Sujet Précédent Sujet Suivant

Avast ne peut supprimer les trojans

Résolu
mourlevat Messages postés 147 Statut Membre -  
mourlevat Messages postés 147 Statut Membre -
Bonjour,
Avast a bien détecté des trojans sur mon pc , mais dit ne pas pouvoir les supprimer.
Voici le rapport de hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:45:40, on 24/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Fighters\configservice.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fighters\licenseservice.exe
C:\Program Files\Fighters\updateservice.exe
C:\Program Files\Fighters\ScannerService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\TomTom DesktopSuite\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
c:\program files\fighters\spywarefighter\SPYWAREfighterTray.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\admin\LOCALS~1\Temp\QZTEMP\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.liberation.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O2 - BHO: (no name) - {B16F8052-1A10-4967-9F98-1A21ECC782F2} - (no file)
O2 - BHO: (no name) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {5776A2BC-D803-47F6-9DC0-8344DB8D604C} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
O3 - Toolbar: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom DesktopSuite\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/15d5f698ea12de536105/netzip/RdxIE601.cab
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2E2818D0-AF2F-4A72-B079-2707D60C82B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Media Center Monitor Service (ehMonitor) - Unknown owner - C:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
A voir également:

27 réponses

Précédent
  • 1
  • 2
Réponse 21 / 27
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonsoir,

pour ERUNT, est-ce que ce tutoriel répond à tes questions ?

Pour l'ordi de ton mari, je te propose de continuer ici. 'est ce qu'il y as de plus simple.

On termine d'abord le tien et je te donnerai les consignes pour celui de ton mari (je vais en profiter pour changer un outil).
0
mourlevat Messages postés 147 Statut Membre 8
 
Re ,
En effet , le tutoriel de Pc-astuce répond bien à mes questions. Excuse moi de ne pas l' avoir lu avant.
Pour Firefox , bien d'accord et il y a longtemps que je l' utilise. je constate que ma connexion internet est + rapide et que les pages s' ouvrent + vite, malgré la faible puissance de mon processeur. Nous n'avons donc pas oeuvré en vain !
Le portable est en wi-fi , XP familial aussi.
Bonne fin de soirée. à + Mimi
0
Réponse 22 / 27
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

tu as eu du mérite à trouver un tutoriel dont je ne t'ai pas donné les références ! (désolé)

=======================================================

Pour l'ordi de ton mari, on commence comme ça (c'est ça l"outil nouveau) :

Télécharge OTViewIt.exe depuis http://oldtimer.geekstogo.com/OTViewIt.exe

Enregistre ce fichier sur le Bureau.

Ferme toutes les fenêtres de programme ouvertes.

Fais un double clic sur OTViewIt.exe pour lancer l'outil.

Clique sur le bouton Run Scan et laisser l'outil travailler sans l'interrompre.

Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant l'un des deux rapports.

Ferme le Bloc-notes.

Le second rapport est visible dans la Barre des tâches. Le fermer également.

Ferme la fenêtre de OTViewIt.

Copie le contenu de OTViewIt.txt qui est sur ton Bureau dans ta réponse
0
mourlevat Messages postés 147 Statut Membre 8
 
Bonjour Lyonnais92

Je reprends une de tes précédentes réponses.
"un tutoriel : https://www.malekal.com/tutorial-spywareblaster/ "
Fort explicite , cela pas de problème.

Je n'ai pas trouvé mention de tutoriel pour ERUNT dans ce message ou alors j'ai mal vu. Peux-tu me repréciser le lien ?

5)Console de récupération Face aux nouvelles menaces (attaque du secteur de boot par exemple), la Console de récupération peut être la seule solution. Un tutoriel ici : https://www.pcastuces.com/pratique/windows/xp/console_recuperation/page1.htm . N'hésite pas à poser des questions si nécessaire.

C'est ce tutoriel là que je suis allé consulter sur pcastuces.com et que j'ai mis au chaud pour étudier + tard car il fait 10 pages !.
Les articles en anglais, n' étant pas trop à l''aise avec cette langue, je traduirai + tard aussi.

Je suppose que je me mets sur le portable pour faire les manips ? ou puis-je les faire de mon Pc ?
Je ne pense pas avoir le temps d' ici demain matin de m'y remettre...Bonne fin de journée, @ +
Mimii
0
Réponse 23 / 27
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

le tutoriel pour ERUNT.

https://forum.pcastuces.com/default.asp

==================

tant que l'ordi de ton mari permet de faire les manipulations demandées, travaille à partir de lui (pas la peine de se compliquer la vie).
0
mourlevat Messages postés 147 Statut Membre 8
 
Bonjour,
Me revoici, avec le 1er rapport demandé de OTViewIt ; à + :

OTViewIt logfile created on: 05/02/2009 22:09:43 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\gerard mourlevat\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

495,42 Mb Total Physical Memory | 96,11 Mb Available Physical Memory | 19,40% Memory free
1,13 Gb Paging File | 0,68 Gb Available in Paging File | 59,91% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,27 Gb Total Space | 2,88 Gb Free Space | 10,96% Space Free | Partition Type: FAT32
Drive D: | 26,66 Gb Total Space | 25,77 Gb Free Space | 96,65% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GEGE
Current User Name: gerard mourlevat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[color=orange]========== Processes ==========/color

[2008/05/12 12:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2005/08/16 09:56:16 | 00,368,640 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
[2005/07/20 15:05:52 | 00,729,177 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2005/08/31 19:59:34 | 00,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
[2005/07/19 11:06:12 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
[2005/07/19 11:10:06 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
[2005/08/26 16:23:02 | 14,837,248 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2005/07/26 11:36:00 | 00,069,632 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
[2005/07/15 10:53:44 | 00,196,608 | ---- | M] (Acer Inc) -- C:\acer\Empowering Technology\ePower\epm-dm.exe
[2005/08/10 12:28:06 | 00,593,920 | ---- | M] (Dritek System Inc.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe
[2005/10/14 17:01:40 | 02,462,208 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admtray.exe
[2008/11/26 18:18:52 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
[2007/12/11 10:56:54 | 00,286,720 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
[2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2006/10/24 20:15:04 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
[2005/08/31 19:59:46 | 00,249,954 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
[2005/07/28 22:04:28 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
[2005/07/28 22:04:28 | 01,077,376 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
[2007/11/13 18:57:02 | 02,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
[2005/01/21 19:37:16 | 00,143,360 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2007/11/13 18:57:04 | 02,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
[2006/10/24 20:14:56 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
[2005/08/31 19:59:48 | 00,114,784 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2005/10/06 16:08:36 | 01,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe
[2008/11/26 18:16:24 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2005/07/19 11:09:58 | 00,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
[2005/07/19 11:06:04 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2009/02/05 14:19:40 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2009/02/05 22:08:58 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\gerard mourlevat\Bureau\OTViewIt.exe

[color=orange]========== (O23) Win32 Services ==========/color

[2008/05/12 12:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
File not found -- -- (aspnet_state [On_Demand | Stopped])
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2008/11/26 18:16:24 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2005/10/06 16:08:36 | 01,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe -- (AWService [Auto | Running])
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service [Auto | Running])
[2005/08/31 19:59:46 | 00,249,954 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2005/08/31 19:59:48 | 00,114,784 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
[2005/07/28 22:04:28 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Running])
[2005/01/21 19:37:16 | 00,143,360 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2006/10/24 20:14:56 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])

[color=orange]========== Driver Services ==========/color

[2008/11/26 18:15:36 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2004/08/05 05:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
[2008/04/13 20:36:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
[2005/01/10 15:47:14 | 00,449,888 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\DRIVERS\ar5211.sys -- (AR5211 [On_Demand | Running])
[2004/08/05 05:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
[2004/08/05 05:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
[2008/11/26 18:17:26 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/11/26 18:16:30 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008/11/26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2005/06/07 22:44:36 | 01,235,968 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2005/06/14 18:12:08 | 00,480,512 | ---- | M] (AVerMedia) -- C:\WINDOWS\system32\DRIVERS\AVerE506.sys -- (AVerE506 [On_Demand | Stopped])
[2005/05/31 15:40:20 | 00,020,480 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Running])
[2005/04/30 14:48:58 | 00,010,804 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running])
[2005/05/31 09:42:28 | 00,023,000 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])
[2005/04/30 14:50:20 | 00,011,860 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\vbtenum.sys -- (BTHidEnum [On_Demand | Running])
[2005/04/30 14:50:10 | 00,028,271 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running])
[2004/12/16 16:32:54 | 00,013,304 | ---- | M] () -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter [On_Demand | Stopped])
[2004/08/05 05:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
[2004/08/05 05:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
[2004/12/08 14:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\system32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
[2005/07/25 14:03:34 | 00,060,928 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
[2004/07/19 13:10:00 | 00,004,096 | ---- | M] (Acer Value Labs, USA) -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd [Auto | Running])
[2005/04/07 18:08:46 | 00,078,208 | ---- | M] (Acer Value Labs, USA) -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd [Auto | Running])
[2005/07/25 14:03:44 | 00,037,376 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
[2005/07/25 14:03:40 | 00,074,624 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
[2005/01/07 17:07:16 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
[2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
[2005/03/23 14:28:52 | 00,165,504 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
[2005/03/23 13:29:34 | 01,033,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2005/07/19 11:34:22 | 01,049,180 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
[2005/08/25 18:52:02 | 03,859,456 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
[2004/03/17 11:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2008/04/13 20:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
[2004/08/05 05:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
[2005/09/13 15:34:40 | 00,004,392 | ---- | M] (OSA Technologies) -- C:\WINDOWS\System32\Drivers\NdisFilt.sys -- (NdisFilt [On_Demand | Running])
[2005/05/02 12:13:42 | 00,009,600 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\NETMNT.sys -- (NETMNT [On_Demand | Stopped])
[2005/07/29 17:43:20 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
[2005/10/15 18:17:24 | 00,012,106 | ---- | M] (OSA Technologies) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys -- (OsaFsLoc [System | Running])
[2005/06/30 16:58:24 | 00,007,296 | ---- | M] (OSA Technologies, An Avocent Company) -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio [Auto | Running])
[2004/08/05 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/03/08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/05 05:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
[2004/08/05 05:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
[2004/08/05 05:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
[2004/08/05 05:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
[2005/06/15 13:36:00 | 00,075,136 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
[2008/04/13 20:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\sdbus.sys -- (sdbus [On_Demand | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
[2004/06/16 11:19:58 | 00,046,080 | ---- | M] (SMSC) -- C:\WINDOWS\system32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Running])
[2004/08/05 05:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
[2004/08/05 05:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
[2004/08/05 05:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
[2004/08/05 05:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
[2004/08/05 05:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
[2005/07/20 14:53:54 | 00,190,592 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
[2004/12/17 17:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
[2004/08/05 05:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
[2004/10/19 13:37:38 | 00,061,312 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running])
[2005/03/25 17:18:48 | 00,082,148 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])
[2004/10/29 18:48:10 | 03,222,784 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w29n51.sys -- (w29n51 [On_Demand | Stopped])
[2005/03/23 13:28:48 | 00,705,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
[2004/12/15 14:22:08 | 00,010,240 | ---- | M] (Dritek System Inc.) -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO [Disabled | Running])
[2005/01/13 14:46:16 | 00,069,632 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys [Auto | Running])

[color=orange]========== (R ) Internet Explorer ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=https://www.acer.com/worldwide/selection.html
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://french.ircfast2.com/index.php?rvs=hompag

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s
"provider"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[color=orange]========== (O1) Hosts File ==========/color

HOSTS File = (266442 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
9228 more lines...

[color=orange]========== (O2) BHO's ==========/color

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

[color=orange]========== (O3) Toolbars ==========/color

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[color=orange]========== (O4) Run Keys ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot (Acer Value Labs, Taiwan)
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" (Avocent Inc.)
"Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.)
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe ()
"EPM-DM"=c:\acer\Empowering Technology\ePower\epm-dm.exe (Acer Inc)
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.)
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"LaunchApp"=Alaunch (Acer Inc.)
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" (CyberLink Corp.)
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"Raccourci vers la page des propriétés de High Definition Audio"=HDAShCut.exe (Windows (R) Server 2003 DDK provider)
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FlyAway"= File not found
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

[color=orange]========== (O4) Startup Folders ==========/color

[2004/12/14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[2005/06/06 13:23:08 | 01,183,744 | ---- | M] (IVT Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
[2007/08/17 21:57:56 | 00,393,216 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[color=orange]========== (O6 & O7) Current Version Policies ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableRegistryTools"=0

[color=orange]========== (O8) IE Context Menu Extensions ==========/color

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Sample Toolband Serach: C:\WINDOWS\system32\ToolBand.dll [2005/09/07 16:20:04 | 00,094,208 | ---- | M] (HiTRUST)

[color=orange]========== (O9) IE Extensions ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Console Java (Sun) -- Reg Error: Key does not exist or could not be opened. File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Console Java (Sun)] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[color=orange]========== (O12) Internet Explorer Plugins ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

[color=orange]========== (O13) Default Prefixes ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[color=orange]========== (O15) Trusted Sites ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
46 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
46 domain(s) and sub-domain(s) not assigned to a zone.

[color=orange]========== (O16) DPF ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab -- Java Plug-in 1.4.1_02
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab -- Java Plug-in 1.4.1_02

[color=orange]========== (O17) DNS Name Servers ==========/color

{377CFA87-C0C8-4069-9B6D-68499BC70504} (Servers: | Description: Intel(R) PRO/Wireless 2915ABG Network Connection)
{58820D24-A542-48D6-A5D0-3C4FF9E36905} (Servers: | Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC)
{A8B03499-F3B7-4D88-97EA-98F89D217948} (Servers: | Description: )
{B927B6AF-A2CD-4514-834B-D2EF987620B7} (Servers: | Description: )
{C4BC357D-2E5C-42B1-A967-DF5F7A549698} (Servers: | Description: Atheros AR5005G Wireless Network Adapter)
{D1BEA24F-482A-471D-B30C-69B2DF3F5E3D} (Servers: | Description: Carte réseau 1394)

[color=orange]========== (O19) User Style Sheets ==========/color

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

[color=orange]========== (O20) Winlogon Notify Settings ==========/color

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
igfxcui: "DllName" = igfxdev.dll -- C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

[color=orange]========== Safeboot Options ==========/color

"AlternateShell"=cmd.exe

[color=orange]========== CDRom AutoRun Settings ==========/color

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

[color=orange]========== Autorun Files on Drives ==========/color

AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625 | ]
[2005/07/29 17:44:16 | 00,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ FAT32 ]


[color=orange]========== MountPoints2 ==========/color

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{157b9120-d476-11da-9610-0014a4552c35}\Shell\AutoRun\command]
""=F:\setupSNK.exe -- File not found

[color=orange]========== Files/Folders - Created Within 30 Days ==========/color

[2009/02/05 22:09:13 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\gerard mourlevat\Bureau\OTViewIt.exe
[2009/02/05 00:08:54 | 00,095,387 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\watch.htm
[2009/02/05 00:05:17 | 01,342,464 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Recapitulatif de l'anne 2008.pps
[2009/02/04 23:58:53 | 00,843,776 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CoiffuresAnimales.pps
[2009/02/04 23:54:54 | 05,932,544 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\2008 12 05 Construction métro.pps
[2009/02/04 23:38:06 | 02,690,048 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Picasso.pps
[2009/02/04 23:32:17 | 05,820,928 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pcSpot_Light_fab.pps
[2009/02/03 17:58:53 | 00,317,584 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\IMG_2234.jpg
[2009/02/03 17:54:06 | 00,110,283 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\image0011.jpg
[2009/02/02 00:40:03 | 00,566,784 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\chirugie.pps
[2009/02/02 00:32:08 | 03,488,768 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Cavalièresparticulières.pps
[2009/02/02 00:30:57 | 01,473,536 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\jallet.ppt
[2009/02/02 00:19:42 | 03,574,444 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Air_France_at _ it's_best.wmv
[2009/02/02 00:12:02 | 04,943,360 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Australie.pps
[2009/02/02 00:10:07 | 00,006,645 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TR_ Cliquez sur le pinceau.eml
[2009/02/01 23:35:03 | 00,123,392 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\06-Consignes pour tous les directeur.pps
[2009/02/01 23:27:20 | 05,035,008 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pourlesamateursdesgrosseins2.pps
[2009/01/24 23:08:52 | 03,211,264 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\regimesspeciaux.pps
[2009/01/24 22:58:39 | 02,716,673 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\SARKO.pps
[2009/01/23 22:52:54 | 00,482,816 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\1758-fee Del.pps
[2009/01/22 19:16:47 | 01,817,600 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\76403237sarko-a-17-ans-pps.pps
[2009/01/21 01:02:52 | 04,094,181 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\monde rural.wmv
[2009/01/21 00:59:50 | 01,445,282 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TUTU 2.wmv
[2009/01/21 00:57:50 | 03,858,079 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\entrez dans la banque1.WMV
[2009/01/20 00:05:40 | 00,916,527 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Crise tissus chinois .zip
[2009/01/19 23:51:42 | 03,255,296 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CALENDRIER_2009AR19.pps
[2009/01/19 14:03:48 | 05,938,926 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Qu-y_a_t_il_au_menu.wmv
[2009/01/18 16:43:50 | 03,522,560 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Elvis_Presley.pps
[2009/01/18 16:41:53 | 04,567,040 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\sarko vandamme.mpg
[2009/01/18 16:39:46 | 03,385,856 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\photos pour les yeux.pps
[2009/01/18 16:39:19 | 02,619,904 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\MerRouge.pps
[2009/01/18 16:37:56 | 06,941,876 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Animal Christmas Song [from www.metacafe.com].wmv
[2009/01/18 16:36:09 | 02,910,208 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\vent-camion.mpeg
[2009/01/18 16:20:00 | 02,953,389 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\compil-snow.zip
[2009/01/18 16:16:09 | 02,846,208 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Snow Sculpture.pps
[2009/01/16 00:34:30 | 03,428,864 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Trains_Americains.pps
[2009/01/15 12:53:44 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2009/01/15 12:53:05 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2009/01/15 00:00:59 | 00,130,965 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Carte_de_voeux.jpg
[2009/01/14 23:54:31 | 00,298,496 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\LANGUE_EUROPEENNE.pps
[2009/01/13 18:16:03 | 06,931,109 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Having a ball with floor gymnastics.wmv
[2009/01/13 17:45:52 | 03,574,784 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\FONDS MARINS.pps
[2009/01/12 22:14:28 | 01,771,520 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Tunnel.St.GothardARG.pps
[2009/01/12 22:11:59 | 00,150,016 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Arnaque_à_Carrefour.pps
[2009/01/11 19:19:04 | 00,036,864 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\neige.jpg
[2009/01/10 17:22:39 | 00,166,580 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Fw Fw TR Tr Fw.eml
[2009/01/10 17:21:57 | 03,058,688 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Massif de la Ste Baume-La flore DLR.pps
[2009/01/10 17:20:30 | 03,639,808 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Paysages_de_neige_en_hiver.pps
[2009/01/10 17:20:17 | 02,564,096 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Calendrier 2009.pps
[2009/01/08 22:34:02 | 02,876,785 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\contrepeterie.mp3

[color=orange]========== Files - Modified Within 30 Days ==========/color

[2009/02/05 22:08:58 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\gerard mourlevat\Bureau\OTViewIt.exe
[2009/02/05 21:39:44 | 00,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/02/05 13:27:30 | 00,000,692 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2009/02/05 13:27:16 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/05 13:23:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/05 13:23:18 | 51,955,3024 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/05 13:23:18 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/05 00:10:28 | 00,055,296 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/05 00:08:56 | 00,095,387 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\watch.htm
[2009/02/05 00:05:20 | 01,342,464 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Recapitulatif de l'anne 2008.pps
[2009/02/04 23:58:56 | 00,843,776 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CoiffuresAnimales.pps
[2009/02/04 23:54:58 | 05,932,544 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\2008 12 05 Construction métro.pps
[2009/02/04 23:38:08 | 02,690,048 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Picasso.pps
[2009/02/04 23:32:20 | 05,820,928 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pcSpot_Light_fab.pps
[2009/02/03 18:06:42 | 00,607,232 | -HS- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Thumbs.db
[2009/02/03 17:58:54 | 00,317,584 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\IMG_2234.jpg
[2009/02/03 17:54:08 | 00,110,283 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\image0011.jpg
[2009/02/02 00:40:06 | 00,566,784 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\chirugie.pps
[2009/02/02 00:32:10 | 03,488,768 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Cavalièresparticulières.pps
[2009/02/02 00:31:00 | 01,473,536 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\jallet.ppt
[2009/02/02 00:19:44 | 03,574,444 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Air_France_at _ it's_best.wmv
[2009/02/02 00:12:04 | 04,943,360 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Australie.pps
[2009/02/02 00:10:10 | 00,006,645 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TR_ Cliquez sur le pinceau.eml
[2009/02/01 23:35:06 | 00,123,392 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\06-Consignes pour tous les directeur.pps
[2009/02/01 23:27:24 | 05,035,008 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pourlesamateursdesgrosseins2.pps
[2009/01/24 23:08:54 | 03,211,264 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\regimesspeciaux.pps
[2009/01/24 22:58:42 | 02,716,673 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\SARKO.pps
[2009/01/23 22:52:56 | 00,482,816 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\1758-fee Del.pps
[2009/01/22 19:16:50 | 01,817,600 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\76403237sarko-a-17-ans-pps.pps
[2009/01/21 01:02:54 | 04,094,181 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\monde rural.wmv
[2009/01/21 00:59:52 | 01,445,282 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TUTU 2.wmv
[2009/01/21 00:57:52 | 03,858,079 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\entrez dans la banque1.WMV
[2009/01/20 00:05:42 | 00,916,527 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Crise tissus chinois .zip
[2009/01/19 23:51:46 | 03,255,296 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CALENDRIER_2009AR19.pps
[2009/01/19 14:03:52 | 05,938,926 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Qu-y_a_t_il_au_menu.wmv
[2009/01/18 16:43:52 | 03,522,560 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Elvis_Presley.pps
[2009/01/18 16:41:56 | 04,567,040 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\sarko vandamme.mpg
[2009/01/18 16:39:48 | 03,385,856 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\photos pour les yeux.pps
[2009/01/18 16:39:22 | 02,619,904 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\MerRouge.pps
[2009/01/18 16:38:04 | 06,941,876 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Animal Christmas Song [from www.metacafe.com].wmv
[2009/01/18 16:36:12 | 02,910,208 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\vent-camion.mpeg
[2009/01/18 16:20:02 | 02,953,389 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\compil-snow.zip
[2009/01/18 16:16:12 | 02,846,208 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Snow Sculpture.pps
[2009/01/16 23:50:22 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/01/16 00:34:32 | 03,428,864 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Trains_Americains.pps
[2009/01/15 12:53:46 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2009/01/15 00:01:02 | 00,130,965 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Carte_de_voeux.jpg
[2009/01/14 23:54:34 | 00,298,496 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\LANGUE_EUROPEENNE.pps
[2009/01/13 18:16:06 | 06,931,109 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Having a ball with floor gymnastics.wmv
[2009/01/13 17:45:56 | 03,574,784 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\FONDS MARINS.pps
[2009/01/12 22:14:30 | 01,771,520 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Tunnel.St.GothardARG.pps
[2009/01/12 22:12:00 | 00,150,016 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Arnaque_à_Carrefour.pps
[2009/01/11 19:19:06 | 00,036,864 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\neige.jpg
[2009/01/10 17:22:40 | 00,166,580 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Fw Fw TR Tr Fw.eml
[2009/01/10 17:22:00 | 03,058,688 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Massif de la Ste Baume-La flore DLR.pps
[2009/01/10 17:20:32 | 03,639,808 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Paysages_de_neige_en_hiver.pps
[2009/01/10 17:20:20 | 02,564,096 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Calendrier 2009.pps
[2009/01/10 02:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/01/08 22:34:04 | 02,876,785 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\contrepeterie.mp3
[2009/01/08 17:20:34 | 03,043,190 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\ForwardedMessage.eml
< End of report >
0
Réponse 24 / 27
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
mourlevat Messages postés 147 Statut Membre 8
 
rapport de Toolbar :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) M processor 1.50GHz )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
USER : gerard mourlevat ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090205-1] 4.8.1296 (Activated)
C:\ (Local Disk) - FAT32 - Total:26 Go (Free:2 Go)
D:\ (Local Disk) - FAT32 - Total:26 Go (Free:25 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 06/02/2009| 9:59 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Crawler
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Toolbar\Cache(2)
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\CLEANUP_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG\STBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG\STBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache(2)\STWSG\STBUTTON_CHBMP.dat
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

-----------\\ Extensions

(gerard mourlevat) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(gerard mourlevat) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(gerard mourlevat) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://french.ircfast2.com/index.php?rvs=hompag"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.acer.com/worldwide/selection.html"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk

C:\WINDOWS\System32\eiucqcwoww.dat
C:\WINDOWS\System32\eiucqcwoww_nav.dat
C:\WINDOWS\System32\eiucqcwoww_navps.dat
C:\WINDOWS\System32\ikookiu.dat
C:\WINDOWS\System32\ikookiu_navps.dat
C:\WINDOWS\System32\ikookiu_nav.dat
[b]==> EGDACCESS <==/b




1 - "C:\ToolBar SD\TB_1.txt" - 06/02/2009|10:00 - Option : [1]

-----------\\ Fin du rapport a 10:00:38,50
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 27
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

============

Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
pour télécharger navilog1.exe.

Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité du rapport dans ta réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
mourlevat Messages postés 147 Statut Membre 8
 
Re, Lyonnais ,rapport Toolbar suppression ci-dessous :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) M processor 1.50GHz )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
USER : gerard mourlevat ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090205-1] 4.8.1296 (Activated)
C:\ (Local Disk) - FAT32 - Total:26 Go (Free:2 Go)
D:\ (Local Disk) - FAT32 - Total:26 Go (Free:25 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 06/02/2009|10:40 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\Crawler\Toolbar
Supprime! - C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Supprime! - C:\Program Files\Crawler

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(gerard mourlevat) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(gerard mourlevat) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(gerard mourlevat) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://french.ircfast2.com/index.php?rvs=hompag"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.acer.com/worldwide/selection.html"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk

C:\WINDOWS\System32\eiucqcwoww.dat
C:\WINDOWS\System32\eiucqcwoww_nav.dat
C:\WINDOWS\System32\eiucqcwoww_navps.dat
C:\WINDOWS\System32\ikookiu.dat
C:\WINDOWS\System32\ikookiu_navps.dat
C:\WINDOWS\System32\ikookiu_nav.dat
[b]==> EGDACCESS <==/b




1 - "C:\ToolBar SD\TB_1.txt" - 06/02/2009|10:00 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/02/2009|10:41 - Option : [2]

-----------\\ Fin du rapport a 10:42:00,01
0
mourlevat Messages postés 147 Statut Membre 8
 
Et encore un rapport , analyse de Navilog :

Search Navipromo version 3.7.1 commencé le 06/02/2009 à 10:48:49,25

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) M processor 1.50GHz )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
USER : gerard mourlevat ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1296 [VPS 090205-1] 4.8.1296 (Activated)


C:\ (Local Disk) - FAT32 - Total:26 Go (Free:2 Go)
D:\ (Local Disk) - FAT32 - Total:26 Go (Free:25 Go)
E:\ (CD or DVD)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudÉ~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudÉ~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\gerard mourlevat\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\gerard mourlevat\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\gerard mourlevat\menud+~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\gerard mourlevat\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

acqgsca.ex_ trouvé !
acqgsca.da_ trouvé !
acqgsca_navps.da_ trouvé !
acqgsca_nav.da_ trouvé !
acqgsca.da_ trouvé !
ebvvlqtyt.ex_ trouvé !
ebvvlqtyt.da_ trouvé !
ebvvlqtyt_navps.da_ trouvé !
ebvvlqtyt_nav.da_ trouvé !
ebvvlqtyt.da_ trouvé !
eiucqcwoww.dat trouvé !
eiucqcwoww_nav.dat trouvé !
eiucqcwoww_navps.dat trouvé !
fcttnatf.ex_ trouvé !
fcttnatf.da_ trouvé !
fcttnatf_nav.da_ trouvé !
fcttnatf_navps.da_ trouvé !
fcttnatf.da_ trouvé !
ikookiu.dat trouvé !
ikookiu_navps.dat trouvé !
ikookiu_nav.dat trouvé !
pdjhqcvlq.ex_ trouvé !
pdjhqcvlq.da_ trouvé !
pdjhqcvlq_nav.da_ trouvé !
pdjhqcvlq_navps.da_ trouvé !
pdjhqcvlq.da_ trouvé !
zhlnsbj.ex_ trouvé !
zhlnsbj.da_ trouvé !
zhlnsbj_nav.da_ trouvé !
zhlnsbj_navps.da_ trouvé !
zhlnsbj.da_ trouvé !

* Dans "C:\Documents and Settings\gerard mourlevat\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 06/02/2009 à 10:50:03,85 ***
0
Réponse 26 / 27
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

Poste le rapport (cleannavi..txt)

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

=========

Remets un rapport OTListIt

===========
0
mourlevat Messages postés 147 Statut Membre 8
 
Re,

Rapport cleannavi , je continue :


Clean Navipromo version 3.7.1 commencé le 06/02/2009 à 11:15:18,59

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) M processor 1.50GHz )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.10
USER : gerard mourlevat ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1296 [VPS 090205-1] 4.8.1296 (Activated)


C:\ (Local Disk) - FAT32 - Total:26 Go (Free:2 Go)
D:\ (Local Disk) - FAT32 - Total:26 Go (Free:25 Go)
E:\ (CD or DVD)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\gerard mourlevat\locals~1\applic~1" *



*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudÉ~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudÉ~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\gerard mourlevat\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\gerard mourlevat\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\gerard mourlevat\menud+~1\progra~1" ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\gerard mourlevat\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


acqgsca.ex_ trouvé !
Copie acqgsca.ex_ réalisée avec succès !
acqgsca.ex_ supprimé !

acqgsca.da_ trouvé !
Copie acqgsca.da_ réalisée avec succès !
acqgsca.da_ supprimé !

acqgsca_navps.da_ trouvé !
Copie acqgsca_navps.da_ réalisée avec succès !
acqgsca_navps.da_ supprimé !

acqgsca_nav.da_ trouvé !
Copie acqgsca_nav.da_ réalisée avec succès !
acqgsca_nav.da_ supprimé !

ebvvlqtyt.ex_ trouvé !
Copie ebvvlqtyt.ex_ réalisée avec succès !
ebvvlqtyt.ex_ supprimé !

ebvvlqtyt.da_ trouvé !
Copie ebvvlqtyt.da_ réalisée avec succès !
ebvvlqtyt.da_ supprimé !

ebvvlqtyt_navps.da_ trouvé !
Copie ebvvlqtyt_navps.da_ réalisée avec succès !
ebvvlqtyt_navps.da_ supprimé !

ebvvlqtyt_nav.da_ trouvé !
Copie ebvvlqtyt_nav.da_ réalisée avec succès !
ebvvlqtyt_nav.da_ supprimé !

eiucqcwoww.dat trouvé !
Copie eiucqcwoww.dat réalisée avec succès !
eiucqcwoww.dat supprimé !

eiucqcwoww_nav.dat trouvé !
Copie eiucqcwoww_nav.dat réalisée avec succès !
eiucqcwoww_nav.dat supprimé !

eiucqcwoww_navps.dat trouvé !
Copie eiucqcwoww_navps.dat réalisée avec succès !
eiucqcwoww_navps.dat supprimé !

fcttnatf.ex_ trouvé !
Copie fcttnatf.ex_ réalisée avec succès !
fcttnatf.ex_ supprimé !

fcttnatf.da_ trouvé !
Copie fcttnatf.da_ réalisée avec succès !
fcttnatf.da_ supprimé !

fcttnatf_nav.da_ trouvé !
Copie fcttnatf_nav.da_ réalisée avec succès !
fcttnatf_nav.da_ supprimé !

fcttnatf_navps.da_ trouvé !
Copie fcttnatf_navps.da_ réalisée avec succès !
fcttnatf_navps.da_ supprimé !

ikookiu.dat trouvé !
Copie ikookiu.dat réalisée avec succès !
ikookiu.dat supprimé !

ikookiu_navps.dat trouvé !
Copie ikookiu_navps.dat réalisée avec succès !
ikookiu_navps.dat supprimé !

ikookiu_nav.dat trouvé !
Copie ikookiu_nav.dat réalisée avec succès !
ikookiu_nav.dat supprimé !

pdjhqcvlq.ex_ trouvé !
Copie pdjhqcvlq.ex_ réalisée avec succès !
pdjhqcvlq.ex_ supprimé !

pdjhqcvlq.da_ trouvé !
Copie pdjhqcvlq.da_ réalisée avec succès !
pdjhqcvlq.da_ supprimé !

pdjhqcvlq_nav.da_ trouvé !
Copie pdjhqcvlq_nav.da_ réalisée avec succès !
pdjhqcvlq_nav.da_ supprimé !

pdjhqcvlq_navps.da_ trouvé !
Copie pdjhqcvlq_navps.da_ réalisée avec succès !
pdjhqcvlq_navps.da_ supprimé !

zhlnsbj.ex_ trouvé !
Copie zhlnsbj.ex_ réalisée avec succès !
zhlnsbj.ex_ supprimé !

zhlnsbj.da_ trouvé !
Copie zhlnsbj.da_ réalisée avec succès !
zhlnsbj.da_ supprimé !

zhlnsbj_nav.da_ trouvé !
Copie zhlnsbj_nav.da_ réalisée avec succès !
zhlnsbj_nav.da_ supprimé !

zhlnsbj_navps.da_ trouvé !
Copie zhlnsbj_navps.da_ réalisée avec succès !
zhlnsbj_navps.da_ supprimé !


* Dans "C:\Documents and Settings\gerard mourlevat\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !
,
*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 06/02/2009 à 12:42:10,51 ***
0
mourlevat Messages postés 147 Statut Membre 8
 
c'est encore moi ! 2eme rapport OTViewIt :

OTViewIt logfile created on: 06/02/2009 12:48:17 - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\gerard mourlevat\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

495,42 Mb Total Physical Memory | 45,07 Mb Available Physical Memory | 9,10% Memory free
1,13 Gb Paging File | 0,64 Gb Available in Paging File | 57,21% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,27 Gb Total Space | 2,74 Gb Free Space | 10,42% Space Free | Partition Type: FAT32
Drive D: | 26,66 Gb Total Space | 25,77 Gb Free Space | 96,65% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GEGE
Current User Name: gerard mourlevat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[color=orange]========== Processes ==========[/color]

[2008/05/12 12:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2005/10/06 16:08:36 | 01,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
[2005/08/31 19:59:46 | 00,249,954 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
[2005/07/28 22:04:28 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
[2005/07/28 22:04:28 | 01,077,376 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
[2005/01/21 19:37:16 | 00,143,360 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2006/10/24 20:14:56 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
[2005/08/31 19:59:48 | 00,114,784 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2008/11/26 18:16:24 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2005/07/20 15:05:52 | 00,729,177 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2005/08/16 09:56:16 | 00,368,640 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
[2005/08/31 19:59:34 | 00,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
[2005/07/19 11:06:12 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
[2005/07/19 11:10:06 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2005/08/26 16:23:02 | 14,837,248 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
[2005/07/26 11:36:00 | 00,069,632 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
[2005/07/15 10:53:44 | 00,196,608 | ---- | M] (Acer Inc) -- C:\acer\Empowering Technology\ePower\epm-dm.exe
[2005/08/10 12:28:06 | 00,593,920 | ---- | M] (Dritek System Inc.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe
[2005/10/14 17:01:40 | 02,462,208 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admtray.exe
[2008/11/26 18:18:52 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[2007/12/11 10:56:54 | 00,286,720 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
[2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2006/10/24 20:15:04 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
[2004/12/14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[2009/02/05 14:19:40 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2005/07/19 11:09:58 | 00,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
[2005/07/19 11:06:04 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
[2005/06/06 13:23:08 | 01,183,744 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
[2007/11/13 18:57:02 | 02,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
[2007/11/13 18:57:04 | 02,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2009/02/05 22:08:58 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\gerard mourlevat\Bureau\OTViewIt.exe

[color=orange]========== (O23) Win32 Services ==========[/color]

[2008/05/12 12:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
File not found -- -- (aspnet_state [On_Demand | Stopped])
[2008/11/26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
[2008/11/26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2008/11/26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2008/11/26 18:16:24 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2005/10/06 16:08:36 | 01,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe -- (AWService [Auto | Running])
[2005/04/06 16:03:28 | 00,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service [Auto | Running])
[2005/08/31 19:59:46 | 00,249,954 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2005/08/31 19:59:48 | 00,114,784 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
[2005/07/28 22:04:28 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Running])
[2005/01/21 19:37:16 | 00,143,360 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2006/10/24 20:14:56 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])

[color=orange]========== Driver Services ==========[/color]

[2008/11/26 18:15:36 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2004/08/05 05:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
[2008/04/13 20:36:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
[2005/01/10 15:47:14 | 00,449,888 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\DRIVERS\ar5211.sys -- (AR5211 [On_Demand | Running])
[2004/08/05 05:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
[2004/08/05 05:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
[2008/11/26 18:17:26 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2008/11/26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2008/11/26 18:16:30 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
[2008/11/26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2008/11/26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2005/06/07 22:44:36 | 01,235,968 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2005/06/14 18:12:08 | 00,480,512 | ---- | M] (AVerMedia) -- C:\WINDOWS\system32\DRIVERS\AVerE506.sys -- (AVerE506 [On_Demand | Stopped])
[2005/05/31 15:40:20 | 00,020,480 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Running])
[2005/04/30 14:48:58 | 00,010,804 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running])
[2005/05/31 09:42:28 | 00,023,000 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])
[2005/04/30 14:50:20 | 00,011,860 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\vbtenum.sys -- (BTHidEnum [On_Demand | Running])
[2005/04/30 14:50:10 | 00,028,271 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [Boot | Running])
[2004/12/16 16:32:54 | 00,013,304 | ---- | M] () -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter [On_Demand | Stopped])
[2004/08/05 05:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
[2004/08/05 05:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
[2004/12/08 14:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\system32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
[2005/07/25 14:03:34 | 00,060,928 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
[2004/07/19 13:10:00 | 00,004,096 | ---- | M] (Acer Value Labs, USA) -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd [Auto | Running])
[2005/04/07 18:08:46 | 00,078,208 | ---- | M] (Acer Value Labs, USA) -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd [Auto | Running])
[2005/07/25 14:03:44 | 00,037,376 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
[2005/07/25 14:03:40 | 00,074,624 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
[2005/01/07 17:07:16 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
[2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
[2005/03/23 14:28:52 | 00,165,504 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
[2005/03/23 13:29:34 | 01,033,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2005/07/19 11:34:22 | 01,049,180 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
[2005/08/25 18:52:02 | 03,859,456 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
[2004/03/17 11:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2008/04/13 20:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
[2004/08/05 05:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
[2005/09/13 15:34:40 | 00,004,392 | ---- | M] (OSA Technologies) -- C:\WINDOWS\System32\Drivers\NdisFilt.sys -- (NdisFilt [On_Demand | Running])
[2005/05/02 12:13:42 | 00,009,600 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\NETMNT.sys -- (NETMNT [On_Demand | Stopped])
[2005/07/29 17:43:20 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
[2005/10/15 18:17:24 | 00,012,106 | ---- | M] (OSA Technologies) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys -- (OsaFsLoc [System | Running])
[2005/06/30 16:58:24 | 00,007,296 | ---- | M] (OSA Technologies, An Avocent Company) -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio [Auto | Running])
[2004/08/05 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/03/08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/05 05:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
[2004/08/05 05:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
[2004/08/05 05:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
[2004/08/05 05:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
[2005/06/15 13:36:00 | 00,075,136 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
[2008/04/13 20:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\sdbus.sys -- (sdbus [On_Demand | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
[2004/06/16 11:19:58 | 00,046,080 | ---- | M] (SMSC) -- C:\WINDOWS\system32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Running])
[2004/08/05 05:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
[2004/08/05 05:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
[2004/08/05 05:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
[2004/08/05 05:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
[2004/08/05 05:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
[2005/07/20 14:53:54 | 00,190,592 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
[2004/12/17 17:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
[2004/08/05 05:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
[2004/10/19 13:37:38 | 00,061,312 | ---- | M] (IVT Corporation) -- C:\WINDOWS\system32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running])
[2005/03/25 17:18:48 | 00,082,148 | ---- | M] (IVT Corporation) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])
[2004/10/29 18:48:10 | 03,222,784 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w29n51.sys -- (w29n51 [On_Demand | Stopped])
[2005/03/23 13:28:48 | 00,705,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
[2004/12/15 14:22:08 | 00,010,240 | ---- | M] (Dritek System Inc.) -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO [Disabled | Running])
[2005/01/13 14:46:16 | 00,069,632 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys [Auto | Running])

[color=orange]========== (R ) Internet Explorer ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=https://www.acer.com/worldwide/selection.html
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=https://www.msn.com/fr-fr/

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://french.ircfast2.com/index.php?rvs=hompag

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s
"provider"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[color=orange]========== (O1) Hosts File ==========[/color]

HOSTS File = (266442 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
9228 more lines...

[color=orange]========== (O2) BHO's ==========[/color]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

[color=orange]========== (O3) Toolbars ==========[/color]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[color=orange]========== (O4) Run Keys ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot (Acer Value Labs, Taiwan)
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" (Avocent Inc.)
"Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.)
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe ()
"EPM-DM"=c:\acer\Empowering Technology\ePower\epm-dm.exe (Acer Inc)
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.)
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"LaunchApp"=Alaunch (Acer Inc.)
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" (CyberLink Corp.)
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"Raccourci vers la page des propriétés de High Definition Audio"=HDAShCut.exe (Windows (R) Server 2003 DDK provider)
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FlyAway"= File not found
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

[color=orange]========== (O4) Startup Folders ==========[/color]

[2004/12/14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[2005/06/06 13:23:08 | 01,183,744 | ---- | M] (IVT Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
[2007/08/17 21:57:56 | 00,393,216 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[color=orange]========== (O6 & O7) Current Version Policies ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableRegistryTools"=0

[color=orange]========== (O8) IE Context Menu Extensions ==========[/color]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Sample Toolband Serach: C:\WINDOWS\system32\ToolBand.dll [2005/09/07 16:20:04 | 00,094,208 | ---- | M] (HiTRUST)

[color=orange]========== (O9) IE Extensions ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Console Java (Sun) -- Reg Error: Key does not exist or could not be opened. File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Console Java (Sun)] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[color=orange]========== (O12) Internet Explorer Plugins ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

[color=orange]========== (O13) Default Prefixes ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[color=orange]========== (O15) Trusted Sites ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
46 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
46 domain(s) and sub-domain(s) not assigned to a zone.

[color=orange]========== (O16) DPF ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab -- Java Plug-in 1.4.1_02
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab -- Java Plug-in 1.4.1_02

[color=orange]========== (O17) DNS Name Servers ==========[/color]

{377CFA87-C0C8-4069-9B6D-68499BC70504} (Servers: | Description: Intel(R) PRO/Wireless 2915ABG Network Connection)
{58820D24-A542-48D6-A5D0-3C4FF9E36905} (Servers: | Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC)
{A8B03499-F3B7-4D88-97EA-98F89D217948} (Servers: | Description: )
{B927B6AF-A2CD-4514-834B-D2EF987620B7} (Servers: | Description: )
{C4BC357D-2E5C-42B1-A967-DF5F7A549698} (Servers: | Description: Atheros AR5005G Wireless Network Adapter)
{D1BEA24F-482A-471D-B30C-69B2DF3F5E3D} (Servers: | Description: Carte réseau 1394)

[color=orange]========== (O19) User Style Sheets ==========[/color]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

[color=orange]========== (O20) Winlogon Notify Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
igfxcui: "DllName" = igfxdev.dll -- C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

[color=orange]========== Safeboot Options ==========[/color]

"AlternateShell"=cmd.exe

[color=orange]========== CDRom AutoRun Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

[color=orange]========== Autorun Files on Drives ==========[/color]

AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625 | ]
[2005/07/29 17:44:16 | 00,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ FAT32 ]


[color=orange]========== MountPoints2 ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{157b9120-d476-11da-9610-0014a4552c35}\Shell\AutoRun\command]
""=F:\setupSNK.exe -- File not found

[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009/02/06 10:46:58 | 00,000,538 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2009/02/06 10:46:57 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/02/06 10:46:30 | 00,576,868 | ---- | C] (IL-MAFIOSO ) -- C:\Documents and Settings\gerard mourlevat\Bureau\Navilog1.exe
[2009/02/06 09:59:08 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009/02/06 09:58:56 | 00,343,017 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Bureau\ToolBarSD.exe
[2009/02/05 22:09:13 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\gerard mourlevat\Bureau\OTViewIt.exe
[2009/02/05 00:08:54 | 00,095,387 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\watch.htm
[2009/02/05 00:05:17 | 01,342,464 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Recapitulatif de l'anne 2008.pps
[2009/02/04 23:58:53 | 00,843,776 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CoiffuresAnimales.pps
[2009/02/04 23:54:54 | 05,932,544 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\2008 12 05 Construction métro.pps
[2009/02/04 23:38:06 | 02,690,048 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Picasso.pps
[2009/02/04 23:32:17 | 05,820,928 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pcSpot_Light_fab.pps
[2009/02/03 17:58:53 | 00,317,584 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\IMG_2234.jpg
[2009/02/03 17:54:06 | 00,110,283 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\image0011.jpg
[2009/02/02 00:40:03 | 00,566,784 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\chirugie.pps
[2009/02/02 00:32:08 | 03,488,768 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Cavalièresparticulières.pps
[2009/02/02 00:30:57 | 01,473,536 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\jallet.ppt
[2009/02/02 00:19:42 | 03,574,444 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Air_France_at _ it's_best.wmv
[2009/02/02 00:12:02 | 04,943,360 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Australie.pps
[2009/02/02 00:10:07 | 00,006,645 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TR_ Cliquez sur le pinceau.eml
[2009/02/01 23:35:03 | 00,123,392 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\06-Consignes pour tous les directeur.pps
[2009/02/01 23:27:20 | 05,035,008 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pourlesamateursdesgrosseins2.pps
[2009/01/24 23:08:52 | 03,211,264 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\regimesspeciaux.pps
[2009/01/24 22:58:39 | 02,716,673 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\SARKO.pps
[2009/01/23 22:52:54 | 00,482,816 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\1758-fee Del.pps
[2009/01/22 19:16:47 | 01,817,600 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\76403237sarko-a-17-ans-pps.pps
[2009/01/21 01:02:52 | 04,094,181 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\monde rural.wmv
[2009/01/21 00:59:50 | 01,445,282 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TUTU 2.wmv
[2009/01/21 00:57:50 | 03,858,079 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\entrez dans la banque1.WMV
[2009/01/20 00:05:40 | 00,916,527 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Crise tissus chinois .zip
[2009/01/19 23:51:42 | 03,255,296 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CALENDRIER_2009AR19.pps
[2009/01/19 14:03:48 | 05,938,926 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Qu-y_a_t_il_au_menu.wmv
[2009/01/18 16:43:50 | 03,522,560 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Elvis_Presley.pps
[2009/01/18 16:41:53 | 04,567,040 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\sarko vandamme.mpg
[2009/01/18 16:39:46 | 03,385,856 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\photos pour les yeux.pps
[2009/01/18 16:39:19 | 02,619,904 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\MerRouge.pps
[2009/01/18 16:37:56 | 06,941,876 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Animal Christmas Song [from www.metacafe.com].wmv
[2009/01/18 16:36:09 | 02,910,208 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\vent-camion.mpeg
[2009/01/18 16:20:00 | 02,953,389 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\compil-snow.zip
[2009/01/18 16:16:09 | 02,846,208 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Snow Sculpture.pps
[2009/01/16 00:34:30 | 03,428,864 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Trains_Americains.pps
[2009/01/15 12:53:44 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2009/01/15 12:53:05 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2009/01/15 00:00:59 | 00,130,965 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Carte_de_voeux.jpg
[2009/01/14 23:54:31 | 00,298,496 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\LANGUE_EUROPEENNE.pps
[2009/01/13 18:16:03 | 06,931,109 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Having a ball with floor gymnastics.wmv
[2009/01/13 17:45:52 | 03,574,784 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\FONDS MARINS.pps
[2009/01/12 22:14:28 | 01,771,520 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Tunnel.St.GothardARG.pps
[2009/01/12 22:11:59 | 00,150,016 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Arnaque_à_Carrefour.pps
[2009/01/11 19:19:04 | 00,036,864 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\neige.jpg
[2009/01/10 17:22:39 | 00,166,580 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Fw Fw TR Tr Fw.eml
[2009/01/10 17:21:57 | 03,058,688 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Massif de la Ste Baume-La flore DLR.pps
[2009/01/10 17:20:30 | 03,639,808 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Paysages_de_neige_en_hiver.pps
[2009/01/10 17:20:17 | 02,564,096 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Calendrier 2009.pps
[2009/01/08 22:34:02 | 02,876,785 | ---- | C] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\contrepeterie.mp3

[color=orange]========== Files - Modified Within 30 Days ==========[/color]

[2009/02/06 12:43:34 | 00,000,692 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2009/02/06 12:41:04 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/06 11:19:36 | 00,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/02/06 11:18:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/06 11:17:54 | 51,955,3024 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/06 11:17:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/06 10:47:00 | 00,000,538 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2009/02/06 10:46:28 | 00,576,868 | ---- | M] (IL-MAFIOSO ) -- C:\Documents and Settings\gerard mourlevat\Bureau\Navilog1.exe
[2009/02/06 09:58:56 | 00,343,017 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Bureau\ToolBarSD.exe
[2009/02/05 22:08:58 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\gerard mourlevat\Bureau\OTViewIt.exe
[2009/02/05 00:10:28 | 00,055,296 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/05 00:08:56 | 00,095,387 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\watch.htm
[2009/02/05 00:05:20 | 01,342,464 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Recapitulatif de l'anne 2008.pps
[2009/02/04 23:58:56 | 00,843,776 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CoiffuresAnimales.pps
[2009/02/04 23:54:58 | 05,932,544 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\2008 12 05 Construction métro.pps
[2009/02/04 23:38:08 | 02,690,048 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Picasso.pps
[2009/02/04 23:32:20 | 05,820,928 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pcSpot_Light_fab.pps
[2009/02/03 18:06:42 | 00,607,232 | -HS- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Thumbs.db
[2009/02/03 17:58:54 | 00,317,584 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\IMG_2234.jpg
[2009/02/03 17:54:08 | 00,110,283 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\image0011.jpg
[2009/02/02 00:40:06 | 00,566,784 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\chirugie.pps
[2009/02/02 00:32:10 | 03,488,768 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Cavalièresparticulières.pps
[2009/02/02 00:31:00 | 01,473,536 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\jallet.ppt
[2009/02/02 00:19:44 | 03,574,444 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Air_France_at _ it's_best.wmv
[2009/02/02 00:12:04 | 04,943,360 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Australie.pps
[2009/02/02 00:10:10 | 00,006,645 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TR_ Cliquez sur le pinceau.eml
[2009/02/01 23:35:06 | 00,123,392 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\06-Consignes pour tous les directeur.pps
[2009/02/01 23:27:24 | 05,035,008 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\pourlesamateursdesgrosseins2.pps
[2009/01/24 23:08:54 | 03,211,264 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\regimesspeciaux.pps
[2009/01/24 22:58:42 | 02,716,673 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\SARKO.pps
[2009/01/23 22:52:56 | 00,482,816 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\1758-fee Del.pps
[2009/01/22 19:16:50 | 01,817,600 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\76403237sarko-a-17-ans-pps.pps
[2009/01/21 01:02:54 | 04,094,181 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\monde rural.wmv
[2009/01/21 00:59:52 | 01,445,282 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\TUTU 2.wmv
[2009/01/21 00:57:52 | 03,858,079 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\entrez dans la banque1.WMV
[2009/01/20 00:05:42 | 00,916,527 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Crise tissus chinois .zip
[2009/01/19 23:51:46 | 03,255,296 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\CALENDRIER_2009AR19.pps
[2009/01/19 14:03:52 | 05,938,926 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Qu-y_a_t_il_au_menu.wmv
[2009/01/18 16:43:52 | 03,522,560 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Elvis_Presley.pps
[2009/01/18 16:41:56 | 04,567,040 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\sarko vandamme.mpg
[2009/01/18 16:39:48 | 03,385,856 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\photos pour les yeux.pps
[2009/01/18 16:39:22 | 02,619,904 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\MerRouge.pps
[2009/01/18 16:38:04 | 06,941,876 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Animal Christmas Song [from www.metacafe.com].wmv
[2009/01/18 16:36:12 | 02,910,208 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\vent-camion.mpeg
[2009/01/18 16:20:02 | 02,953,389 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\compil-snow.zip
[2009/01/18 16:16:12 | 02,846,208 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Snow Sculpture.pps
[2009/01/16 23:50:22 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/01/16 00:34:32 | 03,428,864 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Trains_Americains.pps
[2009/01/15 12:53:46 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2009/01/15 00:01:02 | 00,130,965 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Carte_de_voeux.jpg
[2009/01/14 23:54:34 | 00,298,496 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\LANGUE_EUROPEENNE.pps
[2009/01/13 18:16:06 | 06,931,109 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Having a ball with floor gymnastics.wmv
[2009/01/13 17:45:56 | 03,574,784 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\FONDS MARINS.pps
[2009/01/12 22:14:30 | 01,771,520 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Tunnel.St.GothardARG.pps
[2009/01/12 22:12:00 | 00,150,016 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Arnaque_à_Carrefour.pps
[2009/01/11 19:19:06 | 00,036,864 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\neige.jpg
[2009/01/10 17:22:40 | 00,166,580 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Fw Fw TR Tr Fw.eml
[2009/01/10 17:22:00 | 03,058,688 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Massif de la Ste Baume-La flore DLR.pps
[2009/01/10 17:20:32 | 03,639,808 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Paysages_de_neige_en_hiver.pps
[2009/01/10 17:20:20 | 02,564,096 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\Calendrier 2009.pps
[2009/01/10 02:35:28 | 20,853,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/01/08 22:34:04 | 02,876,785 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\contrepeterie.mp3
[2009/01/08 17:20:34 | 03,043,190 | ---- | M] () -- C:\Documents and Settings\gerard mourlevat\Mes documents\ForwardedMessage.eml
< End of report >
0
mourlevat Messages postés 147 Statut Membre 8
 
Bonsoir à tous
Lyonnais ne répond plus. Un autre technicien peut-il prendre la suite de cette analyse , restée en rade depuis 15 jours ?
Merci à qui voudra bien analyser les rapports postés précédemment et me répondre.
0
Réponse 27 / 27
mourlevat Messages postés 147 Statut Membre 8
 
Bonsoir à tous,
Je mets ce message résolu car depuis 8/09 j'ai changé de pc , donc tout va bien !!
Merci
0

Discussions similaires

Phishing faux mail d'avast
Colette34 -
Gerper -

2 réponses
Arnaque installation Avast Premium security
Eldanield -
bazfile -

9 réponses