Centre de securité inactif

Résolu
poufpouf50 Messages postés 52 Statut Membre -  
poufpouf50 Messages postés 52 Statut Membre -
Bonjour,
voila mon centre de securité est devenu inactif, suite a une erreur jai voulu effacer manuellement un mouchard sur psybot..le nom du mouchard est microsoft.windows security center-disabled..jai essayer plusieurs chose mais rien a faire ..alors a l aide ..merci d avance.

40 réponses

  • 1
  • 2
Réponse 1 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
Bonsoir

merci de pas creer des topics inutile est legerement mal polie comme on te la fait remarqué sur ton autre poste
http://www.commentcamarche.net/forum/affich 13441217 cest quand que quelqu un repond

mais j'ai vu dans ton profil que apparament tu es blonde donc sa va je t'excuse :)

Fait ceci :

Télécharge Random's System Information Tool (RSIT) de Random/Random, et enregistre le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
1
Réponse 2 / 40
poufpouf50 Messages postés 52 Statut Membre
 
bonsoir ..merci a toi de me repondre ..alors je suis entrain de faire ce que tu ma dis mais jai deja un probleme , sa me dit LINE 1 , error subscript with non-Array variable. que faire ?
0
Réponse 3 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
ok il faut faire ceci avant :

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
https://forum.malekal.com/viewtopic.php?f=59&t=6517

==> Vas dans "Démarrer" puis Panneau de configuration.
==> Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
==> Clique sur Continuer.
==> Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
==> Valide par OK et redémarre ton PC.

ensuite tu clic droit sur l'icone RSIt et choisit executer en tant qu'administrateur, tu feras ainsi a chaque scan que tu va passé
0
Réponse 4 / 40
poufpouf50 Messages postés 52 Statut Membre
 
malgré l UAC correctement désactiver sa me met quand meme le meme message d erreur!!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
ok

telecharge hijackthis SUR TON BUREAU https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

clic droit dessus et choisit executer en tant qu'administrateur

puis choisit do a scan and save the log et poste le rapport
0
Réponse 6 / 40
POUFPOUF50
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:29:15, on 19/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\mouse32a.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Canal\Canal Widget\CANAL+ CANALSAT A LA DEMANDE.EXE
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Users\steph\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\steph\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\51DGHIXO\RSIT[1].exe
C:\Program Files\trend micro\steph.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 7 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
rien de visible dans le rapport :



Télécharge OTL de OLDTimer
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

et enregistre le sur ton Bureau.

Double clic sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant scan all users

Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus (OTL.txt).

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.
0
Réponse 8 / 40
makinn Messages postés 338 Statut Membre 5
 
Si tu est sous vista tape services dans "rechercher" après tu dois voir "centre de sécurité" clique droit dessus et va dans propriété et fais démarrer et la ça devrait remarcher
Tient moi au courant
0
Réponse 9 / 40
poufpouf50 Messages postés 52 Statut Membre
 
je l es deja fais ce truc la ..et centre de securité n apparait plus dans "services"
0
Réponse 10 / 40
makinn Messages postés 338 Statut Membre 5
 
Formate...
J'ai pas trop d'idées vraiment dsl
0
Réponse 11 / 40
poufpouf50 Messages postés 52 Statut Membre
 
pas grave Makinn ..je te remercie quand meme.bye
0
Réponse 12 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
poufpouf en attente de rapport demandé au poste 7


http://www.commentcamarche.net/forum/affich 12942571 centre de securite inactif?#7
0
poufpouf50
 
voila ..
0
Réponse 13 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
salut

poufpour je n'ai pas eu le rapport....

si tu as du mal a le transmettre via le site ci-joint

copie colle le ici en 2fois stp
0
poufpouf50
 
OTL logfile created on: 19/07/2009 22:17:10 - Run 1
OTL by OldTimer - Version 3.0.9.2 Folder = C:\Users\steph\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,75 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 45,79% Memory free
3,74 Gb Paging File | 2,21 Gb Available in Paging File | 58,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,14 Gb Total Space | 7,08 Gb Free Space | 13,84% Space Free | Partition Type: NTFS
Drive D: | 50,89 Gb Total Space | 50,80 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-STEPH
Current User Name: steph
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - [2008/12/03 22:12:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/07/14 10:04:11 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/11 08:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2007/01/26 14:24:42 | 00,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2009/07/14 10:04:11 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/16 23:38:33 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2007/07/06 05:06:52 | 04,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2009/04/29 11:08:55 | 00,188,416 | ---- | M] (Canal+ Active) -- C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
PRC - [2007/05/24 13:38:22 | 00,206,952 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2007/08/15 11:21:38 | 00,772,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007/12/04 00:15:15 | 00,370,176 | ---- | M] () -- C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\mouse32a.exe
PRC - [2007/04/25 16:33:36 | 00,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007/06/11 14:54:58 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/06/06 10:06:44 | 00,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe
PRC - [2009/01/23 20:52:12 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/04/25 16:34:30 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2009/04/11 08:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007/04/23 09:53:48 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/06/13 16:54:36 | 00,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/11/24 12:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007/01/23 15:48:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/05/17 02:46:50 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2007/07/03 10:40:10 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/06/28 18:50:52 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/09/14 14:32:46 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2009/04/11 08:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/04/11 08:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/04/11 08:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2007/06/13 16:56:18 | 00,765,952 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
PRC - [2007/09/14 10:06:48 | 00,454,656 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
PRC - [2007/08/29 10:35:38 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
PRC - [2007/02/09 06:35:54 | 00,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
PRC - [2009/04/22 11:21:07 | 00,095,744 | ---- | M] () -- C:\Program Files\Canal\Canal Widget\CANAL+ CANALSAT A LA DEMANDE.EXE
PRC - [2009/04/11 08:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2007/05/22 08:18:56 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe
PRC - [2007/06/06 10:44:44 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apntex.exe
PRC - [2009/06/20 23:37:02 | 00,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\steph\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/07/19 21:31:09 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\steph\Downloads\HiJackThis.exe
PRC - [2008/01/19 09:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/03/08 23:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 23:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 23:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/07/19 22:15:42 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\steph\Downloads\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - [2007/01/26 14:24:42 | 00,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
SRV - [2009/07/14 10:04:11 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/07/14 10:04:11 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/04/29 11:08:55 | 00,188,416 | ---- | M] (Canal+ Active) -- C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD [Auto | Running])
SRV - [2009/03/30 06:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/04/25 16:34:30 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/19 09:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2007/04/23 09:53:48 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
SRV - [2007/06/13 16:54:36 | 00,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
SRV - [2007/07/03 10:40:10 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
SRV - [2007/06/28 18:50:52 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
SRV - [2009/04/11 08:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/02/18 20:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/05/03 11:34:39 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009/02/18 20:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2009/01/24 15:46:50 | 00,216,232 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
SRV - [2006/11/24 12:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2009/02/18 20:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/02/26 20:16:22 | 00,267,824 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2008/12/03 22:12:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2007/01/23 15:48:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/01/26 16:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/01/19 09:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2007/09/14 14:32:46 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
SRV - [2008/01/19 09:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2007/05/17 02:46:50 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])

[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - [2006/11/02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2007/06/14 04:33:26 | 00,154,624 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV - [2006/11/02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/01/13 09:45:00 | 00,954,368 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\athr.sys -- (athr [On_Demand | Running])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/03/24 16:07:58 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 15:29:36 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - File not found -- -- (DritekPortIO [System | Running])
DRV - [2009/01/24 16:18:00 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
DRV - [2006/11/02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2007/05/16 14:47:44 | 00,032,256 | ---- | M] (ENE TECHNOLOGY INC.) -- C:\Windows\System32\DRIVERS\enecir.sys -- (enecir [On_Demand | Running])
DRV - [2009/02/06 19:08:52 | 00,055,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\fssfltr.sys -- (fssfltr [On_Demand | Stopped])
DRV - [2006/11/02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 09:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2007/05/17 02:46:36 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2007/05/17 02:46:20 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2006/11/02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/12/07 18:12:02 | 00,076,584 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
DRV - [2007/07/18 13:32:40 | 01,841,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2007/05/17 02:46:30 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2006/11/02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2007/07/26 04:10:41 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2007/11/18 04:39:50 | 01,040,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvmfdx32.sys -- (NVENETFD [On_Demand | Running])
DRV - [2008/12/03 22:12:00 | 07,606,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2006/11/02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2007/05/17 03:05:10 | 00,012,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvsmu.sys -- (nvsmu [On_Demand | Running])
DRV - [2006/11/02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2007/04/25 16:34:38 | 00,020,776 | ---- | M] (HiTRUST) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2007/04/25 16:34:44 | 00,016,680 | ---- | M] (HiTRUST) -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ [Boot | Running])
DRV - [2007/04/25 16:34:40 | 00,060,712 | ---- | M] (HiTRUST) -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk [Boot | Running])
DRV - [2006/11/02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2007/02/24 14:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/01/23 16:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/03/21 22:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/11/02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/08/13 14:54:22 | 01,749,376 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Stopped])
DRV - [2009/07/14 10:04:11 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2008/01/19 08:14:10 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\serscan.sys -- (StillCam [On_Demand | Running])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2006/11/02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2006/11/02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2007/05/17 02:46:26 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2007/05/17 02:46:50 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2006/11/02 16:51:58 | 00,013,560 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\S-1-5-21-3639106396-2503579296-284215476-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/03 09:04:33 | 00,000,000 | ---D | M]


O1 HOSTS File: (318326 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10918 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (BHO Barre de Confiance) - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll (Euro-Information)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Barre de confiance) - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll (Euro-Information)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-3639106396-2503579296-284215476-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Canal Widget] C:\Program Files\Canal\Canal Widget\Launcher.exe (Canal+)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe ()
O4 - HKLM..\Run: [LManager] C:\Programmes\Launch Manager\LManager.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKU\.DEFAULT..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3639106396-2503579296-284215476-1000..\Run: [Acer Tour Reminder] File not found
O4 - HKU\S-1-5-21-3639106396-2503579296-284215476-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3639106396-2503579296-284215476-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3639106396-2503579296-284215476-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\All Users\addr_file.html ()
O4 - Startup: C:\Users\All Users\Adobe [2008/10/18 21:37:21 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Avira [2009/05/15 22:38:11 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Bureau [2007/11/23 02:43:26 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\CyberLink [2008/01/05 18:08:47 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Desktop [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Documents [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\eMule [2008/09/28 19:59:25 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Favoris [2007/11/23 02:43:26 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Favorites [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\FloodLightGames [2008/01/30 21:14:08 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Google [2009/01/23 20:51:46 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\hpzinstall.log ()
O4 - Startup: C:\Users\All Users\IM [2007/12/02 15:14:23 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\IncrediMail [2007/12/02 15:13:22 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\ma-config.com [2009/02/21 18:13:27 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Malwarebytes [2009/01/28 19:47:44 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Microsoft [2008/12/18 22:43:18 | 00,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft [2008/12/18 22:43:18 | 00,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Modèles [2007/11/23 02:43:26 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Nero [2007/12/15 17:28:29 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NortonInstaller [2009/05/16 21:55:57 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\ntuser.pol ()
O4 - Startup: C:\Users\All Users\NVIDIA [2009/07/03 09:55:03 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\nvModes.001 ()
O4 - Startup: C:\Users\All Users\nvModes.dat ()
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\TEMP [2008/05/13 09:48:27 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Templates [2006/11/02 15:02:04 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\WindowsSearch [2008/03/31 19:33:37 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Winferno [2008/06/18 20:51:06 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WLInstaller [2008/09/10 21:36:22 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Xerox [2007/12/12 14:55:20 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\AppData [2006/11/02 13:18:34 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Desktop [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2007/11/23 02:43:26 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Links [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Modèles [2007/11/23 02:43:26 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\NetHood [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\Pictures [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\SendTo [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Templates [2006/11/02 15:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2006/11/02 12:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\Public\CyberLink [2008/08/17 21:57:02 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\Desktop [2009/06/26 10:40:06 | 00,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2008/02/15 10:27:08 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Downloads [2008/08/17 21:57:02 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2006/11/02 12:23:35 | 00,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Music [2008/08/17 21:57:02 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Pictures [2008/08/17 21:57:02 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Public\Videos [2008/12/05 11:28:46 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\steph\AppData [2007/11/23 02:44:11 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\steph\CA01.IDX ()
O4 - Startup: C:\Users\steph\CA02.IDX ()
O4 - Startup: C:\Users\steph\CA03.IDX ()
O4 - Startup: C:\Users\steph\CA04.IDX ()
O4 - Startup: C:\Users\steph\CA05.IDX ()
O4 - Startup: C:\Users\steph\CA06.IDX ()
O4 - Startup: C:\Users\steph\CA07.IDX ()
O4 - Startup: C:\Users\steph\CA08.IDX ()
O4 - Startup: C:\Users\steph\CA09.IDX ()
O4 - Startup: C:\Users\steph\CA0A.IDX ()
O4 - Startup: C:\Users\steph\CA0C.IDX ()
O4 - Startup: C:\Users\steph\CA0D.IDX ()
O4 - Startup: C:\Users\steph\CA0E.IDX ()
O4 - Startup: C:\Users\steph\CA0F.IDX ()
O4 - Startup: C:\Users\steph\CA10.IDX ()
O4 - Startup: C:\Users\steph\CA11.IDX ()
O4 - Startup: C:\Users\steph\CA12.IDX ()
O4 - Startup: C:\Users\steph\CA13.IDX ()
O4 - Startup: C:\Users\steph\CA14.IDX ()
O4 - Startup: C:\Users\steph\CA15.IDX ()
O4 - Startup: C:\Users\steph\CA16.IDX ()
O4 - Startup: C:\Users\steph\CA17.IDX ()
O4 - Startup: C:\Users\steph\CA18.IDX ()
O4 - Startup: C:\Users\steph\CA19.IDX ()
O4 - Startup: C:\Users\steph\CA1A.IDX ()
O4 - Startup: C:\Users\steph\CA1B.IDX ()
O4 - Startup: C:\Users\steph\CA1C.IDX ()
O4 - Startup: C:\Users\steph\CA1D.IDX ()
O4 - Startup: C:\Users\steph\CA1E.IDX ()
O4 - Startup: C:\Users\steph\CA1F.IDX ()
O4 - Startup: C:\Users\steph\CA20.IDX ()
O4 - Startup: C:\Users\steph\CA21.IDX ()
O4 - Startup: C:\Users\steph\CA22.IDX ()
O4 - Startup: C:\Users\steph\CA23.IDX ()
O4 - Startup: C:\Users\steph\CA24.IDX ()
O4 - Startup: C:\Users\steph\CA25.IDX ()
O4 - Startup: C:\Users\steph\CA26.IDX ()
O4 - Startup: C:\Users\steph\CA27.IDX ()
O4 - Startup: C:\Users\steph\CA28.IDX ()
O4 - Startup: C:\Users\steph\CA29.IDX ()
O4 - Startup: C:\Users\steph\CA2A.IDX ()
O4 - Startup: C:\Users\steph\CA2B.IDX ()
O4 - Startup: C:\Users\steph\CA2C.IDX ()
O4 - Startup: C:\Users\steph\CA2D.IDX ()
O4 - Startup: C:\Users\steph\CA2E.IDX ()
O4 - Startup: C:\Users\steph\CA2F.IDX ()
O4 - Startup: C:\Users\steph\CA30.IDX ()
O4 - Startup: C:\Users\steph\CA31.IDX ()
O4 - Startup: C:\Users\steph\CA32.IDX ()
O4 - Startup: C:\Users\steph\CA33.IDX ()
O4 - Startup: C:\Users\steph\CA34.IDX ()
O4 - Startup: C:\Users\steph\CA35.IDX ()
O4 - Startup: C:\Users\steph\CA36.IDX ()
O4 - Startup: C:\Users\steph\CA37.IDX ()
O4 - Startup: C:\Users\steph\CA38.IDX ()
O4 - Startup: C:\Users\steph\CA39.IDX ()
O4 - Startup: C:\Users\steph\CA3A.IDX ()
O4 - Startup: C:\Users\steph\CA3B.IDX ()
O4 - Startup: C:\Users\steph\CA3C.IDX ()
O4 - Startup: C:\Users\steph\CA3D.IDX ()
O4 - Startup: C:\Users\steph\CA3E.IDX ()
O4 - Startup: C:\Users\steph\CA3F.IDX ()
O4 - Startup: C:\Users\steph\CA40.IDX ()
O4 - Startup: C:\Users\steph\CA41.IDX ()
O4 - Startup: C:\Users\steph\CA42.IDX ()
O4 - Startup: C:\Users\steph\CA43.IDX ()
O4 - Startup: C:\Users\steph\CA44.IDX ()
O4 - Startup: C:\Users\steph\CA45.IDX ()
O4 - Startup: C:\Users\steph\CA46.IDX ()
O4 - Startup: C:\Users\steph\CA47.IDX ()
O4 - Startup: C:\Users\steph\CA48.IDX ()
O4 - Startup: C:\Users\steph\CA49.IDX ()
O4 - Startup: C:\Users\steph\CA4A.IDX ()
O4 - Startup: C:\Users\steph\CA4B.IDX ()
O4 - Startup: C:\Users\steph\CA4C.IDX ()
O4 - Startup: C:\Users\steph\CA4D.IDX ()
O4 - Startup: C:\Users\steph\CA4E.IDX ()
O4 - Startup: C:\Users\steph\CA4F.IDX ()
O4 - Startup: C:\Users\steph\CA50.IDX ()
O4 - Startup: C:\Users\steph\CA51.IDX ()
O4 - Startup: C:\Users\steph\CA52.IDX ()
O4 - Startup: C:\Users\steph\CA53.IDX ()
O4 - Startup: C:\Users\steph\CA54.IDX ()
O4 - Startup: C:\Users\steph\CA55.IDX ()
O4 - Startup: C:\Users\steph\CA56.IDX ()
O4 - Startup: C:\Users\steph\CA57.IDX ()
O4 - Startup: C:\Users\steph\CA58.IDX ()
O4 - Startup: C:\Users\steph\CA59.IDX ()
O4 - Startup: C:\Users\steph\CA5A.IDX ()
O4 - Startup: C:\Users\steph\CA5B.IDX ()
O4 - Startup: C:\Users\steph\CA5C.IDX ()
O4 - Startup: C:\Users\steph\CA5D.IDX ()
O4 - Startup: C:\Users\steph\CA5E.IDX ()
O4 - Startup: C:\Users\steph\CA5F.IDX ()
O4 - Startup: C:\Users\steph\CA60.IDX ()
O4 - Startup: C:\Users\steph\CA61.IDX ()
O4 - Startup: C:\Users\steph\CA62.IDX ()
O4 - Startup: C:\Users\steph\CA63.IDX ()
O4 - Startup: C:\Users\steph\CA64.IDX ()
O4 - Startup: C:\Users\steph\CA65.IDX ()
O4 - Startup: C:\Users\steph\CA66.IDX ()
O4 - Startup: C:\Users\steph\CA67.IDX ()
O4 - Startup: C:\Users\steph\CA68.IDX ()
O4 - Startup: C:\Users\steph\CA69.IDX ()
O4 - Startup: C:\Users\steph\CA6A.IDX ()
O4 - Startup: C:\Users\steph\CA6B.IDX ()
O4 - Startup: C:\Users\steph\CA6C.IDX ()
O4 - Startup: C:\Users\steph\CA6D.IDX ()
O4 - Startup: C:\Users\steph\CA6E.IDX ()
O4 - Startup: C:\Users\steph\CA6F.IDX ()
O4 - Startup: C:\Users\steph\CA70.IDX ()
O4 - Startup: C:\Users\steph\CA71.IDX ()
O4 - Startup: C:\Users\steph\CA72.IDX ()
O4 - Startup: C:\Users\steph\CA73.IDX ()
O4 - Startup: C:\Users\steph\CA74.IDX ()
O4 - Startup: C:\Users\steph\CA75.IDX ()
O4 - Startup: C:\Users\steph\CA76.IDX ()
O4 - Startup: C:\Users\steph\CA77.IDX ()
O4 - Startup: C:\Users\steph\CA78.IDX ()
O4 - Startup: C:\Users\steph\CA79.IDX ()
O4 - Startup: C:\Users\steph\CA7A.IDX ()
O4 - Startup: C:\Users\steph\CA7B.IDX ()
O4 - Startup: C:\Users\steph\CA7C.IDX ()
O4 - Startup: C:\Users\steph\CA7D.IDX ()
O4 - Startup: C:\Users\steph\CA7E.IDX ()
O4 - Startup: C:\Users\steph\CA7F.IDX ()
O4 - Startup: C:\Users\steph\CA80.IDX ()
O4 - Startup: C:\Users\steph\CA81.IDX ()
O4 - Startup: C:\Users\steph\CA82.IDX ()
O4 - Startup: C:\Users\steph\CA83.IDX ()
O4 - Startup: C:\Users\steph\CA84.IDX ()
O4 - Startup: C:\Users\steph\CA85.IDX ()
O4 - Startup: C:\Users\steph\CA86.IDX ()
O4 - Startup: C:\Users\steph\CA87.IDX ()
O4 - Startup: C:\Users\steph\CA88.IDX ()
O4 - Startup: C:\Users\steph\CA89.IDX ()
O4 - Startup: C:\Users\steph\CA8A.IDX ()
O4 - Startup: C:\Users\steph\CA8B.IDX ()
O4 - Startup: C:\Users\steph\CA8C.IDX ()
O4 - Startup: C:\Users\steph\CA8D.IDX ()
O4 - Startup: C:\Users\steph\CA8E.IDX ()
O4 - Startup: C:\Users\steph\CA8F.IDX ()
O4 - Startup: C:\Users\steph\CA90.IDX ()
O4 - Startup: C:\Users\steph\CA91.IDX ()
O4 - Startup: C:\Users\steph\CA92.IDX ()
O4 - Startup: C:\Users\steph\CA93.IDX ()
O4 - Startup: C:\Users\steph\CA94.IDX ()
O4 - Startup: C:\Users\steph\CA95.IDX ()
O4 - Startup: C:\Users\steph\CA96.IDX ()
O4 - Startup: C:\Users\steph\CA97.IDX ()
O4 - Startup: C:\Users\steph\CA98.IDX ()
O4 - Startup: C:\Users\steph\CA99.IDX ()
O4 - Startup: C:\Users\steph\CA9A.IDX ()
O4 - Startup: C:\Users\steph\CA9B.IDX ()
O4 - Startup: C:\Users\steph\CA9C.IDX ()
O4 - Startup: C:\Users\steph\CA9D.IDX ()
O4 - Startup: C:\Users\steph\CA9E.IDX ()
O4 - Startup: C:\Users\steph\CA9F.IDX ()
O4 - Startup: C:\Users\steph\CAA0.IDX ()
O4 - Startup: C:\Users\steph\CAA1.IDX ()
O4 - Startup: C:\Users\steph\CAA2.IDX ()
O4 - Startup: C:\Users\steph\CAA3.IDX ()
O4 - Startup: C:\Users\steph\CAA4.IDX ()
O4 - Startup: C:\Users\steph\CAA5.IDX ()
O4 - Startup: C:\Users\steph\CAA6.IDX ()
O4 - Startup: C:\Users\steph\CAA7.IDX ()
O4 - Startup: C:\Users\steph\CAA8.IDX ()
O4 - Startup: C:\Users\steph\CAA9.IDX ()
O4 - Startup: C:\Users\steph\CAAA.IDX ()
O4 - Startup: C:\Users\steph\CAAB.IDX ()
O4 - Startup: C:\Users\steph\CAAC.IDX ()
O4 - Startup: C:\Users\steph\CAAD.IDX ()
O4 - Startup: C:\Users\steph\CAAE.IDX ()
O4 - Startup: C:\Users\steph\CAAF.IDX ()
O4 - Startup: C:\Users\steph\CAB0.IDX ()
O4 - Startup: C:\Users\steph\CAB1.IDX ()
O4 - Startup: C:\Users\steph\CAB2.IDX ()
O4 - Startup: C:\Users\steph\CAB3.IDX ()
O4 - Startup: C:\Users\steph\CAB4.IDX ()
O4 - Startup: C:\Users\steph\CAB5.IDX ()
O4 - Startup: C:\Users\steph\CAB6.IDX ()
O4 - Startup: C:\Users\steph\CAB7.IDX ()
O4 - Startup: C:\Users\steph\CAB8.IDX ()
O4 - Startup: C:\Users\steph\CAB9.IDX ()
O4 - Startup: C:\Users\steph\CABA.IDX ()
O4 - Startup: C:\Users\steph\CABB.IDX ()
O4 - Startup: C:\Users\steph\CABC.IDX ()
O4 - Startup: C:\Users\steph\CABD.IDX ()
O4 - Startup: C:\Users\steph\CABE.IDX ()
O4 - Startup: C:\Users\steph\CABF.IDX ()
O4 - Startup: C:\Users\steph\CAC0.IDX ()
O4 - Startup: C:\Users\steph\CAC1.IDX ()
O4 - Startup: C:\Users\steph\CAC2.IDX ()
O4 - Startup: C:\Users\steph\CAC3.IDX ()
O4 - Startup: C:\Users\steph\CAC4.IDX ()
O4 - Startup: C:\Users\steph\CAC5.IDX ()
O4 - Startup: C:\Users\steph\CAC6.IDX ()
O4 - Startup: C:\Users\steph\CAC7.IDX ()
O4 - Startup: C:\Users\steph\CAC8.IDX ()
O4 - Startup: C:\Users\steph\CAC9.IDX ()
O4 - Startup: C:\Users\steph\CACA.IDX ()
O4 - Startup: C:\Users\steph\CACB.IDX ()
O4 - Startup: C:\Users\steph\CACC.IDX ()
O4 - Startup: C:\Users\steph\CACD.IDX ()
O4 - Startup: C:\Users\steph\CACE.IDX ()
O4 - Startup: C:\Users\steph\CACF.IDX ()
O4 - Startup: C:\Users\steph\CAD0.IDX ()
O4 - Startup: C:\Users\steph\CAD1.IDX ()
O4 - Startup: C:\Users\steph\CAD2.IDX ()
O4 - Startup: C:\Users\steph\CAD3.IDX ()
O4 - Startup: C:\Users\steph\CAD4.IDX ()
O4 - Startup: C:\Users\steph\CAD5.IDX ()
O4 - Startup: C:\Users\steph\CAD6.IDX ()
O4 - Startup: C:\Users\steph\CAD7.IDX ()
O4 - Startup: C:\Users\steph\CAD8.IDX ()
O4 - Startup: C:\Users\steph\CAD9.IDX ()
O4 - Startup: C:\Users\steph\CADA.IDX ()
O4 - Startup: C:\Users\steph\CADB.IDX ()
O4 - Startup: C:\Users\steph\CADC.IDX ()
O4 - Startup: C:\Users\steph\CADD.IDX ()
O4 - Startup: C:\Users\steph\CADE.IDX ()
O4 - Startup: C:\Users\steph\CADF.IDX ()
O4 - Startup: C:\Users\steph\CAE0.IDX ()
O4 - Startup: C:\Users\steph\CAE1.IDX ()
O4 - Startup: C:\Users\steph\CAE2.IDX ()
O4 - Startup: C:\Users\steph\CAE3.IDX ()
O4 - Startup: C:\Users\steph\CAE4.IDX ()
O4 - Startup: C:\Users\steph\CAE5.IDX ()
O4 - Startup: C:\Users\steph\CAE6.IDX ()
O4 - Startup: C:\Users\steph\CAE7.IDX ()
O4 - Startup: C:\Users\steph\CAE8.IDX ()
O4 - Startup: C:\Users\steph\CAE9.IDX ()
O4 - Startup: C:\Users\steph\CAEA.IDX ()
O4 - Startup: C:\Users\steph\CAEB.IDX ()
O4 - Startup: C:\Users\steph\CAEC.IDX ()
O4 - Startup: C:\Users\steph\CAED.IDX ()
O4 - Startup: C:\Users\steph\CAEE.IDX ()
O4 - Startup: C:\Users\steph\CAEF.IDX ()
O4 - Startup: C:\Users\steph\CAF0.IDX ()
O4 - Startup: C:\Users\steph\CAF1.IDX ()
O4 - Startup: C:\Users\steph\CAF2.IDX ()
O4 - Startup: C:\Users\steph\CAF3.IDX ()
O4 - Startup: C:\Users\steph\CAF4.IDX ()
O4 - Startup: C:\Users\steph\CAF5.IDX ()
O4 - Startup: C:\Users\steph\CAF6.IDX ()
O4 - Startup: C:\Users\steph\CAF7.IDX ()
O4 - Startup: C:\Users\steph\CAF8.IDX ()
O4 - Startup: C:\Users\steph\CAF9.IDX ()
O4 - Startup: C:\Users\steph\CAFA.IDX ()
O4 - Startup: C:\Users\steph\CAFB.IDX ()
O4 - Startup: C:\Users\steph\CAFC.IDX ()
O4 - Startup: C:\Users\steph\CAFD.IDX ()
O4 - Startup: C:\Users\steph\CAFE.IDX ()
O4 - Startup: C:\Users\steph\CAFF.IDX ()
O4 - Startup: C:\Users\steph\CAUC.IDX ()
O4 - Startup: C:\Users\steph\CDBIDXL.DAT ()
O4 - Startup: C:\Users\steph\CH00.IDX ()
O4 - Startup: C:\Users\steph\CH01.IDX ()
O4 - Startup: C:\Users\steph\CH02.IDX ()
O4 - Startup: C:\Users\steph\CH03.IDX ()
O4 - Startup: C:\Users\steph\CH04.IDX ()
O4 - Startup: C:\Users\steph\CH05.IDX ()
O4 - Startup: C:\Users\steph\CH06.IDX ()
O4 - Startup: C:\Users\steph\CH07.IDX ()
O4 - Startup: C:\Users\steph\CH08.IDX ()
O4 - Startup: C:\Users\steph\CH09.IDX ()
O4 - Startup: C:\Users\steph\CH0A.IDX ()
O4 - Startup: C:\Users\steph\CH0B.IDX ()
O4 - Startup: C:\Users\steph\CH0C.IDX ()
O4 - Startup: C:\Users\steph\CH0D.IDX ()
O4 - Startup: C:\Users\steph\CH0E.IDX ()
O4 - Startup: C:\Users\steph\CH0F.IDX ()
O4 - Startup: C:\Users\steph\CH10.IDX ()
O4 - Startup: C:\Users\steph\CH11.IDX ()
O4 - Startup: C:\Users\steph\CH12.IDX ()
O4 - Startup: C:\Users\steph\CH13.IDX ()
O4 - Startup: C:\Users\steph\CH14.IDX ()
O4 - Startup: C:\Users\steph\CH15.IDX ()
O4 - Startup: C:\Users\steph\CH16.IDX ()
O4 - Startup: C:\Users\steph\CH17.IDX ()
O4 - Startup: C:\Users\steph\CH18.IDX ()
O4 - Startup: C:\Users\steph\CH19.IDX ()
O4 - Startup: C:\Users\steph\CH1A.IDX ()
O4 - Startup: C:\Users\steph\CH1B.IDX ()
O4 - Startup: C:\Users\steph\CH1C.IDX ()
O4 - Startup: C:\Users\steph\CH1D.IDX ()
O4 - Startup: C:\Users\steph\CH1E.IDX ()
O4 - Startup: C:\Users\steph\CH1F.IDX ()
O4 - Startup: C:\Users\steph\CH20.IDX ()
O4 - Startup: C:\Users\steph\CH21.IDX ()
O4 - Startup: C:\Users\steph\CH22.IDX ()
O4 - Startup: C:\Users\steph\CH23.IDX ()
O4 - Startup: C:\Users\steph\CH24.IDX ()
O4 - Startup: C:\Users\steph\CH25.IDX ()
O4 - Startup: C:\Users\steph\CH26.IDX ()
O4 - Startup: C:\Users\steph\CH27.IDX ()
O4 - Startup: C:\Users\steph\CH28.IDX ()
O4 - Startup: C:\Users\steph\CH29.IDX ()
O4 - Startup: C:\Users\steph\CH2A.IDX ()
O4 - Startup: C:\Users\steph\CH2B.IDX ()
O4 - Startup: C:\Users\steph\CH2C.IDX ()
O4 - Startup: C:\Users\steph\CH2D.IDX ()
O4 - Startup: C:\Users\steph\CH2E.IDX ()
O4 - Startup: C:\Users\steph\CH2F.IDX ()
O4 - Startup: C:\Users\steph\CH30.IDX ()
O4 - Startup: C:\Users\steph\CH31.IDX ()
O4 - Startup: C:\Users\steph\CH32.IDX ()
O4 - Startup: C:\Users\steph\CH33.IDX ()
O4 - Startup: C:\Users\steph\CH34.IDX ()
O4 - Startup: C:\Users\steph\CH35.IDX ()
O4 - Startup: C:\Users\steph\CH36.IDX ()
O4 - Startup: C:\Users\steph\CH37.IDX ()
O4 - Startup: C:\Users\steph\CH38.IDX ()
O4 - Startup: C:\Users\steph\CH39.IDX ()
O4 - Startup: C:\Users\steph\CH3A.IDX ()
O4 - Startup: C:\Users\steph\CH3B.IDX ()
O4 - Startup: C:\Users\steph\CH3C.IDX ()
O4 - Startup: C:\Users\steph\CH3D.IDX ()
O4 - Startup: C:\Users\steph\CH3E.IDX ()
O4 - Startup: C:\Users\steph\CH3F.IDX ()
O4 - Startup: C:\Users\steph\CH40.IDX ()
O4 - Startup: C:\Users\steph\CH41.IDX ()
O4 - Startup: C:\Users\steph\CH42.IDX ()
O4 - Startup: C:\Users\steph\CH43.IDX ()
O4 - Startup: C:\Users\steph\CH44.IDX ()
O4 - Startup: C:\Users\steph\CH45.IDX ()
O4 - Startup: C:\Users\steph\CH46.IDX ()
O4 - Startup: C:\Users\steph\CH47.IDX ()
O4 - Startup: C:\Users\steph\CH48.IDX ()
O4 - Startup: C:\Users\steph\CH49.IDX ()
O4 - Startup: C:\Users\steph\CH4A.IDX ()
O4 - Startup: C:\Users\steph\CH4B.IDX ()
O4 - Startup: C:\Users\steph\CH4C.IDX ()
O4 - Startup: C:\Users\steph\CH4D.IDX ()
O4 - Startup: C:\Users\steph\CH4E.IDX ()
O4 - Startup: C:\Users\steph\CH4F.IDX ()
O4 - Startup: C:\Users\steph\CH50.IDX ()
O4 - Startup: C:\Users\steph\CH51.IDX ()
O4 - Startup: C:\Users\steph\CH52.IDX ()
O4 - Startup: C:\Users\steph\CH53.IDX ()
O4 - Startup: C:\Users\steph\CH54.IDX ()
O4 - Startup: C:\Users\steph\CH55.IDX ()
O4 - Startup: C:\Users\steph\CH56.IDX ()
O4 - Startup: C:\Users\steph\CH57.IDX ()
O4 - Startup: C:\Users\steph\CH58.IDX ()
O4 - Startup: C:\Users\steph\CH59.IDX ()
O4 - Startup: C:\Users\steph\CH5A.IDX ()
O4 - Startup: C:\Users\steph\CH5B.IDX ()
O4 - Startup: C:\Users\steph\CH5C.IDX ()
O4 - Startup: C:\Users\steph\CH5D.IDX ()
O4 - Startup: C:\Users\steph\CH5E.IDX ()
O4 - Startup: C:\Users\steph\CH5F.IDX ()
O4 - Startup: C:\Users\steph\CH60.IDX ()
O4 - Startup: C:\Users\steph\CH61.IDX ()
O4 - Startup: C:\Users\steph\CH62.IDX ()
O4 - Startup: C:\Users\steph\CH63.IDX ()
O4 - Startup: C:\Users\steph\CH64.IDX ()
O4 - Startup: C:\Users\steph\CH65.IDX ()
O4 - Startup: C:\Users\steph\CH66.IDX ()
O4 - Startup: C:\Users\steph\CH67.IDX ()
O4 - Startup: C:\Users\steph\CH68.IDX ()
O4 - Startup: C:\Users\steph\CH69.IDX ()
O4 - Startup: C:\Users\steph\CH6A.IDX ()
O4 - Startup: C:\Users\steph\CH6B.IDX ()
O4 - Startup: C:\Users\steph\CH6C.IDX ()
O4 - Startup: C:\Users\steph\CH6D.IDX ()
O4 - Startup: C:\Users\steph\CH6E.IDX ()
O4 - Startup: C:\Users\steph\CH6F.IDX ()
O4 - Startup: C:\Users\steph\CH70.IDX ()
O4 - Startup: C:\Users\steph\CH71.IDX ()
O4 - Startup: C:\Users\steph\CH72.IDX ()
O4 - Startup: C:\Users\steph\CH73.IDX ()
O4 - Startup: C:\Users\steph\CH74.IDX ()
O4 - Startup: C:\Users\steph\CH75.IDX ()
O4 - Startup: C:\Users\steph\CH76.IDX ()
O4 - Startup: C:\Users\steph\CH77.IDX ()
O4 - Startup: C:\Users\steph\CH78.IDX ()
O4 - Startup: C:\Users\steph\CH79.IDX ()
O4 - Startup: C:\Users\steph\CH7A.IDX ()
O4 - Startup: C:\Users\steph\CH7B.IDX ()
O4 - Startup: C:\Users\steph\CH7C.IDX ()
O4 - Startup: C:\Users\steph\CH7D.IDX ()
O4 - Startup: C:\Users\steph\CH7E.IDX ()
O4 - Startup: C:\Users\steph\CH7F.IDX ()
O4 - Startup: C:\Users\steph\CH80.IDX ()
O4 - Startup: C:\Users\steph\CH81.IDX ()
O4 - Startup: C:\Users\steph\CH82.IDX ()
O4 - Startup: C:\Users\steph\CH83.IDX ()
O4 - Startup: C:\Users\steph\CH84.IDX ()
O4 - Startup: C:\Users\steph\CH85.IDX ()
O4 - Startup: C:\Users\steph\CH86.IDX ()
O4 - Startup: C:\Users\steph\CH87.IDX ()
O4 - Startup: C:\Users\steph\CH88.IDX ()
O4 - Startup: C:\Users\steph\CH89.IDX ()
O4 - Startup: C:\Users\steph\CH8A.IDX ()
O4 - Startup: C:\Users\steph\CH8B.IDX ()
O4 - Startup: C:\Users\steph\CH8C.IDX ()
O4 - Startup: C:\Users\steph\CH8D.IDX ()
O4 - Startup: C:\Users\steph\CH8E.IDX ()
O4 - Startup: C:\Users\steph\CH8F.IDX ()
O4 - Startup: C:\Users\steph\CH90.IDX ()
O4 - Startup: C:\Users\steph\CH91.IDX ()
O4 - Startup: C:\Users\steph\CH92.IDX ()
O4 - Startup: C:\Users\steph\CH93.IDX ()
O4 - Startup: C:\Users\steph\CH94.IDX ()
O4 - Startup: C:\Users\steph\CH95.IDX ()
O4 - Startup: C:\Users\steph\CH96.IDX ()
O4 - Startup: C:\Users\steph\CH97.IDX ()
O4 - Startup: C:\Users\steph\CH98.IDX ()
O4 - Startup: C:\Users\steph\CH99.IDX ()
O4 - Startup: C:\Users\steph\CH9A.IDX ()
O4 - Startup: C:\Users\steph\CH9B.IDX ()
O4 - Startup: C:\Users\steph\CH9C.IDX ()
O4 - Startup: C:\Users\steph\CH9D.IDX ()
O4 - Startup: C:\Users\steph\CH9E.IDX ()
O4 - Startup: C:\Users\steph\CH9F.IDX ()
O4 - Startup: C:\Users\steph\CHA0.IDX ()
O4 - Startup: C:\Users\steph\CHA1.IDX ()
O4 - Startup: C:\Users\steph\CHA2.IDX ()
O4 - Startup: C:\Users\steph\CHA3.IDX ()
O4 - Startup: C:\Users\steph\CHA4.IDX ()
O4 - Startup: C:\Users\steph\CHA5.IDX ()
O4 - Startup: C:\Users\steph\CHA6.IDX ()
O4 - Startup: C:\Users\steph\CHA7.IDX ()
O4 - Startup: C:\Users\steph\CHA8.IDX ()
O4 - Startup: C:\Users\steph\CHA9.IDX ()
O4 - Startup: C:\Users\steph\CHAA.IDX ()
O4 - Startup: C:\Users\steph\CHAB.IDX ()
O4 - Startup: C:\Users\steph\CHAC.IDX ()
O4 - Startup: C:\Users\steph\CHAD.IDX ()
O4 - Startup: C:\Users\steph\CHAE.IDX ()
O4 - Startup: C:\Users\steph\CHAF.IDX ()
O4 - Startup: C:\Users\steph\CHB0.IDX ()
O4 - Startup: C:\Users\steph\CHB1.IDX ()
O4 - Startup: C:\Users\steph\CHB2.IDX ()
O4 - Startup: C:\Users\steph\CHB3.IDX ()
O4 - Startup: C:\Users\steph\CHB4.IDX ()
O4 - Startup: C:\Users\steph\CHB5.IDX ()
O4 - Startup: C:\Users\steph\CHB6.IDX ()
O4 - Startup: C:\Users\steph\CHB7.IDX ()
O4 - Startup: C:\Users\steph\CHB8.IDX ()
O4 - Startup: C:\Users\steph\CHB9.IDX ()
O4 - Startup: C:\Users\steph\CHBA.IDX ()
O4 - Startup: C:\Users\steph\CHBB.IDX ()
O4 - Startup: C:\Users\steph\CHBC.IDX ()
O4 - Startup: C:\Users\steph\CHBD.IDX ()
O4 - Startup: C:\Users\steph\CHBE.IDX ()
O4 - Startup: C:\Users\steph\CHBF.IDX ()
O4 - Startup: C:\Users\steph\CHC0.IDX ()
O4 - Startup: C:\Users\steph\CHC1.IDX ()
O4 - Startup: C:\Users\steph\CHC2.IDX ()
O4 - Startup: C:\Users\steph\CHC3.IDX ()
O4 - Startup: C:\Users\steph\CHC4.IDX ()
O4 - Startup: C:\Users\steph\CHC5.IDX ()
O4 - Startup: C:\Users\steph\CHC6.IDX ()
O4 - Startup: C:\Users\steph\CHC7.IDX ()
O4 - Startup: C:\Users\steph\CHC8.IDX ()
O4 - Startup: C:\Users\steph\CHC9.IDX ()
O4 - Startup: C:\Users\steph\CHCA.IDX ()
O4 - Startup: C:\Users\steph\CHCB.IDX ()
O4 - Startup: C:\Users\steph\CHCC.IDX ()
O4 - Startup: C:\Users\steph\CHCD.IDX ()
O4 - Startup: C:\Users\steph\CHCE.IDX ()
O4 - Startup: C:\Users\steph\CHCF.IDX ()
O4 - Startup: C:\Users\steph\CHD0.IDX ()
O4 - Startup: C:\Users\steph\CHD1.IDX ()
O4 - Startup: C:\Users\steph\CHD2.IDX ()
O4 - Startup: C:\Users\steph\CHD3.IDX ()
O4 - Startup: C:\Users\steph\CHD4.IDX ()
O4 - Startup: C:\Users\steph\CHD5.IDX ()
O4 - Startup: C:\Users\steph\CHD6.IDX ()
O4 - Startup: C:\Users\steph\CHD7.IDX ()
O4 - Startup: C:\Users\steph\CHD8.IDX ()
O4 - Startup: C:\Users\steph\CHD9.IDX ()
O4 - Startup: C:\Users\steph\CHDA.IDX ()
O4 - Startup: C:\Users\steph\CHDB.IDX ()
O4 - Startup: C:\Users\steph\CHDC.IDX ()
O4 - Startup: C:\Users\steph\CHDD.IDX ()
O4 - Startup: C:\Users\steph\CHDE.IDX ()
O4 - Startup: C:\Users\steph\CHDF.IDX ()
O4 - Startup: C:\Users\steph\CHE0.IDX ()
O4 - Startup: C:\Users\steph\CHE1.IDX ()
O4 - Startup: C:\Users\steph\CHE2.IDX ()
O4 - Startup: C:\Users\steph\CHE3.IDX ()
O4 - Startup: C:\Users\steph\CHE4.IDX ()
O4 - Startup: C:\Users\steph\CHE5.IDX ()
O4 - Startup: C:\Users\steph\CHE6.I
0
Réponse 14 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
il manque la fin du rapport
0
POUFPOUF50
 
OTL Extras logfile created on: 19/07/2009 22:17:10 - Run 1
OTL by OldTimer - Version 3.0.9.2 Folder = C:\Users\steph\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,75 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 45,79% Memory free
3,74 Gb Paging File | 2,21 Gb Available in Paging File | 58,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,14 Gb Total Space | 7,08 Gb Free Space | 13,84% Space Free | Partition Type: NTFS
Drive D: | 50,89 Gb Total Space | 50,80 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-STEPH
Current User Name: steph
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F901398-FE1D-4117-B0F5-5B0E390A04E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3A84D10D-CAC3-432B-9951-32D8900D5165}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{480FF9F1-BA3C-42EA-980F-C3087D26030F}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{48AA2AAE-CA4F-40F8-938B-239AAB7A9A02}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5AEBC5DF-2938-4B57-9F3F-877A92FD9DAF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5D40997F-8834-4CF1-8BFF-E8DE847EBE5B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{88E04C11-05C9-40FC-8054-D3AF5B67EFB6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8A0E632D-A96C-4C4D-AC78-4F6AE722E467}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{920E224C-7CBC-4FE8-85F4-5F79B764B59B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{998C8625-4315-45E9-AE6E-709ADA3F86C9}" = lport=58264 | protocol=6 | dir=in | name=emule |
"{9E3B638F-7B33-41DA-AB69-BDC7E0628131}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B73EB445-2FE1-46F0-827D-9F8E7DF8E0E4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9DEC206-72A5-446D-AF24-E9C1DBE6F44B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9611EB6-C558-4FA7-BAC7-6169C9451013}" = lport=64461 | protocol=17 | dir=in | name=emule |
"{F297FD00-6160-4DC2-AE81-31CF1A4B4E7D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FFC5BD38-513B-4ED4-8664-6C12D6B3DD96}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FFD609F4-EB60-4A14-8D5D-AF6FB303E40E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E268C5-9380-4833-99CA-A5B620843891}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{13B1F321-C910-4C64-AFF1-79E868F071FC}" = protocol=6 | dir=in | app=c:\windows\system32\esentutl.exe |
"{14F0C614-786A-400D-980A-EAAAA621B767}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{17D72A1D-A154-4775-997A-03C6CBE1BAAF}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{247B6933-6F1E-45F6-95FF-EB91CBB7648C}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{292EDCCA-ED5F-4D0C-A9BB-1F52D61DFDD1}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{2C596CFC-61F9-4190-9D38-9BE95842EDE8}" = protocol=6 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe |
"{3363671C-B6BC-4EEE-B1B8-F6BE7B971223}" = protocol=17 | dir=in | app=c:\program files\incredimail\bin\incmail.exe |
"{35D2AEC6-A82E-4931-A39B-12B4BF0A4376}" = protocol=17 | dir=in | app=c:\program files\incredimail\bin\imapp.exe |
"{3F8375A7-31E8-40F0-AB98-21EE32933873}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{46491BFE-6BF7-4CD8-8866-D570EB002CB2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59DE5281-D76E-4158-8705-CF329C4E4652}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{5B8A61E7-A297-4725-86E2-940DDAD57A48}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5E889158-D886-43C1-8F63-0987F24F0B46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{608C6663-0835-461F-B22D-3D0879B46B29}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{645B9187-6707-4F0F-AF63-4FFB37BD11FE}" = protocol=6 | dir=in | app=c:\program files\incredimail\bin\incmail.exe |
"{6AA3A426-D020-46EA-BFC3-FB0737C14AA6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6CCE7888-8D44-4B0A-8CF7-C40FB05482D7}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{8053A5B2-2311-4D87-920E-DFFF8B684DFB}" = protocol=17 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe |
"{92CD6768-7FAE-4481-AD57-DFFAAE7DE474}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{93281FB6-49C2-468D-8173-DD2332137305}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{97DBCA3A-A83E-43C3-8CEC-1CC29F4170DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E0D40A9-7B44-4ABE-8210-89936698A067}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{A5777DA1-76B4-4E05-9499-128C10BD9849}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7D1E023-1656-4ACE-B933-42BF1916E4E8}" = protocol=17 | dir=in | app=c:\program files\neuf\media center\httpd\httpd.exe |
"{A893CE72-C203-402E-B91D-836A6864304E}" = protocol=6 | dir=in | app=c:\program files\incredimail\bin\imapp.exe |
"{B199D913-3E86-4D32-9D71-B6E72375CD80}" = protocol=6 | dir=in | app=c:\program files\neuf\media center\httpd\httpd.exe |
"{B7FE95E4-1DFA-4FAB-B105-2448341C993C}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{BE692FC3-4C06-46FA-A0C8-13EAE395D3AF}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{C0B4CECA-9415-4C07-B5D9-AFA36EF6EFCA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C5B6C70D-F8B6-461C-B464-733B45AD7492}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C65B0CFD-D277-4C74-BB3B-50A605A73447}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{C86DBA55-A3E3-4F9D-96E7-A08610EB6934}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{C960E441-3975-4028-A50C-18CA505C600C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA39E248-87BB-4948-B151-705EE4CF4916}" = protocol=17 | dir=in | app=c:\windows\system32\esentutl.exe |
"{D0C53868-B8D5-4104-9FC7-87E88E82D714}" = protocol=6 | dir=in | app=c:\program files\incredimail\bin\impcnt.exe |
"{D19899B2-654B-4624-B533-9AEBC1492A65}" = protocol=6 | dir=in | app=c:\users\steph\appdata\local\temp\7zs8f53.tmp\symnrt.exe |
"{D9DE4E5D-1EEF-4378-ABAE-03C8E2EC240C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DC825813-DA2F-49C3-A218-E49B435F3B2C}" = protocol=17 | dir=in | app=c:\users\steph\appdata\local\temp\7zs8f53.tmp\symnrt.exe |
"{DF131AD4-D695-4451-9DFD-5C3ECEE36716}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFBD1E24-320E-4D2D-B257-97FC57388CBA}" = protocol=6 | dir=out | app=system |
"{E6EB5E40-028E-4DB0-B923-8A02517EA3A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0671C1C-B704-479C-AA26-576A321B1E44}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F3263AF7-41AF-4500-8317-E8AC8392AE65}" = protocol=17 | dir=in | app=c:\program files\incredimail\bin\impcnt.exe |
"{F7A679BF-C16A-4787-A12A-305E67C7580C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F7BE5145-CFB9-4EF6-B59F-1DE503F9CE8D}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{FC9B6290-5116-4D2A-8B0E-63C590B209F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{15AA3A57-0DDF-429A-B7B6-459CAA6CB457}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{577807AF-BF75-4966-9C2D-734AD86D2E65}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{59134D4A-24DA-489C-A47E-FB99C35275DD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C3FBE654-F1EA-4DA2-837A-485B872D3C93}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{CB446A3F-9F87-4D4A-8466-858E8A2A8370}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{EF66358E-D233-4B82-B907-80D697DD5E80}C:\program files\ea games\medal of honor batailles du pacifique(tm)\mohpa.exe" = protocol=6 | dir=in | app=c:\program files\ea games\medal of honor batailles du pacifique(tm)\mohpa.exe |
"UDP Query User{1EE9FCF2-90B3-4CE9-B7DC-DB35ADE24F70}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{2143814B-702C-41F0-BC0D-0E23B661938B}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{360F94B6-E4E1-4BAC-85D8-348B52972C68}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{76E55CCB-B9E5-43AE-AEB3-6F75C8BA46E9}C:\program files\ea games\medal of honor batailles du pacifique(tm)\mohpa.exe" = protocol=17 | dir=in | app=c:\program files\ea games\medal of honor batailles du pacifique(tm)\mohpa.exe |
"UDP Query User{7A6DF0C4-45F6-4DC7-995A-7BDF15F8E069}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{AC4D40CE-91B6-4C6E-A1AC-02E8E74863CA}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{09B6B322-325F-4A5F-9051-830ED194A1A7}" = CANAL WIDGET
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{81B5F83F-2291-48B0-8375-36B63A9BF5B0}" = Surligneur (Windows Live Toolbar)
"{81CD6232-10F5-4832-B3DA-1B88B1571036}" = Nero 7 Essentials
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}" = Ma-Config.com
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D6A2DDE3-9D7C-412C-932A-756580D29919}" = Windows Live Contrôle parental
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}" = VirginMega.Fr Premium
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"Clean Virus MSN_is1" = Clean Virus MSN
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"eMule" = eMule
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"LManager" = Launch Manager
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSN Pictures Displayer" = MSN Pictures Displayer 4.6
"Neuf_Kit" = Neuf - Kit de connexion
"NVIDIA Drivers" = NVIDIA Drivers
"SFR_Media Center" = SFR - Media Center
"TAPBar" = Barre de confiance CM-CIC
"TRUST MI-2500X OPTICAL MOUSE" = TRUST MI-2500X OPTICAL MOUSE
"VLC media player" = VideoLAN VLC media player 0.8.6c
"WinLiveSuite_Wave3" = Installation Windows Live

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 18/07/2009 11:28:09 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 11:28:09 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 14:07:04 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:09:55 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:15:53 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:20:46 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:24:35 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:54:06 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:54:07 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

Error - 18/07/2009 17:54:37 | Computer Name = PC-de-steph | Source = Windows Search Service | ID = 3013
Description =

[ Canal+ Events ]
Error - 29/01/2009 10:41:08 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 29/01/2009 10:41:10 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 29/01/2009 10:47:04 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 29/01/2009 10:47:05 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 30/01/2009 04:01:52 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 30/01/2009 04:01:54 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 30/01/2009 17:17:16 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 30/01/2009 17:17:17 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 30/01/2009 17:31:50 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 30/01/2009 17:31:51 | Computer Name = PC-de-steph | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

[ Media Center Events ]
Error - 03/01/2008 07:44:59 | Computer Name = PC-de-steph | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

Error - 18/04/2008 02:40:22 | Computer Name = PC-de-steph | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

[ System Events ]
Error - 19/07/2009 15:04:48 | Computer Name = PC-de-steph | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.20 pour la carte réseau dont l'adresse
réseau est 001DD90F8F49 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci
a envoyé un message DHCPNACK).

Error - 19/07/2009 15:05:53 | Computer Name = PC-de-steph | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.2.17 pour la carte réseau dont l'adresse
réseau est 001DD90F8F49 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci
a envoyé un message DHCPNACK).

Error - 19/07/2009 15:12:47 | Computer Name = PC-de-steph | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.20 pour la carte réseau dont l'adresse
réseau est 001DD90F8F49 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci
a envoyé un message DHCPNACK).

Error - 19/07/2009 15:12:53 | Computer Name = PC-de-steph | Source = Service Control Manager | ID = 7000
Description =

Error - 19/07/2009 15:12:53 | Computer Name = PC-de-steph | Source = Service Control Manager | ID = 7003
Description =

Error - 19/07/2009 15:14:06 | Computer Name = PC-de-steph | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.2.17 pour la carte réseau dont l'adresse
réseau est 001DD90F8F49 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci
a envoyé un message DHCPNACK).

Error - 19/07/2009 15:37:38 | Computer Name = PC-de-steph | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.20 pour la carte réseau dont l'adresse
réseau est 001DD90F8F49 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci
a envoyé un message DHCPNACK).

Error - 19/07/2009 15:37:48 | Computer Name = PC-de-steph | Source = Service Control Manager | ID = 7000
Description =

Error - 19/07/2009 15:37:48 | Computer Name = PC-de-steph | Source = Service Control Manager | ID = 7003
Description =

Error - 19/07/2009 15:39:30 | Computer Name = PC-de-steph | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.2.18 pour la carte réseau dont l'adresse
réseau est 001DD90F8F49 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci
a envoyé un message DHCPNACK).


< End of report >
0
Réponse 15 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
fait ceci : deja :

Fais un scan en ligne Kaspersky :

• Désactive ton antivirus
• Fais un scan en ligne ici https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
• Clique sur "Kaspersky Online Scanner Cliquez-ici"
• Lis le texte d'information, puis clique sur « J'accepte »
• Si une fenêtre te demande t'exécuter un programme, accepte
• Une fois la mise à jour téléchargée, choisis "Poste de travail" pour le scan.
• A la fin de l'analyse, clique sur « Enregistrer rapport » et poste le dans ta prochaine réponse.

Tutoriel illustré : http://www.commentcamarche.net/faq/sujet 17751 scanner en ligne avec kaspersky



puis

* Télécharge Malwarebytes
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
* Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum


* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
0
Réponse 16 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
salut

vu

fait le poste 17 au dessus
0
Réponse 17 / 40
poufpouf50 Messages postés 52 Statut Membre
 
re bonjour ..desoler d avoir été aussi longue a reponde ,mais mon pc petes les plombs en ce moment ..bref ..alors jai fais le scan de Kaspersky il na détecter aucune menace..jai pas reussi a avoir le rapport suis vraiment blonde .. mais en attendant je t envoi celui de Malwarebytes..
0
Réponse 18 / 40
poufpouf50 Messages postés 52 Statut Membre
 
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2478
Windows 6.0.6002 Service Pack 2

22/07/2009 17:04:19
mbam-log-2009-07-22 (17-04-19).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 186224
Temps écoulé: 48 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 19 / 40
poufpouf50 Messages postés 52 Statut Membre
 
voila ..donc comme tu peux voir y a pas d infection ..donc j attend ta réponse ..a bientot
0
Réponse 20 / 40
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
salut

tu as encore ton probleme avec ton centre de securité ?

qu'oi d'autre comme probleme ?

arrive tu as faire ceci : clic droit sur ce lien chosiit enregistré la cible sous tu choisit comme emplacement ton BUREAu tu nomme le POUF puis suit les indication :

http://images.malwareremoval.com/random/RSIT.exe

• Double clique sur POUF.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

si sa marche pas redemarre ton PC au bip tapote F8 et choisit mode sans echec et réessaye de le lancer puis tu enregistre le rapport LOG.txt et le poste ici
0

Discussions similaires

Sécurité de l'URL
ghaouar -
fiddy -

2 réponses
comment lire un message masqué????
linx33 -
linx33 -

6 réponses
La nouvelle messagerie du Boncoin....
Utilisateur anonyme -
Madabatro -

69 réponses
processus inactif du systeme
edsurf64 -
mick8 -

29 réponses