Blocage récurente du PC

Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention   -  
 gen-hackman -
Bonjour,

Depuis qq jours je suis confronté à des bocages de mon PC, et je n'ai d'autres solution que de de rebooter ou redémarrer après une fermeture sauvage.
J'ai pourtant passé, spybot, ad adware, a2 squared et un scan en ligne avec bit defender.
J'ai avast comm anti virus et online armor comme parefeu.
Je transmet le log hijackthis.
Merci pour votre aide

Logfile of HijackThis v1.99.1
Scan saved at 23:34:37, on 04/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\System32\regsvr32.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb124\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: snappyads browser enhancer - {9B886AE3-A663-03B1-8DD5-B6037C0ED1EE} - C:\WINDOWS\system32\vezvutkuwkotlxvd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-3.dll (file missing)
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SFR-PC] "C:\Program Files\SFR-PC\SFR-PC.exe" /check
O4 - HKLM\..\Run: [wtstpjmdzhx] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\vezvutkuwkotlxvd.dll"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio\kb124\res\DealioSearch.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - Unknown owner - C:\Program Files\ewido anti-malware\ewidoctrl.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
Configuration: Windows XP édition familiale + SP2 Processeur AMD Athlon(tm) XP 1800+ antivirus avast pare feu zone alarm

184 réponses

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
Résumé de la discussion

Des gelages et blocages répétés sur un PC Windows XP surviennent après des fermetures sauvages, malgré l'exécution de plusieurs antivirus et outils antispyware et l'analyse log HijackThis. Plusieurs réponses préconisent l'exécution d'OTL et de ComboFix, la restauration du fichier hosts via HostXpert et Zeb-Restore, ainsi que la suppression de barres d'outils et de clés suspectes pour neutraliser les redirections et les détections. Des signalements de blocage de périphériques USB et de déconnexion internet récurrents ont été notés, et certains préconisent de vérifier les automatisations et les processus en cours pour identifier des éléments malveillants persistants.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. gen-hackman
     
    salut

    Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    ! Déconnecte toi et ferme toutes applications en cours !

    Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

    Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    Au menu principal choisis l'option S et tape sur [entrée] .

    Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Aides en images (Installation)
    Aides en images (Recherche)
    0
  2. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Salut et merci pour ton aide
    Ci-joint le rapport

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_C | UNIQUEMENT XP/VISTA =======
    .
    Mit à jour part C_XX le 02/06/2009 à 8:00 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 0:43:26, 05/06/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: ROCHER-0B5F4F3D | Utilisateur actuel: PROPRIETAIRE
    .
    Administrateur: Administrateur
    N'est pas administrateur: HelpAssistant *Desactive*
    N'est pas administrateur: Invité *Desactive*
    Administrateur: PROPRIETAIRE
    N'est pas administrateur: SUPPORT_388945a0 *Desactive*
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    .
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\FBrowsingAdvisor
    HKCU\Software\Grand Virtual
    HKCU\Software\MediaHoldings
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCU\Software\PlayMP3
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKLM\Software\Classes\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKLM\Software\Dealio
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\browsingadvisor
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FBrowsingAdvisor_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3
    HKU\S-1-5-21-2000478354-1275210071-725345543-1004\Software\Eorezo
    HKCU\Software\AppDataLow\software\{1E6F723F-24E0-A095-AE38-B1A4B2B36773}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\au
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoweather
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowsingAdvisor
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FBrowsingAdvisor_is1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sqlaptunpboyrblhi
    HKCR\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    HKLM\Software\Classes\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    HKCR\CLSID\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}
    HKLM\Software\Classes\CLSID\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}
    .
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\AbsoluCasino
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
    C:\Program Files\BrowsingAdvisor
    C:\Program Files\Dealio
    C:\Program Files\EoRezo
    C:\Program Files\FBrowserAdvisor
    C:\Program Files\FBrowsingAdvisor
    C:\Program Files\playmp3z
    C:\DOCUME~1\PROPRI~1\MENUDM~1\PROGRA~1\PlayMP3z
    C:\log_lobby.txt
    C:\log_lobby_dumper.txt
    C:\regxpcom.exe
    C:\WINDOWS\System32\sqlaptunpboyrblhi.exe
    C:\WINDOWS\Installer\bd1471.msi
    C:\DOCUME~1\PROPRI~1\Cookies\proprietaire@rotator.its.adjuggler[2].txt
    .
    ============== Scan additionnel ==============
    .
    .
    .

    * Internet Explorer Version 7.0.5730.13 *

    [HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Search_URL: hxxp://www.google.com/ie
    Search bar: hxxp://www.google.com/ie
    Search Page: hxxp://www.google.com
    Start Page: hxxp://www.neufportail.fr/

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs REG_EXPAND_SZ %AppData%\Dealio\KB124\res\tabwelcome_en.html

    ============== Suspect (Cracks, Serials ... ) ==============

    .

    +---------------------------------------------------------------------------+

    4679 Octet(s) - C:\Ad-Report-SCAN.log

    0 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE

    Fin à: 0:56:36 | 05/06/2009
    .
    ============== E.O.F ==============
    .
    0
  3. gen-hackman
     
    Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    ! Déconnecte toi et ferme toutes applications en cours !

    Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

    Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    Au menu principal choisis l'option "L" et tape sur [entrée] .

    Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Aides en images (Installation)
    Aides en images (Recherche)
    0
  4. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Re

    Ci-joint le le nouveau rapport.
    Je m'inquiète, j'ai de plus en plus de pb pour me connecter ou rester connecter ?
    Je restaure sans arrêt !
    As tu trouvé qq chose ?

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_D | UNIQUEMENT XP/VISTA =======
    .
    Mit à jour par C_XX le 05/06/2009 à 5:40 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 0:06:33, 06/06/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: ROCHER-0B5F4F3D | Utilisateur actuel: PROPRIETAIRE
    .
    Administrateur: Administrateur
    N'est pas administrateur: HelpAssistant *Desactive*
    N'est pas administrateur: Invité *Desactive*
    Administrateur: PROPRIETAIRE
    N'est pas administrateur: SUPPORT_388945a0 *Desactive*
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\FBrowsingAdvisor
    HKCU\Software\Grand Virtual
    HKCU\Software\MediaHoldings
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCU\Software\PlayMP3
    HKLM\Software\Dealio
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\browsingadvisor
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FBrowsingAdvisor_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3
    HKCU\Software\AppDataLow\software\{1E6F723F-24E0-A095-AE38-B1A4B2B36773}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\au
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoweather
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sqlaptunpboyrblhi
    HKCR\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    HKCR\CLSID\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}
    .
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\AbsoluCasino
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio\Dealio Deskbar.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio\Help.url
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio\Uninstall.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio\What is Dealio.url
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker\Everest Poker.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker\Uninstall Everest Poker.lnk
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\temp
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\as_sidebar.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\blank.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\DealioSearch.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\deals-endcap.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\deals-leftcap.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\deal_report.jpg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\ebay_login.jpg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\endcap22-bg.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\endcap22-left.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\endcap22-right-arrow.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\endcap22-right.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\ErrorPageTemplate.css
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\err_mainwindow.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\err_sidebar.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\err_toolbar.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\global_scripts.js
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\headerbgthin.jpg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\help.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\logo.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\logo_over.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\man_toolbar.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\man_toolbar.js
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\pill_bg.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\post-this-deal.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\post-this-deal_over.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\scripts.js
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\scroller.js
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\search-chevron.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\search_bg_blink.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\separator.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\settings.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\settings_over.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\sidebar.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\steals_bg.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\tabdata.js
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\tablib.js
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\tabwelcome_en.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\tab_icon.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\toolbar_background.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\res\yahoo_search.gif
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\index.1.80.39
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.10.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.109.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.110.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.12.52
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.13.58
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.130.58
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.135.50
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.153.44
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.155.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.156.49
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.16.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.161.52
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.178.66
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.184.55
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.188.52
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.189.45
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.196.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.198.56
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.199.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.200.53
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.201.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.202.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.203.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.205.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.213.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.214.49
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.215.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.216.67
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.217.67
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.218.52
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.219.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.220.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.221.57
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.222.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.223.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.226.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.227.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.228.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.229.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.23.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.239.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.24.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.240.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.241.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.242.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.243.77
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.244.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.245.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.247.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.248.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.249.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.250.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.251.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.252.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.253.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.254.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.255.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.256.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.257.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.279.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.28.58
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.282.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.283.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.284.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.289.67
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.290.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.291.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.296.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.297.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.304.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.307.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.308.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.31.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.310.46
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.311.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.315.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.316.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.317.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.318.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.319.49
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.32.48
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.334.44
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.335.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.336.44
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.337.44
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.338.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.339.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.34.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.340.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.341.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.349.50
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.35.48
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.350.50
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.351.51
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.352.77
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.353.51
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.354.51
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.357.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.358.52
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.359.52
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.360.53
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.361.54
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.362.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.363.58
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.364.54
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.365.53
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.367.56
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.368.58
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.369.55
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.370.80
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.371.56
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.372.57
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.373.55
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.375.56
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.376.57
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.377.55
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.378.65
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.384.58
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.386.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.387.59
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.388.59
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.389.59
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.390.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.391.78
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.392.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.393.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.394.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.396.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.397.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.398.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.399.60
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.403.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.404.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.405.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.406.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.407.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.408.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.409.61
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.412.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.413.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.414.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.415.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.416.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.417.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.418.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.419.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.420.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.421.62
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.423.77
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.424.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.425.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.426.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.427.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.428.65
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.429.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.430.63
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.432.65
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.433.64
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.434.65
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.435.64
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.436.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.437.64
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.438.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.439.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.440.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.442.73
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.443.73
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.444.73
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.445.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.446.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.450.67
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.451.67
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.452.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.453.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.454.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.456.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.457.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.458.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.459.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.460.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.462.74
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.463.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.464.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.465.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.468.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.469.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.470.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.471.73
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.472.70
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.478.74
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.479.73
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.480.68
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.481.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.482.74
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.49.67
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.50.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.500.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.501.74
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.502.71
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.51.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.52.72
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.520.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.521.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.522.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.53.51
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.531.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.532.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.533.77
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.534.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.54.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.55.45
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.56.69
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.57.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.58.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.591.79
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.592.79
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.593.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.594.77
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.595.76
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.608.78
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.610.80
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.611.79
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.614.79
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.617.79
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.624.80
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.63.57
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.640.80
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.641.80
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.66.47
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.70.75
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\rules\rules.1.71.43
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\temp\dealio-14397.log
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\temp\dealio-14398.log
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\temp\dealio-14399.log
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\temp\dealio-14400.log
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb124\temp\dod_cache.xml
    C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\cache
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\cmhost.cyp
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\ConfMedia.cyp
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\db
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\eoDesktop
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\eoStats
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather.cfg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\host.cyp
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\tmp.exe
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\towns.cfg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\user.cyp
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\db\cat.cyp
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\eoDesktop\config.xml
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\eoDesktop\eoDesktop.html
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\eoDesktop\userConfig.xml
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\eoStats\eoStats.txt
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\EoWeather.cfg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\67_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\67_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\69_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\69_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\70_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\70_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\78_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\78_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\82_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\82_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\83_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\83_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\84_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\84_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\85_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\85_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\89_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\89_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\back.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\background.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\background_1.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\background_1days.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\background_2days.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\background_7days.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\backPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\band.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\band_small.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\close.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\closePressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\earth.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\fonds_‚cran.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\help.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\helpPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\minimise.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\minimisePressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\next.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\nextPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\option.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\optionPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\reflet_ecran.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\small_background.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_classic\Thumbs.db
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\67_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\67_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\69_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\69_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\70_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\70_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\78_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\78_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\82_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\82_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\83_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\83_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\84_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\84_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\85_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\85_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\89_day.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\89_night.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\about.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\back.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\background.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\background_1.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\background_1days.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\background_2days.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\background_7days.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\backPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\close.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\closePressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\earth.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\fonds_‚cran.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\help.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\helpPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\minimise.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\next.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\nextPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\option.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\optionPressed.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\Thumbs.db
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
    C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
    C:\Program Files\BrowsingAdvisor\BrowsingAdvisor.dat
    C:\Program Files\BrowsingAdvisor\pcre3.dll
    C:\Program Files\BrowsingAdvisor\uninstall.exe
    C:\Program Files\BrowsingAdvisor
    C:\Program Files\Dealio\DealioAU.exe
    C:\Program Files\Dealio\kb124
    C:\Program Files\Dealio\kb124\Dealio Deskbar.exe
    C:\Program Files\Dealio\kb124\Dealio.dll
    C:\Program Files\Dealio\kb124\res
    C:\Program Files\Dealio\kb124\rules
    C:\Program Files\Dealio\kb124\temp
    C:\Program Files\Dealio\kb124\res\as_sidebar.html
    C:\Program Files\Dealio\kb124\res\blank.gif
    C:\Program Files\Dealio\kb124\res\DealioSearch.html
    C:\Program Files\Dealio\kb124\res\deals-endcap.gif
    C:\Program Files\Dealio\kb124\res\deals-leftcap.gif
    C:\Program Files\Dealio\kb124\res\deal_report.jpg
    C:\Program Files\Dealio\kb124\res\ebay_login.jpg
    C:\Program Files\Dealio\kb124\res\endcap22-bg.png
    C:\Program Files\Dealio\kb124\res\endcap22-left.png
    C:\Program Files\Dealio\kb124\res\endcap22-right-arrow.png
    C:\Program Files\Dealio\kb124\res\endcap22-right.png
    C:\Program Files\Dealio\kb124\res\ErrorPageTemplate.css
    C:\Program Files\Dealio\kb124\res\err_mainwindow.html
    C:\Program Files\Dealio\kb124\res\err_sidebar.html
    C:\Program Files\Dealio\kb124\res\err_toolbar.html
    C:\Program Files\Dealio\kb124\res\global_scripts.js
    C:\Program Files\Dealio\kb124\res\headerbgthin.jpg
    C:\Program Files\Dealio\kb124\res\help.gif
    C:\Program Files\Dealio\kb124\res\logo.png
    C:\Program Files\Dealio\kb124\res\logo_over.png
    C:\Program Files\Dealio\kb124\res\man_toolbar.html
    C:\Program Files\Dealio\kb124\res\man_toolbar.js
    C:\Program Files\Dealio\kb124\res\pill_bg.gif
    C:\Program Files\Dealio\kb124\res\post-this-deal.gif
    C:\Program Files\Dealio\kb124\res\post-this-deal_over.gif
    C:\Program Files\Dealio\kb124\res\scripts.js
    C:\Program Files\Dealio\kb124\res\scroller.js
    C:\Program Files\Dealio\kb124\res\search-chevron.gif
    C:\Program Files\Dealio\kb124\res\search_bg_blink.gif
    C:\Program Files\Dealio\kb124\res\separator.gif
    C:\Program Files\Dealio\kb124\res\settings.gif
    C:\Program Files\Dealio\kb124\res\settings_over.gif
    C:\Program Files\Dealio\kb124\res\sidebar.html
    C:\Program Files\Dealio\kb124\res\steals_bg.gif
    C:\Program Files\Dealio\kb124\res\tabdata.js
    C:\Program Files\Dealio\kb124\res\tablib.js
    C:\Program Files\Dealio\kb124\res\tabwelcome_en.html
    C:\Program Files\Dealio\kb124\res\tab_icon.png
    C:\Program Files\Dealio\kb124\res\toolbar_background.gif
    C:\Program Files\Dealio\kb124\res\yahoo_search.gif
    C:\Program Files\Dealio\kb124\rules\index.1.80.39
    C:\Program Files\Dealio\kb124\rules\rules.1.10.76
    C:\Program Files\Dealio\kb124\rules\rules.1.109.43
    C:\Program Files\Dealio\kb124\rules\rules.1.110.43
    C:\Program Files\Dealio\kb124\rules\rules.1.12.52
    C:\Program Files\Dealio\kb124\rules\rules.1.13.58
    C:\Program Files\Dealio\kb124\rules\rules.1.130.58
    C:\Program Files\Dealio\kb124\rules\rules.1.135.50
    C:\Program Files\Dealio\kb124\rules\rules.1.153.44
    C:\Program Files\Dealio\kb124\rules\rules.1.155.43
    C:\Program Files\Dealio\kb124\rules\rules.1.156.49
    C:\Program Files\Dealio\kb124\rules\rules.1.16.60
    C:\Program Files\Dealio\kb124\rules\rules.1.161.52
    C:\Program Files\Dealio\kb124\rules\rules.1.178.66
    C:\Program Files\Dealio\kb124\rules\rules.1.184.55
    C:\Program Files\Dealio\kb124\rules\rules.1.188.52
    C:\Program Files\Dealio\kb124\rules\rules.1.189.45
    C:\Program Files\Dealio\kb124\rules\rules.1.196.43
    C:\Program Files\Dealio\kb124\rules\rules.1.198.56
    C:\Program Files\Dealio\kb124\rules\rules.1.199.43
    C:\Program Files\Dealio\kb124\rules\rules.1.200.53
    C:\Program Files\Dealio\kb124\rules\rules.1.201.43
    C:\Program Files\Dealio\kb124\rules\rules.1.202.43
    C:\Program Files\Dealio\kb124\rules\rules.1.203.71
    C:\Program Files\Dealio\kb124\rules\rules.1.205.62
    C:\Program Files\Dealio\kb124\rules\rules.1.213.71
    C:\Program Files\Dealio\kb124\rules\rules.1.214.49
    C:\Program Files\Dealio\kb124\rules\rules.1.215.43
    C:\Program Files\Dealio\kb124\rules\rules.1.216.67
    C:\Program Files\Dealio\kb124\rules\rules.1.217.67
    C:\Program Files\Dealio\kb124\rules\rules.1.218.52
    C:\Program Files\Dealio\kb124\rules\rules.1.219.43
    C:\Program Files\Dealio\kb124\rules\rules.1.220.43
    C:\Program Files\Dealio\kb124\rules\rules.1.221.57
    C:\Program Files\Dealio\kb124\rules\rules.1.222.43
    C:\Program Files\Dealio\kb124\rules\rules.1.223.68
    C:\Program Files\Dealio\kb124\rules\rules.1.226.68
    C:\Program Files\Dealio\kb124\rules\rules.1.227.43
    C:\Program Files\Dealio\kb124\rules\rules.1.228.62
    C:\Program Files\Dealio\kb124\rules\rules.1.229.76
    C:\Program Files\Dealio\kb124\rules\rules.1.23.63
    C:\Program Files\Dealio\kb124\rules\rules.1.239.43
    C:\Program Files\Dealio\kb124\rules\rules.1.24.43
    C:\Program Files\Dealio\kb124\rules\rules.1.240.43
    C:\Program Files\Dealio\kb124\rules\rules.1.241.43
    C:\Program Files\Dealio\kb124\rules\rules.1.242.43
    C:\Program Files\Dealio\kb124\rules\rules.1.243.77
    C:\Program Files\Dealio\kb124\rules\rules.1.244.63
    C:\Program Files\Dealio\kb124\rules\rules.1.245.43
    C:\Program Files\Dealio\kb124\rules\rules.1.247.43
    C:\Program Files\Dealio\kb124\rules\rules.1.248.43
    C:\Program Files\Dealio\kb124\rules\rules.1.249.43
    C:\Program Files\Dealio\kb124\rules\rules.1.250.43
    C:\Program Files\Dealio\kb124\rules\rules.1.251.43
    C:\Program Files\Dealio\kb124\rules\rules.1.252.43
    C:\Program Files\Dealio\kb124\rules\rules.1.253.43
    C:\Program Files\Dealio\kb124\rules\rules.1.254.43
    C:\Program Files\Dealio\kb124\rules\rules.1.255.43
    C:\Program Files\Dealio\kb124\rules\rules.1.256.43
    C:\Program Files\Dealio\kb124\rules\rules.1.257.43
    C:\Program Files\Dealio\kb124\rules\rules.1.279.43
    C:\Program Files\Dealio\kb124\rules\rules.1.28.58
    C:\Program Files\Dealio\kb124\rules\rules.1.282.75
    C:\Program Files\Dealio\kb124\rules\rules.1.283.43
    C:\Program Files\Dealio\kb124\rules\rules.1.284.43
    C:\Program Files\Dealio\kb124\rules\rules.1.289.67
    C:\Program Files\Dealio\kb124\rules\rules.1.290.62
    C:\Program Files\Dealio\kb124\rules\rules.1.291.61
    C:\Program Files\Dealio\kb124\rules\rules.1.296.43
    C:\Program Files\Dealio\kb124\rules\rules.1.297.43
    C:\Program Files\Dealio\kb124\rules\rules.1.304.43
    C:\Program Files\Dealio\kb124\rules\rules.1.307.43
    C:\Program Files\Dealio\kb124\rules\rules.1.308.75
    C:\Program Files\Dealio\kb124\rules\rules.1.31.47
    C:\Program Files\Dealio\kb124\rules\rules.1.310.46
    C:\Program Files\Dealio\kb124\rules\rules.1.311.43
    C:\Program Files\Dealio\kb124\rules\rules.1.315.43
    C:\Program Files\Dealio\kb124\rules\rules.1.316.43
    C:\Program Files\Dealio\kb124\rules\rules.1.317.43
    C:\Program Files\Dealio\kb124\rules\rules.1.318.43
    C:\Program Files\Dealio\kb124\rules\rules.1.319.49
    C:\Program Files\Dealio\kb124\rules\rules.1.32.48
    C:\Program Files\Dealio\kb124\rules\rules.1.334.44
    C:\Program Files\Dealio\kb124\rules\rules.1.335.60
    C:\Program Files\Dealio\kb124\rules\rules.1.336.44
    C:\Program Files\Dealio\kb124\rules\rules.1.337.44
    C:\Program Files\Dealio\kb124\rules\rules.1.338.75
    C:\Program Files\Dealio\kb124\rules\rules.1.339.47
    C:\Program Files\Dealio\kb124\rules\rules.1.34.43
    C:\Program Files\Dealio\kb124\rules\rules.1.340.47
    C:\Program Files\Dealio\kb124\rules\rules.1.341.47
    C:\Program Files\Dealio\kb124\rules\rules.1.349.50
    C:\Program Files\Dealio\kb124\rules\rules.1.35.48
    C:\Program Files\Dealio\kb124\rules\rules.1.350.50
    C:\Program Files\Dealio\kb124\rules\rules.1.351.51
    C:\Program Files\Dealio\kb124\rules\rules.1.352.77
    C:\Program Files\Dealio\kb124\rules\rules.1.353.51
    C:\Program Files\Dealio\kb124\rules\rules.1.354.51
    C:\Program Files\Dealio\kb124\rules\rules.1.357.62
    C:\Program Files\Dealio\kb124\rules\rules.1.358.52
    C:\Program Files\Dealio\kb124\rules\rules.1.359.52
    C:\Program Files\Dealio\kb124\rules\rules.1.360.53
    C:\Program Files\Dealio\kb124\rules\rules.1.361.54
    C:\Program Files\Dealio\kb124\rules\rules.1.362.68
    C:\Program Files\Dealio\kb124\rules\rules.1.363.58
    C:\Program Files\Dealio\kb124\rules\rules.1.364.54
    C:\Program Files\Dealio\kb124\rules\rules.1.365.53
    C:\Program Files\Dealio\kb124\rules\rules.1.367.56
    C:\Program Files\Dealio\kb124\rules\rules.1.368.58
    C:\Program Files\Dealio\kb124\rules\rules.1.369.55
    C:\Program Files\Dealio\kb124\rules\rules.1.370.80
    C:\Program Files\Dealio\kb124\rules\rules.1.371.56
    C:\Program Files\Dealio\kb124\rules\rules.1.372.57
    C:\Program Files\Dealio\kb124\rules\rules.1.373.55
    C:\Program Files\Dealio\kb124\rules\rules.1.375.56
    C:\Program Files\Dealio\kb124\rules\rules.1.376.57
    C:\Program Files\Dealio\kb124\rules\rules.1.377.55
    C:\Program Files\Dealio\kb124\rules\rules.1.378.65
    C:\Program Files\Dealio\kb124\rules\rules.1.384.58
    C:\Program Files\Dealio\kb124\rules\rules.1.386.71
    C:\Program Files\Dealio\kb124\rules\rules.1.387.59
    C:\Program Files\Dealio\kb124\rules\rules.1.388.59
    C:\Program Files\Dealio\kb124\rules\rules.1.389.59
    C:\Program Files\Dealio\kb124\rules\rules.1.390.60
    C:\Program Files\Dealio\kb124\rules\rules.1.391.78
    C:\Program Files\Dealio\kb124\rules\rules.1.392.60
    C:\Program Files\Dealio\kb124\rules\rules.1.393.60
    C:\Program Files\Dealio\kb124\rules\rules.1.394.60
    C:\Program Files\Dealio\kb124\rules\rules.1.396.61
    C:\Program Files\Dealio\kb124\rules\rules.1.397.61
    C:\Program Files\Dealio\kb124\rules\rules.1.398.60
    C:\Program Files\Dealio\kb124\rules\rules.1.399.60
    C:\Program Files\Dealio\kb124\rules\rules.1.403.61
    C:\Program Files\Dealio\kb124\rules\rules.1.404.63
    C:\Program Files\Dealio\kb124\rules\rules.1.405.61
    C:\Program Files\Dealio\kb124\rules\rules.1.406.61
    C:\Program Files\Dealio\kb124\rules\rules.1.407.76
    C:\Program Files\Dealio\kb124\rules\rules.1.408.63
    C:\Program Files\Dealio\kb124\rules\rules.1.409.61
    C:\Program Files\Dealio\kb124\rules\rules.1.412.62
    C:\Program Files\Dealio\kb124\rules\rules.1.413.62
    C:\Program Files\Dealio\kb124\rules\rules.1.414.62
    C:\Program Files\Dealio\kb124\rules\rules.1.415.62
    C:\Program Files\Dealio\kb124\rules\rules.1.416.62
    C:\Program Files\Dealio\kb124\rules\rules.1.417.62
    C:\Program Files\Dealio\kb124\rules\rules.1.418.62
    C:\Program Files\Dealio\kb124\rules\rules.1.419.62
    C:\Program Files\Dealio\kb124\rules\rules.1.420.62
    C:\Program Files\Dealio\kb124\rules\rules.1.421.62
    C:\Program Files\Dealio\kb124\rules\rules.1.423.77
    C:\Program Files\Dealio\kb124\rules\rules.1.424.63
    C:\Program Files\Dealio\kb124\rules\rules.1.425.63
    C:\Program Files\Dealio\kb124\rules\rules.1.426.63
    C:\Program Files\Dealio\kb124\rules\rules.1.427.63
    C:\Program Files\Dealio\kb124\rules\rules.1.428.65
    C:\Program Files\Dealio\kb124\rules\rules.1.429.63
    C:\Program Files\Dealio\kb124\rules\rules.1.430.63
    C:\Program Files\Dealio\kb124\rules\rules.1.432.65
    C:\Program Files\Dealio\kb124\rules\rules.1.433.64
    C:\Program Files\Dealio\kb124\rules\rules.1.434.65
    C:\Program Files\Dealio\kb124\rules\rules.1.435.64
    C:\Program Files\Dealio\kb124\rules\rules.1.436.76
    C:\Program Files\Dealio\kb124\rules\rules.1.437.64
    C:\Program Files\Dealio\kb124\rules\rules.1.438.71
    C:\Program Files\Dealio\kb124\rules\rules.1.439.71
    C:\Program Files\Dealio\kb124\rules\rules.1.440.75
    C:\Program Files\Dealio\kb124\rules\rules.1.442.73
    C:\Program Files\Dealio\kb124\rules\rules.1.443.73
    C:\Program Files\Dealio\kb124\rules\rules.1.444.73
    C:\Program Files\Dealio\kb124\rules\rules.1.445.68
    C:\Program Files\Dealio\kb124\rules\rules.1.446.69
    C:\Program Files\Dealio\kb124\rules\rules.1.450.67
    C:\Program Files\Dealio\kb124\rules\rules.1.451.67
    C:\Program Files\Dealio\kb124\rules\rules.1.452.68
    C:\Program Files\Dealio\kb124\rules\rules.1.453.68
    C:\Program Files\Dealio\kb124\rules\rules.1.454.69
    C:\Program Files\Dealio\kb124\rules\rules.1.456.69
    C:\Program Files\Dealio\kb124\rules\rules.1.457.75
    C:\Program Files\Dealio\kb124\rules\rules.1.458.70
    C:\Program Files\Dealio\kb124\rules\rules.1.459.70
    C:\Program Files\Dealio\kb124\rules\rules.1.460.69
    C:\Program Files\Dealio\kb124\rules\rules.1.462.74
    C:\Program Files\Dealio\kb124\rules\rules.1.463.69
    C:\Program Files\Dealio\kb124\rules\rules.1.464.70
    C:\Program Files\Dealio\kb124\rules\rules.1.465.68
    C:\Program Files\Dealio\kb124\rules\rules.1.468.70
    C:\Program Files\Dealio\kb124\rules\rules.1.469.70
    C:\Program Files\Dealio\kb124\rules\rules.1.470.70
    C:\Program Files\Dealio\kb124\rules\rules.1.471.73
    C:\Program Files\Dealio\kb124\rules\rules.1.472.70
    C:\Program Files\Dealio\kb124\rules\rules.1.478.74
    C:\Program Files\Dealio\kb124\rules\rules.1.479.73
    C:\Program Files\Dealio\kb124\rules\rules.1.480.68
    C:\Program Files\Dealio\kb124\rules\rules.1.481.71
    C:\Program Files\Dealio\kb124\rules\rules.1.482.74
    C:\Program Files\Dealio\kb124\rules\rules.1.49.67
    C:\Program Files\Dealio\kb124\rules\rules.1.50.43
    C:\Program Files\Dealio\kb124\rules\rules.1.500.71
    C:\Program Files\Dealio\kb124\rules\rules.1.501.74
    C:\Program Files\Dealio\kb124\rules\rules.1.502.71
    C:\Program Files\Dealio\kb124\rules\rules.1.51.69
    C:\Program Files\Dealio\kb124\rules\rules.1.52.72
    C:\Program Files\Dealio\kb124\rules\rules.1.520.76
    C:\Program Files\Dealio\kb124\rules\rules.1.521.76
    C:\Program Files\Dealio\kb124\rules\rules.1.522.76
    C:\Program Files\Dealio\kb124\rules\rules.1.53.51
    C:\Program Files\Dealio\kb124\rules\rules.1.531.76
    C:\Program Files\Dealio\kb124\rules\rules.1.532.75
    C:\Program Files\Dealio\kb124\rules\rules.1.533.77
    C:\Program Files\Dealio\kb124\rules\rules.1.534.75
    C:\Program Files\Dealio\kb124\rules\rules.1.54.47
    C:\Program Files\Dealio\kb124\rules\rules.1.55.45
    C:\Program Files\Dealio\kb124\rules\rules.1.56.69
    C:\Program Files\Dealio\kb124\rules\rules.1.57.43
    C:\Program Files\Dealio\kb124\rules\rules.1.58.47
    C:\Program Files\Dealio\kb124\rules\rules.1.591.79
    C:\Program Files\Dealio\kb124\rules\rules.1.592.79
    C:\Program Files\Dealio\kb124\rules\rules.1.593.76
    C:\Program Files\Dealio\kb124\rules\rules.1.594.77
    C:\Program Files\Dealio\kb124\rules\rules.1.595.76
    C:\Program Files\Dealio\kb124\rules\rules.1.608.78
    C:\Program Files\Dealio\kb124\rules\rules.1.610.80
    C:\Program Files\Dealio\kb124\rules\rules.1.611.79
    C:\Program Files\Dealio\kb124\rules\rules.1.614.79
    C:\Program Files\Dealio\kb124\rules\rules.1.617.79
    C:\Program Files\Dealio\kb124\rules\rules.1.624.80
    C:\Program Files\Dealio\kb124\rules\rules.1.63.57
    C:\Program Files\Dealio\kb124\rules\rules.1.640.80
    C:\Program Files\Dealio\kb124\rules\rules.1.641.80
    C:\Program Files\Dealio\kb124\rules\rules.1.66.47
    C:\Program Files\Dealio\kb124\rules\rules.1.70.75
    C:\Program Files\Dealio\kb124\rules\rules.1.71.43
    C:\Program Files\Dealio
    C:\Program Files\EoRezo\EoAdv
    C:\Program Files\EoRezo\EoWeather
    C:\Program Files\EoRezo\EoAdv\eoAdv.url
    C:\Program Files\EoRezo\EoAdv\EoRezoBho.old
    C:\Program Files\EoRezo\EoAdv\tmp
    C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.7402
    C:\Program Files\EoRezo\EoWeather\unins000.exe
    C:\Program Files\EoRezo
    C:\Program Files\FBrowserAdvisor
    C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
    C:\Program Files\FBrowsingAdvisor\Logo.png
    C:\Program Files\FBrowsingAdvisor\main.db
    C:\Program Files\FBrowsingAdvisor\unins000.dat
    C:\Program Files\FBrowsingAdvisor\unins000.exe
    C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
    C:\Program Files\FBrowsingAdvisor
    C:\Program Files\playmp3z\uninstall.exe
    C:\Program Files\playmp3z
    C:\DOCUME~1\PROPRI~1\MENUDM~1\PROGRA~1\PlayMP3z\Run PlayMP3z.lnk
    C:\DOCUME~1\PROPRI~1\MENUDM~1\PROGRA~1\PlayMP3z
    C:\log_lobby.txt
    C:\log_lobby_dumper.txt
    C:\regxpcom.exe
    C:\Program Files\TomTom HOME 2\xulrunner\regxpcom.exe
    C:\WINDOWS\System32\sqlaptunpboyrblhi.exe
    C:\WINDOWS\Installer\bd1471.msi
    C:\DOCUME~1\PROPRI~1\Cookies\proprietaire@rotator.its.adjuggler[2].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    .

    * Internet Explorer Version 7.0.5730.13 *

    [HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.google.com
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: res://ieframe.dll/tabswelcome.htm

    ============== Suspect (Cracks, Serials ... ) ==============

    .

    +---------------------------------------------------------------------------+

    46902 Octet(s) - C:\Ad-Report-CLEAN.log
    4901 Octet(s) - C:\Ad-Report-SCAN.log

    17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
    40 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE

    Fin à: 0:22:27 | 06/06/2009
    .
    ============== E.O.F ==============
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Logfile of HijackThis v1.99.1
    Scan saved at 00:21:39, on 08/06/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Tall Emu\Online Armor\OAcat.exe
    C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\WINDOWS\System32\regsvr32.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe
    C:\Program Files\Tall Emu\Online Armor\oaui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Hijackthis\HijackThis.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wuauclt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb124\Dealio.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: snappyads browser enhancer - {9B886AE3-A663-03B1-8DD5-B6037C0ED1EE} - C:\WINDOWS\system32\vezvutkuwkotlxvd.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-3.dll (file missing)
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SFR-PC] "C:\Program Files\SFR-PC\SFR-PC.exe" /check
    O4 - HKLM\..\Run: [wtstpjmdzhx] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\vezvutkuwkotlxvd.dll"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [CANAL+ CANALSAT A LA DEMANDE] "C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
    O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio\kb124\res\DealioSearch.html
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
    O23 - Service: ewido security suite control - Unknown owner - C:\Program Files\ewido anti-malware\ewidoctrl.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    0
  7. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Logfile of HijackThis v1.99.1
    Scan saved at 00:21:39, on 08/06/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Tall Emu\Online Armor\OAcat.exe
    C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\WINDOWS\System32\regsvr32.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe
    C:\Program Files\Tall Emu\Online Armor\oaui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Hijackthis\HijackThis.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wuauclt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb124\Dealio.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: snappyads browser enhancer - {9B886AE3-A663-03B1-8DD5-B6037C0ED1EE} - C:\WINDOWS\system32\vezvutkuwkotlxvd.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-3.dll (file missing)
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SFR-PC] "C:\Program Files\SFR-PC\SFR-PC.exe" /check
    O4 - HKLM\..\Run: [wtstpjmdzhx] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\vezvutkuwkotlxvd.dll"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [CANAL+ CANALSAT A LA DEMANDE] "C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
    O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio\kb124\res\DealioSearch.html
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
    O23 - Service: ewido security suite control - Unknown owner - C:\Program Files\ewido anti-malware\ewidoctrl.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: maconfservice - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    0
  8. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Re

    Excuse l'envoi du log sans commentaire, mais la 1ère fois je ne suis pas allé au bout de la transmission, après 45 mn de resto, connexion et lancement du log, et copie, je n'ai pas eu le temps de l'envoyer... reblocage
    0
  9. sfd111 Messages postés 25 Statut Membre 3
     
    la ne cherche pa mon encien pc xp o bout de 3 ans d'utilasation il fesai pareil

    sauf que te fichier se sont que des fichier internet: en gros ton pc c 1 sacreé poubelle

    la vu comme il a l'air plente il vo mieu le changer

    depuis 2 ans je sui en pc vista sans aucun antivirus et pare feu et je n'ai jamis u de problemme
    0
  10. gen-hackman
     
    bonjour n'ecoute pas les bêtises

    Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

    ! Déconnecte toi et ferme toutes tes applications en cours !

    Double-clique sur " RSIT.exe " pour le lancer .

    -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

    * Devant l'option "List files/folders created ..." , tu choisis : 2 months

    * clique ensuite sur " Continue " pour lancer l'analyse ...

    -> laisse faire le scan et ne touche pas au PC ...

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

    Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

    Important : poste un rapport, puis l'autre dans la réponse suivante
    Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

    ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
    0
    1. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
       
      T'inquiètes pas pour les bêtises ......
      PS : Y a t'il un pb à lancer RSIT en mode sans échec, si le déroulement de l'analyse est trop long, je crains d'être bloquer en cours ?
      0
  11. gen-hackman
     
    et bien oui..

    s'il bloque vraiment , fais ce qui suit :

    Télécharge OTL de OLDTimer

    et enregistre le sur ton Bureau.

    Double clic sur OTL.exe pour le lancer.

    Coche les 2 cases Lop et Purity

    Coche la case devant scan all users

    Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    Pour me le transmettre clique sur ce lien

    Clique sur Parcourir et cherche le fichier ci-dessus.

    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.
    0
    1. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
       
      Ok, je fais cela ce soir, je suis au boulot ......
      0
  12. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    info.txt logfile of random's system information tool 1.06 2009-06-08 21:21:04

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu" -c"C:\WINDOWS\StiRegstFre.dll"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27B9131D-CEFA-42C5-8D7D-56EFD80BAA25}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D1A81AA-ED90-11D6-86D3-00055DF3561E}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDFC3C8D-823E-4FCF-870B-E756B27CB57E}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
    ABBYY FineReader 6.0-->MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}
    ACDSee 3.1 (SR-1) Standard-->MsiExec.exe /I{930EAE5E-436E-40C4-AFFC-F73D550C0E51}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
    Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    ArcSoft PhotoImpression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst
    ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}\setup.exe" -l0x40c
    a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    BrowsingAdvisor-->C:\Program Files\BrowsingAdvisor\uninstall.exe
    Canon Internet Library for ZoomBrowser EX-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9E75AF24-815C-4BD1-9A05-F96866CC6005}
    Canon PhotoRecord-->C:\WINDOWS\IsUn040c.exe -fC:\PROGRA~1\Canon\PhotoRecord\Uninst.isu -c"C:\PROGRA~1\Canon\PhotoRecord\Program\uninstdll.dll"
    Canon Utilities File Viewer Utility 1.2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{755D3B4E-D3A3-4D05-99D8-FC35E26A331C}
    Canon Utilities PhotoStitch 3.1-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F11A403B-0DE9-4953-B790-7A2F014FBB2B}
    Canon Utilities RemoteCapture 2.7-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{AB3AC39D-9915-435D-ACC4-9881E75326BC}
    Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
    C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Dealio Toolbar 3.1.1-->MsiExec.exe /X{F38E1EF1-BBD6-4743-AF84-021E26B0481C}
    Désinstallation du SFR Video Manager-->C:\Program Files\SFR-PC\uninst-SFR-PC.exe
    Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EPSON Copy Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG
    EPSON Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}\setup.exe" -l0x40c MyUninstall
    EPSON Scan-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0131B2-CF18-40D9-A331-60A3746C1204}\SETUP.EXE" -l0x40c UNINSTALL
    EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
    EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    FBrowsingAdvisor-->"C:\Program Files\FBrowsingAdvisor\unins000.exe"
    Fenêtre d'appareil photo Canon pour ZoomBrowser EX-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5ADA9741-0570-4096-B5FE-1D55E57537D4}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    hp photosmart 7600 series-->rundll32 hpzcon09.dll,VendorJettison hp photosmart 7600 series
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Ma-Config.com-->MsiExec.exe /X{35CB235F-6E2B-4F20-9739-51E0ED3D8093}
    Micro Application - 9 Dictionnaires Utiles-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}\SETUP.EXE" -l0x40c -uninst
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Online Armor 3.5-->"C:\Program Files\Tall Emu\Online Armor\unins000.exe"
    P1670 Guide de référence-->C:\Program Files\EPSON\P1670\REF_G\DOCUNINS.EXE
    Performance Dashboard Snappyads-->C:\WINDOWS\system32\sqlaptunpboyrblhi.exe
    Photodex Presenter-->C:\Program Files\Photodex Presenter\uninst.exe
    Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
    Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
    Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
    PixDiscount 2.00-->"C:\Program Files\PixDiscount\uninstall.exe"
    PlayMP3z-->C:\Program Files\PlayMP3z\uninstall.exe
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    Presto! BizCard 4.1 Fre-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu"
    ProShow Gold-->C:\Program Files\Photodex\ProShowGold\proshow.exe . -u
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
    ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
    SPAMfighter-->"C:\Program Files\SPAMfighter\uninstall.exe" Remove
    Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins002.exe"
    TomTom HOME 2.6.1.1549-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
    VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: avast! antivirus 4.8.1335 [VPS 090605-0]
    FW: Pare-feu Online Armor

    ======System event log======

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.

    Record Number: 107951
    Source Name: Service Control Manager
    Time Written: 20090601220242.000000+120
    Event Type: erreur
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 107950
    Source Name: Service Control Manager
    Time Written: 20090601220242.000000+120
    Event Type: Informations
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

    Record Number: 107949
    Source Name: Service Control Manager
    Time Written: 20090601220242.000000+120
    Event Type: Informations
    User: ROCHER-0B5F4F3D\PROPRIETAIRE

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.

    Record Number: 107948
    Source Name: Service Control Manager
    Time Written: 20090601220242.000000+120
    Event Type: erreur
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 107947
    Source Name: Service Control Manager
    Time Written: 20090601220242.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 3578
    Source Name: SecurityCenter
    Time Written: 20080923184153.000000+120
    Event Type: Informations
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 1
    Message:
    Record Number: 3577
    Source Name: Bonjour Service
    Time Written: 20080923184149.000000+120
    Event Type: Informations
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 4
    Message:
    Record Number: 3576
    Source Name: LightScribeService
    Time Written: 20080923184149.000000+120
    Event Type: Informations
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 1000
    Message: Application défaillante vlc.exe, version 0.8.6.0, module défaillant libvlc.dll, version 0.0.0.0, adresse de défaillance 0x0001179f.

    Record Number: 3575
    Source Name: Application Error
    Time Written: 20080920185403.000000+120
    Event Type: erreur
    User:

    Computer Name: ROCHER-0B5F4F3D
    Event Code: 101
    Message: msnmsgr (3136) Le moteur de base de données est arrêté.

    Record Number: 3574
    Source Name: ESENT
    Time Written: 20080920174852.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=0602
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "VERSION"=3.0.5.001
    "SESSIONID"=1162940508583htx6060.cce.hp.com107f7fe:10edd64f666:2140
    "COLLECTIONID"=COL8143
    "ITEMID"=dj-22741-15
    "UPDATEDIR"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\radB7F3A.tmp
    "TOOLPATH"=/C:\Program%20Files\Hewlett-Packard\HP%20Software%20Update\install.htm
    "HMSERVER"=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
    "SWUTVER"=1.0.3.1
    "OSVER"=winXPH
    "LANG"=1036
    "TIMEOUT"=0
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  13. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by PROPRIETAIRE at 2009-06-08 21:22:21
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 14 GB (37%) free of 38 GB
    Total RAM: 1023 MB (50% free)

    HijackThis download failed

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
    DealioBHO Class - C:\Program Files\Dealio\kb124\Dealio.dll [2007-10-09 2663264]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}]
    snappyads browser enhancer - C:\WINDOWS\system32\vezvutkuwkotlxvd.dll [2009-05-12 391680]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-18 251504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-18 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-18 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb124\Dealio.dll [2007-10-09 2663264]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-18 251504]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe [2003-05-07 188416]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "EoEngine"= []
    "EoWeather"= []
    "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
    "au"=C:\Program Files\Dealio\DealioAU.exe [2007-10-09 492896]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "SFR-PC"=C:\Program Files\SFR-PC\SFR-PC.exe [2008-11-05 872536]
    "wtstpjmdzhx"=C:\WINDOWS\System32\regsvr32.exe [2008-04-14 12288]
    "SPAMfighter Agent"=C:\Program Files\SPAMfighter\SFAgent.exe [2009-03-12 326792]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2009-04-28 2045128]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    ""= []
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-17 68856]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-03-18 251240]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2009-04-28 335048]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Disabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImPackr.exe"="C:\Program Files\IncrediMail\bin\ImPackr.exe:*:Disabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Disabled:IncrediMail"
    "C:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\Content.IE5\PTIEMD3Q\incredimail_install[1].exe"="C:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\Content.IE5\PTIEMD3Q\incredimail_install[1].exe:*:Disabled:IncrediMail Installer"
    "C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Disabled:Kaspersky AV Scanner"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6762ca74-0765-11de-a13b-4d6564696130}]
    shell\AutoRun\command - G:\InstallTomTomHOME.exe

    ======List of files/folders created in the last 2 months======

    2009-06-08 21:20:57 ----D---- C:\Program Files\trend micro
    2009-06-08 21:20:47 ----D---- C:\rsit
    2009-06-08 20:48:01 ----A---- C:\Extras.Txt
    2009-06-08 20:47:53 ----A---- C:\OTL.Txt
    2009-06-08 20:42:55 ----A---- C:\OTL.exe
    2009-06-08 20:42:54 ----A---- C:\RSIT.exe
    2009-06-08 20:14:30 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio
    2009-06-08 20:14:27 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\EoRezo
    2009-06-08 20:14:26 ----D---- C:\Program Files\BrowsingAdvisor
    2009-06-08 20:14:21 ----D---- C:\Program Files\FBrowserAdvisor
    2009-06-08 20:14:21 ----D---- C:\Program Files\eoRezo
    2009-06-08 20:14:21 ----D---- C:\Program Files\Dealio
    2009-06-08 20:14:20 ----D---- C:\Program Files\PlayMP3z
    2009-06-08 20:14:20 ----D---- C:\Program Files\FBrowsingAdvisor
    2009-06-08 20:12:55 ----D---- C:\WINDOWS\SxsCaPendDel
    2009-06-07 23:09:11 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio(4)
    2009-06-06 10:37:50 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio(3)
    2009-06-06 10:34:34 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-06-06 09:04:18 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio(2)
    2009-06-05 00:34:07 ----D---- C:\Program Files\Ad-remover
    2009-06-03 23:28:16 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\AdSigner
    2009-05-18 23:22:05 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\OnlineArmor
    2009-05-18 23:22:05 ----D---- C:\Documents and Settings\All Users\Application Data\OnlineArmor
    2009-05-18 23:21:40 ----D---- C:\Program Files\Tall Emu
    2009-05-18 23:19:50 ----D---- C:\Program Files\CCleaner
    2009-05-18 23:15:47 ----D---- C:\Program Files\Lavasoft
    2009-05-18 23:15:46 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-05-18 23:14:48 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-05-17 12:50:09 ----RSD---- C:\WINDOWS\assembly
    2009-05-17 12:48:52 ----D---- C:\WINDOWS\Microsoft.NET
    2009-05-17 10:54:58 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-17 10:54:58 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-17 10:54:58 ----A---- C:\WINDOWS\system32\java.exe
    2009-05-17 10:50:25 ----D---- C:\Program Files\Fichiers communs\Application
    2009-05-17 10:49:12 ----D---- C:\Program Files\SPAMfighter
    2009-05-17 10:31:22 ----A---- C:\WINDOWS\system32\sqlaptunpboyrblhi.exe
    2009-05-17 10:08:18 ----D---- C:\Program Files\TomTom International B.V
    2009-05-13 22:24:37 ----D---- C:\Program Files\SPAMfighter(2)
    2009-04-15 15:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-04-15 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
    2009-04-15 15:13:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-04-15 15:12:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-04-15 15:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-04-15 15:10:55 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

    ======List of files/folders modified in the last 2 months======

    2009-06-08 21:20:57 ----RD---- C:\Program Files
    2009-06-08 21:19:23 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-06-08 21:19:05 ----D---- C:\WINDOWS\Temp
    2009-06-08 21:11:28 ----D---- C:\WINDOWS
    2009-06-08 20:16:34 ----D---- C:\WINDOWS\system32\config
    2009-06-08 20:15:21 ----D---- C:\WINDOWS\system32\wbem
    2009-06-08 20:15:19 ----D---- C:\WINDOWS\Registration
    2009-06-08 20:14:19 ----SHD---- C:\WINDOWS\Installer
    2009-06-08 20:14:19 ----D---- C:\WINDOWS\system32
    2009-06-08 20:13:11 ----D---- C:\Program Files\IncrediMail
    2009-06-08 20:12:56 ----SHD---- C:\Config.Msi
    2009-06-08 20:12:46 ----D---- C:\WINDOWS\system32\mui
    2009-06-08 20:12:35 ----D---- C:\WINDOWS\BDOSCAN8
    2009-06-08 20:12:32 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\Apple Computer
    2009-06-08 20:12:01 ----D---- C:\WINDOWS\WinSxS
    2009-06-08 19:38:12 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-06-08 00:21:04 ----D---- C:\Hijackthis
    2009-06-05 07:00:40 ----N---- C:\WINDOWS\SchedLgU.Txt
    2009-06-05 00:03:22 ----D---- C:\WINDOWS\Debug
    2009-06-01 21:59:55 ----HD---- C:\WINDOWS\inf
    2009-05-20 22:08:11 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-05-19 19:31:12 ----SHD---- C:\System Volume Information
    2009-05-19 19:31:12 ----D---- C:\WINDOWS\system32\Restore
    2009-05-19 07:29:52 ----D---- C:\WINDOWS\Prefetch
    2009-05-19 00:14:56 ----D---- C:\WINDOWS\system32\CatRoot
    2009-05-19 00:14:54 ----D---- C:\WINDOWS\security
    2009-05-19 00:14:02 ----D---- C:\Program Files\eMule
    2009-05-19 00:13:14 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\LimeWire
    2009-05-18 23:47:32 ----D---- C:\WINDOWS\system32\LogFiles
    2009-05-18 23:21:47 ----D---- C:\WINDOWS\system32\drivers
    2009-05-18 23:14:48 ----D---- C:\Program Files\Fichiers communs
    2009-05-18 23:13:12 ----D---- C:\Program Files\a-squared Free
    2009-05-18 23:03:45 ----D---- C:\Program Files\LimeWire
    2009-05-18 23:03:07 ----D---- C:\Program Files\Google
    2009-05-18 23:00:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-05-18 23:00:43 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\Lavasoft
    2009-05-18 19:22:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-05-18 19:07:22 ----D---- C:\WINDOWS\AppPatch
    2009-05-17 23:20:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-05-17 23:19:44 ----D---- C:\WINDOWS\system32\fr-fr
    2009-05-17 23:19:43 ----D---- C:\Program Files\Internet Explorer
    2009-05-17 23:08:23 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
    2009-05-17 10:54:56 ----D---- C:\Program Files\Java
    2009-05-17 10:21:27 ----D---- C:\Program Files\Picasa2
    2009-05-17 10:20:54 ----D---- C:\Documents and Settings\PROPRIETAIRE\Application Data\uTorrent
    2009-05-17 10:18:59 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-17 10:06:08 ----D---- C:\Program Files\TomTom HOME 2
    2009-05-14 18:27:02 ----D---- C:\WINDOWS\network diagnostic
    2009-05-12 13:07:10 ----A---- C:\WINDOWS\system32\vezvutkuwkotlxvd.dll
    2009-05-07 00:16:30 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-04-15 15:16:42 ----D---- C:\WINDOWS\ie7updates
    2009-04-15 15:13:08 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-04-13 82380]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
    R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
    R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
    R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2002-07-10 32256]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
    S1 ewido security suite driver;ewido security suite driver; \??\C:\Program Files\ewido anti-malware\guard.sys []
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
    S2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-05-14 51056]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-05-14 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-05-14 21488]
    S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys []
    S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-07-22 32000]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-05-18 717320]
    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-05-18 611664]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2006-05-10 39936]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\OAcat.exe [2009-04-28 361672]
    R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2008-01-20 181312]
    R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe [2009-03-12 184968]
    R2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2009-04-28 3052744]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-03-18 92008]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    S2 ewido security suite control;ewido security suite control; C:\Program Files\ewido anti-malware\ewidoctrl.exe []
    S2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-20 137200]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 maconfservice;maconfservice; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-14 576680]
    S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-05-14 65795]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 ewido security suite guard;ewido security suite guard; C:\Program Files\ewido anti-malware\ewidoguard.exe []

    -----------------EOF-----------------
    0
  14. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    OTL Extras logfile created on: 08/06/2009 20:44:04 - Run 1
    OTL by OldTimer - Version 2.1.1.0 Folder = C:\
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1023,48 Mb Total Physical Memory | 548,37 Mb Available Physical Memory | 53,58% Memory free
    2,40 Gb Paging File | 1,92 Gb Available in Paging File | 79,81% Paging File free
    Paging file location(s): [Binary data over 100 bytes]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 37,26 Gb Total Space | 13,84 Gb Free Space | 37,14% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: ROCHER-0B5F4F3D
    Current User Name: PROPRIETAIRE
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Output = Standard
    File Age = 30 Days
    Company Name Whitelist: On

    [color=orange]========== File Associations ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [color=orange]========== Security Center Settings ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
    "EnableFirewall" = 0
    "DisableNotifications" = 0
    "DoNotAllowExceptions" = 0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
    "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
    "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
    "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

    [color=orange]========== Authorized Applications List ==========/color

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    [2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2008/05/14 16:40:36 | 00,576,680 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
    [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour
    [2008/08/01 19:41:24 | 05,480,448 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Disabled:eMule
    [2009/04/16 11:57:02 | 00,112,000 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Disabled:IncrediMail
    [2009/04/16 11:57:10 | 00,103,808 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImPackr.exe:*:Disabled:IncrediMail
    [2009/04/16 11:57:06 | 00,304,512 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImLc.exe:*:Disabled:IncrediMail
    File not found -- C:\Documents and Settings\PROPRIETAIRE\Local Settings\Temporary Internet Files\Content.IE5\PTIEMD3Q\incredimail_install[1].exe:*:Disabled:IncrediMail Installer
    File not found -- C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Disabled:Kaspersky AV Scanner
    [2008/09/18 20:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire
    [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger
    [2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Disabled:Windows Live Messenger (Phone)
    [2008/04/14 04:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
    [2009/04/16 11:57:02 | 00,251,264 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail
    [2009/04/16 11:56:58 | 00,189,824 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail

    [color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
    "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
    "{0E0131B2-CF18-40D9-A331-60A3746C1204}" = EPSON Scan
    "{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
    "{16C9924C-C42A-4790-BD18-27BDCA4B23C1}" = SPAMfighter
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
    "{2DBFBD32-00BB-4678-B77B-8F5F729842BC}" = PS7600
    "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
    "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35CB235F-6E2B-4F20-9739-51E0ED3D8093}" = Ma-Config.com
    "{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
    "{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
    "{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
    "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
    "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photorécit 3 pour Windows
    "{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
    "{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Camera Window
    "{60758250-C8CF-47EB-8CB6-E0C3B84D8207}" = PSShortcuts
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
    "{6C5D7191-140A-11D6-B5A0-0050DA208A93}" = ArcSoft PhotoImpression
    "{755D3B4E-D3A3-4D05-99D8-FC35E26A331C}" = File Viewer Utility 1.2.2
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
    "{9030040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
    "{930EAE5E-436E-40C4-AFFC-F73D550C0E51}" = ACDSee 3.1 (SR-1) Standard
    "{9E75AF24-815C-4BD1-9A05-F96866CC6005}" = CIG
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{AB3AC39D-9915-435D-ACC4-9881E75326BC}" = RemoteCapture 2.7.2
    "{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.4 - Français
    "{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}" = ABBYY FineReader 6.0
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}" = Micro Application - 9 Dictionnaires Utiles
    "{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
    "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
    "{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}" = EPSON Photo Print
    "{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2
    "{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
    "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
    "{DE4997B5-55AD-4878-97A7-C9FA84FE23C7}" = PSUsage
    "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
    "{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
    "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
    "{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = PhotoStitch
    "{F38E1EF1-BBD6-4743-AF84-021E26B0481C}" = Dealio Toolbar 3.1.1
    "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Photoshop 7.0" = Adobe Photoshop 7.0
    "a-squared Free_is1" = a-squared Free 4.5
    "avast!" = avast! Antivirus
    "BrowsingAdvisor" = BrowsingAdvisor
    "CCleaner" = CCleaner (remove only)
    "CleanUp!" = CleanUp!
    "C-Media Audio Driver" = C-Media WDM Audio Driver
    "eMule" = eMule
    "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
    "FBrowsingAdvisor_is1" = FBrowsingAdvisor
    "hp photosmart 7600 series_Driver" = hp photosmart 7600 series
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "IncrediMail" = IncrediMail
    "InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Fenêtre d'appareil photo Canon pour ZoomBrowser EX
    "InstallShield_{755D3B4E-D3A3-4D05-99D8-FC35E26A331C}" = Canon Utilities File Viewer Utility 1.2
    "InstallShield_{9E75AF24-815C-4BD1-9A05-F96866CC6005}" = Canon Internet Library for ZoomBrowser EX
    "InstallShield_{AB3AC39D-9915-435D-ACC4-9881E75326BC}" = Canon Utilities RemoteCapture 2.7
    "InstallShield_{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = Canon Utilities PhotoStitch 3.1
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "Nero - Burning Rom!UninstallKey" = Nero 6 Demo
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "OnlineArmor_is1" = Online Armor 3.5
    "P1670 Guide de référence" = P1670 Guide de référence
    "Photodex Presenter" = Photodex Presenter
    "PhotoRecord" = Canon PhotoRecord
    "Picasa2" = Picasa 2
    "PixDiscount" = PixDiscount 2.00
    "PlayMP3" = PlayMP3z
    "ProShow Gold" = ProShow Gold
    "SFR-PC" = Désinstallation du SFR Video Manager
    "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
    "SPAMfighter" = SPAMfighter
    "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
    "sqlaptunpboyrblhi" = Performance Dashboard Snappyads
    "TomTom HOME" = TomTom HOME 2.6.1.1549
    "Uninstall Presto! BizCard 4.1 Fre" = Presto! BizCard 4.1 Fre
    "VLC media player" = VideoLAN VLC media player 0.8.6d
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "Windows XP Service" = Windows XP Service Pack 3
    "WinRAR archiver" = WinRAR archiver
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    [color=orange]========== Last 10 Event Log Errors ==========/color

    [ Antivirus Events ]
    Error - 10/09/2007 13:54:39 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = AAVM - initialization error: AavmStart: avworkInitialize failed, 0000A438.

    Error - 10/09/2007 16:23:16 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = aswSplash - Program error description: 42040 = Le fichier VPS a été
    détruit..

    Error - 10/09/2007 16:24:03 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = aswSplash - Program error description: 42040 = Le fichier VPS a été
    détruit..

    Error - 10/09/2007 16:24:57 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = aswSplash - Program error description: 42040 = Le fichier VPS a été
    détruit..

    Error - 10/09/2007 16:50:37 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = AAVM - initialization error: AavmStart: avworkInitialize failed, 0000A438.

    Error - 07/10/2007 08:46:55 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = AAVM - initialization error: AavmStart: avworkInitialize failed, 0000A413.

    Error - 06/04/2008 03:20:57 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = Internal error has occurred in module aswar scan function failed!,
    function C0000005.

    Error - 06/04/2008 15:20:31 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = Internal error has occurred in module aswar scan function failed!,
    function C0000005.

    Error - 07/04/2008 07:51:49 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = Internal error has occurred in module aswar scan function failed!,
    function C0000005.

    Error - 07/04/2008 11:01:51 | Computer Name = ROCHER-0B5F4F3D | Source = avast! | ID = 33554522
    Description = Internal error has occurred in module aswar scan function failed!,
    function C0000005.

    [ Application Events ]
    Error - 01/06/2009 07:47:06 | Computer Name = ROCHER-0B5F4F3D | Source = Application Hang | ID = 1002
    Description = Application bloquée iexplore.exe, version 7.0.6000.16827, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 01/06/2009 15:38:19 | Computer Name = ROCHER-0B5F4F3D | Source = Application Error | ID = 1000
    Description = Application défaillante oaui.exe, version 3.5.0.14, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 04/06/2009 16:14:15 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 04/06/2009 16:43:33 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 04/06/2009 17:01:29 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 04/06/2009 17:17:15 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 04/06/2009 17:29:09 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 04/06/2009 17:30:28 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 07/06/2009 18:10:54 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    Error - 07/06/2009 18:12:06 | Computer Name = ROCHER-0B5F4F3D | Source = .NET Runtime | ID = 0
    Description =

    [ Canal+ Events ]
    Error - 30/05/2009 09:21:41 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 30/05/2009 09:21:41 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 31/05/2009 06:01:17 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 31/05/2009 06:01:17 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 01/06/2009 07:33:32 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 01/06/2009 07:33:32 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 01/06/2009 15:39:46 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 01/06/2009 15:39:46 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 01/06/2009 15:53:15 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    Error - 01/06/2009 15:53:15 | Computer Name = ROCHER-0B5F4F3D | Source = VideoOnDemand | ID = 0
    Description =

    [ System Events ]
    Error - 08/06/2009 13:28:44 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7001
    Description = Le service Apple Mobile Device dépend du service Pilote du protocole
    TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31

    Error - 08/06/2009 13:28:44 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7001
    Description = Le service Service Bonjour dépend du service Pilote du protocole TCP/IP
    qui n'a pas pu démarrer en raison de l'erreur : %%31

    Error - 08/06/2009 13:28:44 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7001
    Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
    pu démarrer en raison de l'erreur : %%31

    Error - 08/06/2009 13:28:44 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : Aavmker4 AFD AmdK7 aswSP aswTdi Fips IPSec kl1 MRxSmb NetBIOS NetBT OADevice OAmon
    OAnet
    RasAcd
    Rdbss
    Tcpip

    Error - 08/06/2009 13:29:30 | Computer Name = ROCHER-0B5F4F3D | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
    avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 08/06/2009 14:18:46 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7000
    Description = Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer
    en raison de l'erreur : %%1058

    Error - 08/06/2009 14:18:46 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7000
    Description = Le service Protocole IrDA n'a pas pu démarrer en raison de l'erreur :
    %%2

    Error - 08/06/2009 14:18:46 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7001
    Description = Le service Moniteur infrarouge dépend du service Protocole IrDA qui
    n'a pas pu démarrer en raison de l'erreur : %%2

    Error - 08/06/2009 14:18:47 | Computer Name = ROCHER-0B5F4F3D | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : kl1

    Error - 08/06/2009 14:19:42 | Computer Name = ROCHER-0B5F4F3D | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    < End of report >
    0
  15. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Je n'arrive à poster le OTL logfile created on: 08/06/2009 20:44:04 - Run 1
    OTL by OldTimer - Version 2.1.1.0 Folder = C:\

    A chaque fois il me dit que je l'ai déjà fait
    Je l'ai copier sur ma clef USB, j'essaierais de te l'envoyer demain matin du boulot
    Dur dur les blocages ?
    0
  16. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Re Bonjour,
    L'envoi par le forum semble planter, je l'envoie le fichier " OTL logfile " par le lien ci-dessous :
    http://www.cijoint.fr/cjlink.php?file=cj200906/cij2HRaKP0.doc

    Hier soir après mes 3 envois de fichier, je n'arrivais plus à me connecter à internet ?
    Quelle solution pour contourner le pb, si je ne peux intervenir sur le pc avant le blocage ?
    0
  17. gen-hackman
     
    Télécharge Zeb-Restore http://telechargement.zebulon.fr/zeb-restore.html enregistre ce fichier sur le bureau.

    -Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
    -Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
    - Coche la case devant :sites de confiance
    - Ne coche aucune autre case
    -Clique sur Restaurer
    -Redémarre ton PC

    ensuite :

    Télécharge HostXpert sur ton Bureau :

    ---> Décompresse-le (Clic droit >> Extraire ici)

    ---> Double-clique sur HostsXpert pour le lancer

    ---> clique sur le bouton "Restore MS Hosts File" puis ferme le programme

    PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.

    s'il est fermé , clique dessus :)

    ensuite :

    Désactiver le TeaTimer de Spybot (Merci à Nico):

    Pour désactiver le TeaTimer :
    => Ouvrir Spybot S&D
    => Dans le menu "Mode", séléctionner le mode avancé.
    => Une fenêtre demande confirmation cliquer sur "oui".
    => Une fois le mode avancé actif, ouvrir l'onglet "Outils".
    => Cliquer sur Résident.
    => La partie Résident comporte deux lignes qui sont normalement cochées :
    *Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.

    * Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.

    => Décocher la ligne TeaTimer.
    => Redémarrer Spybot (le fermer et le réouvrir)
    => Retourner dans le menu Résident et vérifier qu'il soit bien désactivé.

    ensuite :

    Desinstalle Adware

    ensuite :


    ---> Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.

    ---> Télécharge OTM (OldTimer) sur ton Bureau :

    ---> Double-clique sur OTM.exe afin de le lancer.

    ---> Copie (Ctrl+C) le texte suivant ci-dessous :



    :processes
    explorer.exe

    :services
    aspnet_state
    ewido security suite control
    ewido security suite guard

    :files
    C:\WINDOWS\system32\vezvutkuwkotlxvd.dll
    C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio
    C:\Documents and Settings\PROPRIETAIRE\Application Data\EoRezo
    C:\Program Files\BrowsingAdvisor
    C:\Program Files\FBrowserAdvisor
    C:\Program Files\eoRezo
    C:\Program Files\Dealio
    C:\Program Files\PlayMP3z
    C:\Program Files\FBrowsingAdvisor
    C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio(4)
    C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio(3)
    C:\Documents and Settings\PROPRIETAIRE\Application Data\Dealio(2)
    C:\*.sqm
    C:\WINDOWS\System32\sqlaptunpboyrblhi.exe
    C:\Program Files\SPAMfighter(2)
    C:\WINDOWS\SlantAdj.dll
    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B886AE3-A663-03B1-8DD5-B6037C0ED1EE}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}"=-
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "EoEngine"=-
    "EoWeather"=-
    "QuickTime Task"=-
    "au"=-
    "wtstpjmdzhx"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"=-
    ""=-

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]



    ---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

    ---> Clique maintenant sur le bouton MoveIt! puis ferme OTM

    Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

    ---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ensuite :


    Télécharge TOOLBAR S&D ( de Eric_71/Team IDN ) sur ton bureau :

    !! Déconnecte toi,desactive tes protections résidentes, et ferme toutes tes applications en cours le temps de la manip. !!

    * Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...

    --> Tapes ( option " recherche " ) puis tape sur [Entrée].

    Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse

    ( le rapport est en outre sauvegardé ici -> C:\TB.txt )

    Tutoriel

    ensuite :

    Relance Toolbar-S&D en double-cliquant sur le raccourci
    .
    Ø Tape sur "2" puis valide en appuyant sur "Entrée".

    ! Ne ferme pas la fenêtre lors de la suppression !

    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    ensuite :


    Passer de Avast à AntiVir :

    Télécharge Désinstalleur d'Avast!.

    redemarre en mode sans echec :

    Comment aller en Mode sans échec
    1) Redémarres ton ordi
    2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
    3) Tu verras un écran avec options de démarrage apparaître
    4) Choisis la première option : Sans Échec, et valide avec "Entrée"
    5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
    (attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)

    Désinstalle via Ajout/Suppression de Programmes (si présents) :

    * Avast!

    ensuite execute le desinstaller

    Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

    redemarre

    Télécharge Ccleaner sur ton Bureau. :

    * Clique sur "download the latest version"
    * Installe-le en laissant seulement les options suivantes cochées :

    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner

    * Lance le Nettoyage
    * Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    plus de precision sur la configuration de ccleaner te seront donnees plus tard

    tuto Comment utiliser CCleaner.
    ***************

    Télécharge Antivir en Francais ou Antivir en Francais sur ton Bureau.:

    * Double clique sur l'exécutable téléchargé pour lancer l'installation.
    * À la fin de l'installation, clique sur Finish.
    * Ouvre Antivir, assure-toi qu’il soit bien à jour !
    * Dans l'onglet Protection Locale, choisis Contrôler.
    * Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
    * Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
    * Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
    * Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? :Avast Vs Antivir

    Tuto Antivir: Comment installer et utiliser AntiVir.

    ***************************************
    Une fois AntiVir ouvert, clique sur "configuration" et coche la case " mode expert " :
    * mets toi sur "scanner"/"recherche" (à gauche) -> dans "fichiers", coche tous les fichiers et en dessous dans priorité scanner= élevé .
    coche aussi : autorisé l'arrêt , comme cela tu peux faire une pause pendant le scan si tu le desir.
    * toujours dans "recherche" -> " Autres réglages ", coche les cases suivantes :

    >secteur d'amorçage lecteurs de rech.

    >Contrôler secteurs d'amorçage maître

    >Suivre les liens symboliques

    >Rech.Rootkit au dém. de la recherche

    et décoche :

    ignorer les fichiers hors ligne

    * mets toi sur "scanner"/"recherche"/ "heuristique" -> Heuristique macrovirus= coché, et en dessous coche activer AHeAD , et coche la case degré d'identification moyen ...

    ---> clique sur "OK" pour valider le réglage ...
    ****************************************
    0
  18. Ramon1 Messages postés 364 Date d'inscription   Statut Membre Dernière intervention  
     
    Re
    Je vois que j'ai de quoi occuper mes soirées.
    J'ai déjà téléchargé tous les logiciels nécessaires, il n'y a plus qu'à les installer et suivre ta procédure !
    Seulement 3 questions :
    Zeb-Restore doit être installé en mode sans échec !
    Est-ce que je ne risque pas d'être blloquer ?
    Quelle différence pour Antivir entre " Antivir_workstation_winu_fr_h " et " avira_antivir_personal_fr " ?
    Merci pour la qualité et la compréhension de ton mode opératoire
    0
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10