Sweet Home 3D version 1.5.1

"Tag&Rename_is1"=Tag&Rename 3.3.5

"TVersity Codec Pack"=TVersity Codec Pack 1.1

"TVersity Media Server "=TVersity Media Server 0.9.11.4 beta

"UltraSplitter"=UltraSplitter

"VLC media player"=VLC media player 0.9.4

"vmntoolbar"=VMN Toolbar

"Windows Media Format Runtime"=Windows Media Format Runtime

"Windows XP Service"=Windows XP Service Pack 3

"WinISO_is1"=WinISO 5.3

"WinRAR archiver"=Archiveur WinRAR

"XnView_is1"=XnView 1.95.4

"xp-AntiSpy"=xp-AntiSpy 3.96-4

"XviD"=XviD MPEG-4 Codec

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 04/03/2009 17:39:35 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant

eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01.

 

Error - 05/03/2009 02:53:32 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant

eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01.

 

Error - 07/03/2009 08:24:53 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant

eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01.

 

Error - 08/03/2009 06:58:31 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante eoengine.exe, version 1.0.0.1, module défaillant

eoengine.exe, version 1.0.0.1, adresse de défaillance 0x0000ab01.

 

Error - 14/03/2009 09:45:12 | Computer Name = GIGABYTE | Source = Userenv | ID = 1509

Description = Windows ne peut pas copier le fichier C:\Documents and Settings\moi\Local

Settings\Application Data\Microsoft\Messenger\tolunq@hotmail.com\SharingMetadata\narutogenin73@hotmail.fr\DFSR\Staging\CS{8B8BFC13-F615-E555-AAAB-67F21339F7B6}\01\11-{8B8BFC13-F615-E555-AAAB-67F21339F7B6}-v1-{8A04D731-7BD0-4771-9CE2-C8C38D817AD3}-v11-Downloaded.frx

vers l'emplacement C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Messenger\tolunq@hotmail.com\SharingMetadata\narutogenin73@hotmail.fr\DFSR\Staging\CS{8B8BFC13-F615-E555-AAAB-67F21339F7B6}\01\11-{8B8BFC13-F615-E555-AAAB-67F21339F7B6}-v1-{8A04D731-7BD0-4771-9CE2-C8C38D817AD3}-v11-Downloaded.frx.

Les causes possibles de cette erreur incluent des problèmes réseau ou des autorisations

insuffisantes. Contactez votre administrateur réseau. DÉTAIL - Nom de fichier ou

extension trop long.

 

Error - 14/03/2009 09:45:12 | Computer Name = GIGABYTE | Source = Userenv | ID = 1515

Description = Windows a sauvegardé le profil de cet utilisateur. Windows tentera

automatiquement d'utiliser le profil sauvegardé la prochaine fois que cet utilisateur

ouvre une connexion.

 

Error - 14/03/2009 09:45:12 | Computer Name = GIGABYTE | Source = Userenv | ID = 1511

Description = Windows ne peut pas trouver le profil local et tente de vous connecter

avec un profil temporaire. Les modifications effectuées à ce profil seront perdues

lorsque vous vous déconnecterez.

 

Error - 16/03/2009 06:13:12 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante explorer.exe, version 6.0.2900.5512, module

défaillant unknown, version 0.0.0.0, adresse de défaillance 0x075e90e3.

 

Error - 19/03/2009 06:26:12 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante ds.exe, version 3.2.0.15, module défaillant

ds.exe, version 3.2.0.15, adresse de défaillance 0x0007c98a.

 

Error - 23/03/2009 06:31:59 | Computer Name = GIGABYTE | Source = Application Error | ID = 1000

Description = Application défaillante vlc.exe, version 0.9.4.0, module défaillant

libvout_directx_plugin.dll, version 0.0.0.0, adresse de défaillance 0x00006886.

 

[ System Events ]

Error - 31/03/2009 16:46:58 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

Error - 01/04/2009 09:30:21 | Computer Name = GIGABYTE | Source = Service Control Manager | ID = 7000

Description = Le service WinFast TV2000 XP WDM Video Capture n'a pas pu démarrer

en raison de l'erreur : %%1058

 

Error - 01/04/2009 09:30:21 | Computer Name = GIGABYTE | Source = Service Control Manager | ID = 7000

Description = Le service WinFast TV2000 XP WDM TVTuner n'a pas pu démarrer en raison

de l'erreur : %%1058

 

Error - 01/04/2009 09:30:21 | Computer Name = GIGABYTE | Source = Service Control Manager | ID = 7000

Description = Le service WinFast TV2000 XP WDM Crossbar n'a pas pu démarrer en raison

de l'erreur : %%1058

 

Error - 01/04/2009 09:35:10 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

Error - 01/04/2009 10:02:45 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

Error - 01/04/2009 10:27:33 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

Error - 01/04/2009 10:37:08 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

Error - 01/04/2009 11:06:54 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

Error - 01/04/2009 11:13:20 | Computer Name = GIGABYTE | Source = DCOM | ID = 10000

Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}

n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :

"C:\Program Files\Messenger\msmsgs.exe" -Embedding

 

 

< End of report >

[Curson]

Bonsoir,

 

Tu es infecté par l'adware.Eorezo, l'adware.VMN ainsi qu'une autre infection.

 

Ton sujet va être déplacé dans la section Analyse rapports HijackThis, Eradication malwares .

 

Autrement, quelques remarques :

 

Tu as installé trois anti-spywares. Un seul est nécessaire.

 

C:\Documents and Settings\moi\Bureau\PowerDVD.Deluxe.v9.0.1428.by.Konoha.rar

C:\Documents and Settings\moi\Application Data\Kaspersky_Key_Finder_(KKF

C:\Documents and Settings\moi\Bureau\NNSGuenuine-2.5.rar

Les cracks sont vecteurs d'infections. Un membre de l'équipe sécurité te donnera plus d'informations.

 

Cordialement.

[tolunq]

bon ben ... déjà merci pour l'analyse ...

 

quel anti spywares garder des 3 ?

et tu vois à quel endroit que j'ai une infection par l'adware Eorezo, l'adware VMN et encore une autre infection ?

[Curson]

Bonsoir,

 

Infection Eorezo :

"EoNet"= File not found

 

Infection VMN :

"vmntoolbar"=VMN Toolbar

 

Infection par un Trojan-Downloader :

C:\WINDOWS\NAVIGMA.INI

 

Concernant les anti-spywares, disposes-tu d'une licence pour chacun ou s'agit-ils de versions d'évaluation ?

 

Cordialement.

[tolunq]

- pour eonet, je ne sais mêm pas ce que c'est et ce que cela veut dire ...

après renseignement sur google, je me souviens bien avoir téléchargé cet outil pour connaitre la vitesse de ma connection à numericable, vu que je venais de changer d'operateur.

là, je suis allé sous dos et j'ai viré la dll du dossier c:\program files\eorezo

et j'ai ensuite supprimé le dossier eorezo. cela suffit il ?

je ne savias pas que c'était un truc à spam cet outil c'est surement à cause de lui que j'ai été bloqué à cause de spam.

 

- pour la VMN Toolbar, je l'ai enlevé après avoir fait une analyse avec hijackthis. en fait, elle a dû se mettre d'office avec internet explorer car je ne me sers pas de ça. j'utilise toujours firefox.

mais je ne savais pas que c'était une "merde". pourtant ce n'est qu'une barre d'outils. non ?

 

- pour C:\WINDOWS\NAVIGMA.INI ... impossible à enlever même en passant par otmovieit3 et en marquant : C:\WINDOWS\NAVIGMA.INI

dans la fenêtre pour l'enlever ....

il met met : "Error: Unable to interpret <C:\WINDOWS\NAVIGMA.INI > in the current context!

 

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 04012009_201456"

 

je n'ai pas compris pourquoi ...

et dans le rapport hijackthis, je ne l'ai pas vu ...

et qu'est ce que c'est que ce navigma.ini

 

- pour les antispywares, j'ai 2 versions d'evaluation et une complete ---> superantispyware

 

(j'ai aussi viré les 3 cracks rar ... )

Modifié le 1 avril 2009 par tolunq

[Curson]

Bonsoir,

 

Un helpeur va te prendre en charge dans la catégorie Erradication malwares. Je n'ai pas le droit de procéder à des désinfections sur ce forum.

 

EDIT: Eorezo n'envoie pas de spam.

 

Je te conseille de conserver superantispyware et de désinstaller les deux autres.

 

Cordialement.

Modifié le 1 avril 2009 par Curson

[tolunq]

bon ben je ne vois toujours pas pourquoi mon ip a été bloquée sur dvbkivabien2.info ????

 

encore un grand merci pour ton aide et le temps que tu as pris à me répondre.

 

je désinstalle de suite les 2 autres antispywares.

 

cordialement