Virus vbs
jcb2nl
Messages postés
122
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Les joies de la clé USB : je l ai utilisée sur une autre machine infectée et la voila pourrie avec un virus qui me signale, chaque ois que je double clique dessus depuis le poste de travail, que le fichier msxxx.vbs est absent. le xxx change suivant les supports, et la machine (elles sont en réseau wifi)
si l antivirus détecte bien de temps en temps le pbm, il semble peiner à la résoudre (un portable a antivir, l autre avast).
je suis preneur d une solution ou d un outil de nettoyage si qq un en connait un
merci
Les joies de la clé USB : je l ai utilisée sur une autre machine infectée et la voila pourrie avec un virus qui me signale, chaque ois que je double clique dessus depuis le poste de travail, que le fichier msxxx.vbs est absent. le xxx change suivant les supports, et la machine (elles sont en réseau wifi)
si l antivirus détecte bien de temps en temps le pbm, il semble peiner à la résoudre (un portable a antivir, l autre avast).
je suis preneur d une solution ou d un outil de nettoyage si qq un en connait un
merci
A voir également:
- Virus vbs
- Vbs windows - Accueil - Optimisation
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
24 réponses
Salut,
Télécharge RavAntivirus d’Evosla :
= = = = >>> En cliquant ici <<< = = = =
* Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
* Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
* Clique droit sur RAV.exe puis sélectionne « Exécuter en tant qu’administrateur <gras>» afin de lancer l’outil.
* Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
* Si infection > un log s’établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
* Retire tes disques amovibles et redémarrez votre ordinateur.
* Poste le rapport, si infection!
****************
Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =
* Clique droit sur <gras>RSIT.exe puis « Exécuter en tant qu’administrateur ». pour le lancer.
* Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence.
* Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt (c’est celui qui apparaît à l’écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Télécharge RavAntivirus d’Evosla :
= = = = >>> En cliquant ici <<< = = = =
* Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
* Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
* Clique droit sur RAV.exe puis sélectionne « Exécuter en tant qu’administrateur <gras>» afin de lancer l’outil.
* Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
* Si infection > un log s’établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
* Retire tes disques amovibles et redémarrez votre ordinateur.
* Poste le rapport, si infection!
****************
Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =
* Clique droit sur <gras>RSIT.exe puis « Exécuter en tant qu’administrateur ». pour le lancer.
* Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence.
* Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt (c’est celui qui apparaît à l’écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
bonjour,
rav a scanné une nuit les disques c, d et deux clés usb : la barre de défilement n a pas cessé de fonctionner, mais depuis le lancement du scan, il affiche l 'ordinateur comme sain. j ai donc stoppé le scan après 12h ; j espère que la réponse est probante
je poste maintenant le log de rsit : (il doit y avoir du gros nettoyage au passage à faire)
info.txt logfile of random's system information tool 1.05 2009-03-15 21:35:49
======Uninstall list======
-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7087A5CE-60AB-4C14-A4D9-5F1AAA699E97}\SETUP.EXE" -l0x40c -uninst -f"C:\Program Files\Micro Application\Super Dactylo\Uninst.isu" -c"C:\Program Files\Micro Application\Super Dactylo\Uninst.dll"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eDataSecurity Management 2.0.3081-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer eLock Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\Setup.exe" -l0x40c
Acer eSettings Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}
Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
Adobe Shockwave Player-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Agere Systems HDA Modem-->agrsmdel
Alt-Tab Thingy™ v3.3.0-->"C:\Program Files\Alt-Tab Thingy v3\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Converter 5.6-->"C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Bonjour-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{34A65DB7-81B4-49A8-B5CE-DCE6785BC019} /l1036
Buyertools Reminder-->"C:\Program Files\Buyertools Reminder\Uninstall.exe" "C:\Program Files\Buyertools Reminder\install.log" -u
Calculette 2.1-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Calculette\Calculette 2.1\DeIsL1.isu" -c"C:\Program Files\Calculette\Calculette 2.1\_ISREG32.DLL"
CANAL WIDGET-->MsiExec.exe /X{09B6B322-325F-4A5F-9051-830ED194A1A7}
Canon EOS Kiss REBEL 300D Pilote WIA -->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{31A57C3E-30DD-421F-B5C7-974DACB0D05F}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cimaware OfficeFIX 6-->C:\Program Files\Cimaware\OfficeFix6\uninst.exe
Code 128 Versions : App. 2.0.0 Func. 1.1.0 Font 1.30-->"C:\Program Files\code128\uninstall.exe"
Comic Life-->MsiExec.exe /X{A0FC458F-AA6E-430A-B91C-1D6640B4B149}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Dimensions géométriques-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\geometrie\ST5UNST.LOG"
DxO Optics Pro 4.0-->C:\Program Files\DxO Labs\DxO Optics Pro v4\uninst.exe
DxO Optics Pro import plugin-->"C:\Program Files\DxO Labs\DxO Optics Pro import plugin\unins000.exe"
e-COMO-->"C:\Program Files\ColiPoste\eCOMO\uninstall.exe"
eMule-->"C:\Documents and Settings\JC\Bureau\JEUX LOUNA\eMule\Uninstall.exe"
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\epupdate.exe /r
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EpsonNet WinAssist V4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{573241D0-3C9B-421F-B4BF-9801AD410943}\SETUP.EXE"
FinePrint-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpinst5.exe /uninstall
FireTune-->C:\WINDOWS\iun6002.exe "C:\Program Files\FireTune\irunin.ini"
Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Gentibus CD 1.48-->"C:\Program Files\Gentibus CD\unins000.exe"
getPlus(R)_dll-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
getPlus(R)_ocx-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
GoldWave v5.25-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log"
HandyConnect4-->C:\Program Files\Microsoft ActiveSync\HandyConnect4\Uninstall.exe HandyConnect4
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
HP Officejet Pro Série K550-->C:\Program Files\HP\Digital Imaging\{0295D351-AC0A-489b-A342-D9001AFE6B03}\setup\hpzscr01.exe -datfile hpwscr03.dat -forcereboot
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
IZArc 3.6-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Naturels-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\naturel\ST5UNST.LOG"
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Livre Album Fuji Photo-->"C:\Program Files\Livre Album Fuji Photo\unins000.exe"
Logiciel Acer OrbiCam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76AC1AEB-1167-4ABC-8861-4E58392A5B7F}\setup.exe" -l0x40c
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
MesNews-->"C:\Program Files\MesNews\unins000.exe"
Micro Application - Super Dactylo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7087A5CE-60AB-4C14-A4D9-5F1AAA699E97}\SETUP.EXE" -l0x40c -uninst
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Small Business-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
monAlbumPhoto-->"C:\Program Files\monAlbumPhoto\unins000.exe"
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Multiplication Facts-->C:\WINDOWS\st6unst.exe -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\mult\ST6UNST.LOG"
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
Nero 7 Premium-->MsiExec.exe /I{38E0C491-5230-4373-B62E-F1A6E94B1036}
NODouble-->C:\Program Files\NODouble\uninstall.exe
NTI Backup NOW! 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PDFTOEXCEL-->"C:\Program Files\Blue Label Soft\PDF to Excel 2.4\unins000.exe"
Photomatix Pro version 3.0.3RC2-->"C:\Program Files\PhotomatixPro3\unins000.exe"
Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PoiEdit-->C:\PROGRA~1\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~1\DNOTES~1\POIEDI~1\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Product Key Explorer 2.1.3-->"C:\Program Files\Nsasoft\ProductKeyExplorer\unins000.exe"
Programme de gestion Acer OrbiCam-->"C:\Program Files\Fichiers communs\Acer\OrbiCam\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c
Quick Menu Builder 1.2-->"C:\Program Files\Mattgo27 Apps\Quick Menu Builder\uninstall.exe"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Resco Sudoku-->C:\WINDOWS\RSetupCE.exe -uninstC:\Program Files\Resco\Sudoku\_Install.log
Résolution de problèmes (c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\pro\)-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\pro\ST5UNST.LOG"
Résolution de problèmes-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\ST5UNST.LOG"
Roku Shell Extension-->MsiExec.exe /I{69FB5387-2B23-41D2-B80C-4FBA6E6F22B4}
RokuRadioSnooper v2.10.06-->"C:\Program Files\Roku Radio Snooper\unins000.exe"
SA30xx Media Converter-->C:\Program Files\InstallShield Installation Information\{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}\setup.exe -runfromtemp -l0x040c -removeonly
Screenscapes-->C:\WINDOWS\IsUninst.exe -fC:\Sierra\Scapes\Uninst.isu
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SierraHome Print Artist 8-->C:\WINDOWS\IsUn040c.exe -f"C:\Sierra\Print Artist 8\Uninst.isu" -c"C:\Sierra\Print Artist 8\Uninstpa.DLL"
Snowed In 6-->C:\Program Files\Microsoft ActiveSync\Snowed In 6\Uninstall.exe Snowed In 6
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPER © Version 2007.bld.23 (July 4, 2007)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FF6F491D-BC82-4DCC-A72F-1824957C6466} /l1036
Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
VirtualDub 1.6.9 Fr-->C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe
VisualDivX-->C:\Program Files\VisualDivX\Uninstall.exe
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WellPhone DirectSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEC7E01-B73C-451D-A366-96978AFD233B}\setup.exe" UNINSTALL
WellPhone-->"C:\Program Files\SmartCom\WellPhone\UnInst32.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Connect-->msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Connect-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XnView 1.95.4-->"C:\Program Files\XnView\unins000.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Avira AntiVir PersonalEdition Classic
System event log
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24655
Source Name: Disk
Time Written: 20090123131919.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24654
Source Name: Disk
Time Written: 20090123131919.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24653
Source Name: Disk
Time Written: 20090123131918.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24652
Source Name: Disk
Time Written: 20090123131918.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24651
Source Name: Disk
Time Written: 20090123131917.000000+060
Event Type: erreur
User:
Application event log
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35474
Source Name: AcerMemUsageCheckService
Time Written: 20090304142629.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35473
Source Name: AcerMemUsageCheckService
Time Written: 20090304142619.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35472
Source Name: AcerMemUsageCheckService
Time Written: 20090304142559.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35471
Source Name: AcerMemUsageCheckService
Time Written: 20090304142548.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35470
Source Name: AcerMemUsageCheckService
Time Written: 20090304142529.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0e08
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
merci de ton aide
rav a scanné une nuit les disques c, d et deux clés usb : la barre de défilement n a pas cessé de fonctionner, mais depuis le lancement du scan, il affiche l 'ordinateur comme sain. j ai donc stoppé le scan après 12h ; j espère que la réponse est probante
je poste maintenant le log de rsit : (il doit y avoir du gros nettoyage au passage à faire)
info.txt logfile of random's system information tool 1.05 2009-03-15 21:35:49
======Uninstall list======
-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7087A5CE-60AB-4C14-A4D9-5F1AAA699E97}\SETUP.EXE" -l0x40c -uninst -f"C:\Program Files\Micro Application\Super Dactylo\Uninst.isu" -c"C:\Program Files\Micro Application\Super Dactylo\Uninst.dll"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eDataSecurity Management 2.0.3081-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer eLock Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\Setup.exe" -l0x40c
Acer eSettings Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}
Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
Adobe Shockwave Player-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Agere Systems HDA Modem-->agrsmdel
Alt-Tab Thingy™ v3.3.0-->"C:\Program Files\Alt-Tab Thingy v3\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Converter 5.6-->"C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Bonjour-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{34A65DB7-81B4-49A8-B5CE-DCE6785BC019} /l1036
Buyertools Reminder-->"C:\Program Files\Buyertools Reminder\Uninstall.exe" "C:\Program Files\Buyertools Reminder\install.log" -u
Calculette 2.1-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Calculette\Calculette 2.1\DeIsL1.isu" -c"C:\Program Files\Calculette\Calculette 2.1\_ISREG32.DLL"
CANAL WIDGET-->MsiExec.exe /X{09B6B322-325F-4A5F-9051-830ED194A1A7}
Canon EOS Kiss REBEL 300D Pilote WIA -->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{31A57C3E-30DD-421F-B5C7-974DACB0D05F}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cimaware OfficeFIX 6-->C:\Program Files\Cimaware\OfficeFix6\uninst.exe
Code 128 Versions : App. 2.0.0 Func. 1.1.0 Font 1.30-->"C:\Program Files\code128\uninstall.exe"
Comic Life-->MsiExec.exe /X{A0FC458F-AA6E-430A-B91C-1D6640B4B149}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Dimensions géométriques-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\geometrie\ST5UNST.LOG"
DxO Optics Pro 4.0-->C:\Program Files\DxO Labs\DxO Optics Pro v4\uninst.exe
DxO Optics Pro import plugin-->"C:\Program Files\DxO Labs\DxO Optics Pro import plugin\unins000.exe"
e-COMO-->"C:\Program Files\ColiPoste\eCOMO\uninstall.exe"
eMule-->"C:\Documents and Settings\JC\Bureau\JEUX LOUNA\eMule\Uninstall.exe"
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\epupdate.exe /r
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EpsonNet WinAssist V4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{573241D0-3C9B-421F-B4BF-9801AD410943}\SETUP.EXE"
FinePrint-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpinst5.exe /uninstall
FireTune-->C:\WINDOWS\iun6002.exe "C:\Program Files\FireTune\irunin.ini"
Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Gentibus CD 1.48-->"C:\Program Files\Gentibus CD\unins000.exe"
getPlus(R)_dll-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
getPlus(R)_ocx-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
GoldWave v5.25-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log"
HandyConnect4-->C:\Program Files\Microsoft ActiveSync\HandyConnect4\Uninstall.exe HandyConnect4
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
HP Officejet Pro Série K550-->C:\Program Files\HP\Digital Imaging\{0295D351-AC0A-489b-A342-D9001AFE6B03}\setup\hpzscr01.exe -datfile hpwscr03.dat -forcereboot
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
IZArc 3.6-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Naturels-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\naturel\ST5UNST.LOG"
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Livre Album Fuji Photo-->"C:\Program Files\Livre Album Fuji Photo\unins000.exe"
Logiciel Acer OrbiCam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76AC1AEB-1167-4ABC-8861-4E58392A5B7F}\setup.exe" -l0x40c
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
MesNews-->"C:\Program Files\MesNews\unins000.exe"
Micro Application - Super Dactylo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7087A5CE-60AB-4C14-A4D9-5F1AAA699E97}\SETUP.EXE" -l0x40c -uninst
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Small Business-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
monAlbumPhoto-->"C:\Program Files\monAlbumPhoto\unins000.exe"
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Multiplication Facts-->C:\WINDOWS\st6unst.exe -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\mult\ST6UNST.LOG"
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
Nero 7 Premium-->MsiExec.exe /I{38E0C491-5230-4373-B62E-F1A6E94B1036}
NODouble-->C:\Program Files\NODouble\uninstall.exe
NTI Backup NOW! 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PDFTOEXCEL-->"C:\Program Files\Blue Label Soft\PDF to Excel 2.4\unins000.exe"
Photomatix Pro version 3.0.3RC2-->"C:\Program Files\PhotomatixPro3\unins000.exe"
Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PoiEdit-->C:\PROGRA~1\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~1\DNOTES~1\POIEDI~1\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Product Key Explorer 2.1.3-->"C:\Program Files\Nsasoft\ProductKeyExplorer\unins000.exe"
Programme de gestion Acer OrbiCam-->"C:\Program Files\Fichiers communs\Acer\OrbiCam\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c
Quick Menu Builder 1.2-->"C:\Program Files\Mattgo27 Apps\Quick Menu Builder\uninstall.exe"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Resco Sudoku-->C:\WINDOWS\RSetupCE.exe -uninstC:\Program Files\Resco\Sudoku\_Install.log
Résolution de problèmes (c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\pro\)-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\jeux\pro\ST5UNST.LOG"
Résolution de problèmes-->C:\WINDOWS\ST5UNST.EXE -n "c:\Documents and Settings\JC\Bureau\lacaune cole\ST5UNST.LOG"
Roku Shell Extension-->MsiExec.exe /I{69FB5387-2B23-41D2-B80C-4FBA6E6F22B4}
RokuRadioSnooper v2.10.06-->"C:\Program Files\Roku Radio Snooper\unins000.exe"
SA30xx Media Converter-->C:\Program Files\InstallShield Installation Information\{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}\setup.exe -runfromtemp -l0x040c -removeonly
Screenscapes-->C:\WINDOWS\IsUninst.exe -fC:\Sierra\Scapes\Uninst.isu
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SierraHome Print Artist 8-->C:\WINDOWS\IsUn040c.exe -f"C:\Sierra\Print Artist 8\Uninst.isu" -c"C:\Sierra\Print Artist 8\Uninstpa.DLL"
Snowed In 6-->C:\Program Files\Microsoft ActiveSync\Snowed In 6\Uninstall.exe Snowed In 6
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPER © Version 2007.bld.23 (July 4, 2007)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FF6F491D-BC82-4DCC-A72F-1824957C6466} /l1036
Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
VirtualDub 1.6.9 Fr-->C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe
VisualDivX-->C:\Program Files\VisualDivX\Uninstall.exe
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WellPhone DirectSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEC7E01-B73C-451D-A366-96978AFD233B}\setup.exe" UNINSTALL
WellPhone-->"C:\Program Files\SmartCom\WellPhone\UnInst32.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Connect-->msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Connect-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XnView 1.95.4-->"C:\Program Files\XnView\unins000.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Avira AntiVir PersonalEdition Classic
System event log
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24655
Source Name: Disk
Time Written: 20090123131919.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24654
Source Name: Disk
Time Written: 20090123131919.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24653
Source Name: Disk
Time Written: 20090123131918.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24652
Source Name: Disk
Time Written: 20090123131918.000000+060
Event Type: erreur
User:
Computer Name: ACER
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\D.
Record Number: 24651
Source Name: Disk
Time Written: 20090123131917.000000+060
Event Type: erreur
User:
Application event log
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35474
Source Name: AcerMemUsageCheckService
Time Written: 20090304142629.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35473
Source Name: AcerMemUsageCheckService
Time Written: 20090304142619.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35472
Source Name: AcerMemUsageCheckService
Time Written: 20090304142559.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35471
Source Name: AcerMemUsageCheckService
Time Written: 20090304142548.000000+060
Event Type: Informations
User:
Computer Name: ACER
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 35470
Source Name: AcerMemUsageCheckService
Time Written: 20090304142529.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0e08
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
merci de ton aide
oups je n ai pas copié le bon !
le voici donc :
Logfile of random's system information tool 1.05 (written by random/random)
Run by JC at 2009-03-15 21:35:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 8 GB (15%) free of 54 GB
Total RAM: 2038 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:35:41, on 15/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\Alt-Tab Thingy v3\attmain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Buyertools Reminder\Reminder.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\JC\Bureau\rav.exe
C:\Documents and Settings\JC\Bureau\RSIT.exe
C:\Program Files\trend micro\JC.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [Alt-Tab Thingy] "C:\Program Files\Alt-Tab Thingy v3\attmain.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radc\rad419.vbs
O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad17E.vbs
O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radC9C.vbs
O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad712.vbs
O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBDF.vbs
O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\rad969.vbs
O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBE5.vbs
O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad2\rad016.vbs
O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad19B.vbs
O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad729.vbs
O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad47A.vbs
O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\radE4F.vbs
O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad96F.vbs
O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radFDF.vbs
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Red Swoosh] C:\Program Files\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Roku - Mark Heaton - C:\Program Files\RokuNSE\Roku.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
le voici donc :
Logfile of random's system information tool 1.05 (written by random/random)
Run by JC at 2009-03-15 21:35:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 8 GB (15%) free of 54 GB
Total RAM: 2038 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:35:41, on 15/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\Alt-Tab Thingy v3\attmain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Buyertools Reminder\Reminder.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\JC\Bureau\rav.exe
C:\Documents and Settings\JC\Bureau\RSIT.exe
C:\Program Files\trend micro\JC.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [Alt-Tab Thingy] "C:\Program Files\Alt-Tab Thingy v3\attmain.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radc\rad419.vbs
O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad17E.vbs
O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radC9C.vbs
O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad712.vbs
O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBDF.vbs
O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\rad969.vbs
O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBE5.vbs
O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad2\rad016.vbs
O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad19B.vbs
O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad729.vbs
O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad47A.vbs
O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\radE4F.vbs
O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad96F.vbs
O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radFDF.vbs
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Red Swoosh] C:\Program Files\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Roku - Mark Heaton - C:\Program Files\RokuNSE\Roku.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Connais tu / as-tu installé ceci ??
Roku
Buyertools
Firefly Media Server
RsSoft
Et c'est quoi ton lecteur H ?
-------------------------------------------
Analyse ces fichiers :
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
Sur le site de virustotal :
https://www.virustotal.com/gui/
Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.
Poste les rapports.
-----------------------------------------
Télécharges ToolBar S&D ( de Eric_71 )
= = = = >>> En cliquant ici <<< = = = =
/!\ Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation /!\
* Double-cliques sur l’exécutable pour lancer l’outil
* Une fois fait, tape F pour sélectionner le Français
* Choisis l’option 1 (Recherche) et tape sur Entrée.
* Une fois le scan finit, un rapport va apparaître au format .txt.
* Copie-colle l’intégralité de son contenu dans ta prochaine réponse ...
Note :
Le rapport est sauvegardé ici : C:\TB.txt
Tuto si besoin ICI
Roku
Buyertools
Firefly Media Server
RsSoft
Et c'est quoi ton lecteur H ?
-------------------------------------------
Analyse ces fichiers :
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
Sur le site de virustotal :
https://www.virustotal.com/gui/
Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.
Poste les rapports.
-----------------------------------------
Télécharges ToolBar S&D ( de Eric_71 )
= = = = >>> En cliquant ici <<< = = = =
/!\ Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation /!\
* Double-cliques sur l’exécutable pour lancer l’outil
* Une fois fait, tape F pour sélectionner le Français
* Choisis l’option 1 (Recherche) et tape sur Entrée.
* Une fois le scan finit, un rapport va apparaître au format .txt.
* Copie-colle l’intégralité de son contenu dans ta prochaine réponse ...
Note :
Le rapport est sauvegardé ici : C:\TB.txt
Tuto si besoin ICI
d'abord le log de tb
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL1
USER : JC ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:7 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:51 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 16/03/2009|19:55 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
C:\DOCUME~1\JC\APPLIC~1\Search Settings
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14315.log
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14316.log
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14317.log
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\temp
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JC\Local Settings\Temp\WGA_Windows_Genuine_Advantage_Tool_Crack_23.03.2007_Working_With.3645533.TPB.torrent
1 - "C:\ToolBar SD\TB_1.txt" - 16/03/2009|19:56 - Option : [1]
-----------\\ Fin du rapport a 19:56:51,20
Ensuite, les fichiers à scanner avec virustotal ont disparu : j ai cherche sur le disque c des fichiers vbs avec un nom proche, rien
Enfin les 4 fichiers dont tu me parles sont des appli installées (ou retirée il me semble pour firefly)
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL1
USER : JC ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:7 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:51 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 16/03/2009|19:55 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
C:\DOCUME~1\JC\APPLIC~1\Search Settings
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14315.log
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14316.log
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14317.log
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\temp
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\WINDOWS\iun6002.exe
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JC\Local Settings\Temp\WGA_Windows_Genuine_Advantage_Tool_Crack_23.03.2007_Working_With.3645533.TPB.torrent
1 - "C:\ToolBar SD\TB_1.txt" - 16/03/2009|19:56 - Option : [1]
-----------\\ Fin du rapport a 19:56:51,20
Ensuite, les fichiers à scanner avec virustotal ont disparu : j ai cherche sur le disque c des fichiers vbs avec un nom proche, rien
Enfin les 4 fichiers dont tu me parles sont des appli installées (ou retirée il me semble pour firefly)
=> Quel est ton lecteur H ?
Nettoyage avec ToolBar S&D :
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* Relance Toolbar-S&D en cliquant droit sur le raccourci et en sélectionnant « Exécuter en tant qu’administrateur</gras ».
* Tape <gras>l’option 2 (Nettoyage) puis tapes sur Entrée.
Notes :
=>Ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : postes l’intégralité de son contenu dans ta prochaine réponse
accompagné d’un nouveau rapport Hijackthis pour analyse ...
******************
Télécharge Dirlook.
= = = = =>>> En cliquant ici <<<= = = =
Enregistre le fichier sur ton bureau.
- Double-clique sur DirLook.exe pour lance l'outil.
- Vérifie que les deux cases situées derrière "Show hidden files/folders:" et "BBCode Output:" soient cochées.
=> Copie le texte ci-dessous :
C:\Program Files\Internet Explorer\Connection Wizard
- Dans la petite fenêtre de DirLook, faire un clic droit dans la zone blanche et choisir Coller.
Note : Les lignes sélectionnées précédemment doivent avoir été recopiées dans la zone blanche de DirLook.
- Clique sur le bouton DirLook pour lancer la recherche.
Lorsque l'outil a terminé cette recherche, le Bloc-notes s'ouvre.
Note : Dans le Bloc-notes, vérifie dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
- Enregistre le rapport sous le nom DirLook1.txt et ferme le Bloc-notes.
- Ferme DirLook en cliquant sur le bouton Exit puis poste le rapport.
Nettoyage avec ToolBar S&D :
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* Relance Toolbar-S&D en cliquant droit sur le raccourci et en sélectionnant « Exécuter en tant qu’administrateur</gras ».
* Tape <gras>l’option 2 (Nettoyage) puis tapes sur Entrée.
Notes :
=>Ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : postes l’intégralité de son contenu dans ta prochaine réponse
accompagné d’un nouveau rapport Hijackthis pour analyse ...
******************
Télécharge Dirlook.
= = = = =>>> En cliquant ici <<<= = = =
Enregistre le fichier sur ton bureau.
- Double-clique sur DirLook.exe pour lance l'outil.
- Vérifie que les deux cases situées derrière "Show hidden files/folders:" et "BBCode Output:" soient cochées.
=> Copie le texte ci-dessous :
C:\Program Files\Internet Explorer\Connection Wizard
- Dans la petite fenêtre de DirLook, faire un clic droit dans la zone blanche et choisir Coller.
Note : Les lignes sélectionnées précédemment doivent avoir été recopiées dans la zone blanche de DirLook.
- Clique sur le bouton DirLook pour lancer la recherche.
Lorsque l'outil a terminé cette recherche, le Bloc-notes s'ouvre.
Note : Dans le Bloc-notes, vérifie dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.
- Enregistre le rapport sous le nom DirLook1.txt et ferme le Bloc-notes.
- Ferme DirLook en cliquant sur le bouton Exit puis poste le rapport.
le H est une clé usb, depuis déconnectée
avec toolbar, après avoir généré le log, un message d erreur : create filemapingerror et fileview error
voici le rapport en question
-----------\\ ToolBar S&D 1.2.8 XP/Vista
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 16/03/2009|21:13 )
-----------\\ SUPPRESSION
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
Echec ! - C:\Program Files\Search Settings\kb127
Echec ! - C:\Program Files\Search Settings\SearchSettings.exe
Echec ! - C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
Supprime! - C:\WINDOWS\iun6002.exe
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings
Echec ! - C:\Program Files\Search Settings
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
Echec ! - C:\Program Files\Search Settings\kb127
Echec ! - C:\Program Files\Search Settings\SearchSettings.exe
Echec ! - C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings
Echec ! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\JC\APPLIC~1\Search Settings
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JC\Local Settings\Temp\WGA_Windows_Genuine_Advantage_Tool_Crack_23.03.2007_Working_With.3645533.TPB.torrent
1 - "C:\ToolBar SD\TB_1.txt" - 16/03/2009|19:56 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 16/03/2009|21:15 - Option : [2]
-----------\\ Fin du rapport a 21:15:30,07
ensuite le rapport dirlook
DirLook.exe v2.0 by jpshortstuff
Log created at 21:18 on 16/03/2009
==================================[b]
Contents of "C:\Program Files\Internet Explorer\Connection Wizard"
/b
[b][color=blue]---FOLDERS---/b/color
[b]icwconn1/b (Created on 13/03/2009 at 17:56) d-----
[b][color=blue]---FILES---/b/color
[b]icwconn.dll/b (61440 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwconn1.exe/b (218624 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]icwconn2.exe/b (86016 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]icwdl.dll/b (32768 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwhelp.dll/b (176128 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwip.dun/b (352 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwres.dll/b (65536 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwrmind.exe/b (24576 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]icwtutor.exe/b (73728 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwutil.dll/b (49152 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwx25a.dun/b (566 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwx25b.dun/b (617 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwx25c.dun/b (566 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]inetwiz.exe/b (20480 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]isignup.exe/b (16384 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]msicw.isp/b (158 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]msn.isp/b (197 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]phone.icw/b (2921 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]phone.ver/b (19 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]state.icw/b (851 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]support.icw/b (132 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]trialoc.dll/b (40960 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
==================================
[b][color=blue]=EOF=/b/color
avec toolbar, après avoir généré le log, un message d erreur : create filemapingerror et fileview error
voici le rapport en question
-----------\\ ToolBar S&D 1.2.8 XP/Vista
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 16/03/2009|21:13 )
-----------\\ SUPPRESSION
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
Echec ! - C:\Program Files\Search Settings\kb127
Echec ! - C:\Program Files\Search Settings\SearchSettings.exe
Echec ! - C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
Supprime! - C:\WINDOWS\iun6002.exe
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings
Echec ! - C:\Program Files\Search Settings
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
Echec ! - C:\Program Files\Search Settings\kb127
Echec ! - C:\Program Files\Search Settings\SearchSettings.exe
Echec ! - C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
Echec ! - C:\DOCUME~1\JC\APPLIC~1\Search Settings
Echec ! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\JC\APPLIC~1\Search Settings
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JC\Local Settings\Temp\WGA_Windows_Genuine_Advantage_Tool_Crack_23.03.2007_Working_With.3645533.TPB.torrent
1 - "C:\ToolBar SD\TB_1.txt" - 16/03/2009|19:56 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 16/03/2009|21:15 - Option : [2]
-----------\\ Fin du rapport a 21:15:30,07
ensuite le rapport dirlook
DirLook.exe v2.0 by jpshortstuff
Log created at 21:18 on 16/03/2009
==================================[b]
Contents of "C:\Program Files\Internet Explorer\Connection Wizard"
/b
[b][color=blue]---FOLDERS---/b/color
[b]icwconn1/b (Created on 13/03/2009 at 17:56) d-----
[b][color=blue]---FILES---/b/color
[b]icwconn.dll/b (61440 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwconn1.exe/b (218624 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]icwconn2.exe/b (86016 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]icwdl.dll/b (32768 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwhelp.dll/b (176128 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwip.dun/b (352 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwres.dll/b (65536 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwrmind.exe/b (24576 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]icwtutor.exe/b (73728 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwutil.dll/b (49152 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:33) --a---
[b]icwx25a.dun/b (566 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwx25b.dun/b (617 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]icwx25c.dun/b (566 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]inetwiz.exe/b (20480 bytes - created on 10/08/2004 at 04:00, modified on 14/04/2008 at 03:34) --a---
[b]isignup.exe/b (16384 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]msicw.isp/b (158 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]msn.isp/b (197 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]phone.icw/b (2921 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]phone.ver/b (19 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]state.icw/b (851 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]support.icw/b (132 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
[b]trialoc.dll/b (40960 bytes - created on 10/08/2004 at 04:00, modified on 10/08/2004 at 04:00) --a---
==================================
[b][color=blue]=EOF=/b/color
Je te donne un peu de travail :
Analyse ces fichiers :
C:\Program Files\Internet Explorer\Connection Wizard\icwconn.dll
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
C:\Program Files\Internet Explorer\Connection Wizard\icwx25b.dun
C:\Program Files\Internet Explorer\Connection Wizard\phone.icw
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe
Sur le site de virustotal :
https://www.virustotal.com/gui/
Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.
Poste les rapports en indiquant bien à chaque fois de quel fichier il s'agit.
Analyse ces fichiers :
C:\Program Files\Internet Explorer\Connection Wizard\icwconn.dll
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
C:\Program Files\Internet Explorer\Connection Wizard\icwx25b.dun
C:\Program Files\Internet Explorer\Connection Wizard\phone.icw
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe
Sur le site de virustotal :
https://www.virustotal.com/gui/
Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.
Poste les rapports en indiquant bien à chaque fois de quel fichier il s'agit.
rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwconn.dll
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 61440 bytes
MD5...: 56cbd039c78ebd6609ba8b84ea8da6f5
SHA1..: ff7deaf54e06c5c4d9c46f99ecac3f146f8baa11
SHA256: 114058263d6893c0e63be5dd4057c9ccad1c27bc7e176c7a44d2583c0bf523e9
SHA512: 3228d114c6e8f1257e5e62469dc31ebdfed0c30cae03b0f5533efacc541f4907
caf0ca0c442536421b81b0c8293b914d698d790bb7b7aea99bf5555307250e6c
ssdeep: 768:W2GCoea/dokcBegD8Mbi7ZQvCJC42ZYknW4j/W4wqHZuE:CCIKfBeE8aiiv+
1Y7yYZn
PEiD..: -
TrID..: File type identification
DirectShow filter (77.7%)
Win32 Executable MS Visual C++ (generic) (14.5%)
Win32 Executable Generic (3.2%)
Win32 Dynamic Link Library (generic) (2.9%)
Generic Win/DOS Executable (0.7%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xa6ec
timedatestamp.....: 0x4802c208 (Mon Apr 14 02:31:36 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xa640 0xb000 6.16 a4940b9d2c8ecc36b0e3f9f92e2e8586
.data 0xc000 0xa04 0x1000 0.66 ecaf7b060da7f884ca14c105c961c02c
.rsrc 0xd000 0x3f0 0x1000 1.08 0597f601c3fb65e87e2f7fc15bc5a777
.reloc 0xe000 0xc62 0x1000 5.36 18e18763302f492701bbfdc046893770
( 10 imports )
> msvcrt.dll: __2@YAPAXI@Z, free, _adjust_fdiv, _initterm, wcschr, _vsnwprintf, _itow, _strcmpi, malloc, __3@YAXPAX@Z
> KERNEL32.dll: lstrcmpW, LocalFree, FormatMessageW, GetCurrentDirectoryW, GetUserDefaultLCID, lstrcatW, GetLocalTime, ResetEvent, DeleteFileW, GlobalFree, WriteFile, CreateFileW, GetFileAttributesW, ReadFile, CopyFileW, GetTempFileNameW, GetTempPathW, GetTickCount, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, LoadLibraryA, GlobalAlloc, GetProcAddress, GetCurrentThreadId, MultiByteToWideChar, SetEvent, MulDiv, CloseHandle, lstrcpyW, InterlockedDecrement, InterlockedIncrement, LoadLibraryW, FreeLibrary, CreateEventW, lstrlenW
> USER32.dll: DispatchMessageW, TranslateMessage, MsgWaitForMultipleObjects, UnhookWindowsHookEx, MessageBoxW, SetWindowsHookExW, LoadIconW, GetSystemMetrics, DestroyIcon, SetWindowTextW, MoveWindow, MapWindowPoints, GetWindowRect, MapDialogRect, GetWindowTextW, SetDlgItemTextW, SetFocus, GetDlgItemTextW, CreateDialogParamW, IsWindowVisible, UpdateWindow, EnableWindow, CheckDlgButton, SetTimer, EndDialog, KillTimer, SetActiveWindow, DialogBoxParamW, PeekMessageW, CallNextHookEx, ShowWindow, GetWindowLongW, SetWindowLongW, GetParent, PostMessageW, GetDlgItem, SetWindowPos, SetCursor, LoadCursorW, DefWindowProcW, GetSysColorBrush, GetDC, ReleaseDC, LoadStringW, wsprintfW, GetClientRect, CreateWindowExW, SendMessageW, LoadAcceleratorsW, FillRect
> GDI32.dll: CreateCompatibleDC, GetStockObject, SetBkMode, SetTextColor, SelectObject, BitBlt, DeleteDC, DeleteObject, GetObjectW, GetDeviceCaps, StretchBlt, CreateFontIndirectW
> COMCTL32.dll: ImageList_Create, ImageList_ReplaceIcon, CreatePropertySheetPageW, DestroyPropertySheetPage, InitCommonControlsEx, ImageList_Destroy
> SHELL32.dll: SHGetMalloc, SHGetSpecialFolderLocation, SHGetPathFromIDListW
> ole32.dll: CoCreateInstance, StgCreateDocfile
> OLEAUT32.dll: -
> AVIFIL32.dll: AVIFileRelease, AVIFileInit, AVIFileOpenW, AVIFileInfoW, AVIFileExit
> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegCloseKey
( 5 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, GetICWCONNVersion
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 218624 bytes
MD5...: b9080d5587fc70b2ae2c3da016f88c1b
SHA1..: d402b80e4e1d8221258c61302c3a47a43fe61c11
SHA256: 3c3bf8f3aff439467e503a55ecdd37fc97d62c3925dce548989b4e5e3cd205fc
SHA512: 422abb93dfbfc00a53fba26d7eba140de695179792bfc59b3b66e5b92e7a4d75
6018237447c6a2336b67944da146b6aa37b916ea9d3f2ee8e58df349f18b7920
ssdeep: 1536:iD6vhT7lKlDau2flaLoRMtrXC2gyYy5cTTdPIIM0YeaYuUsRtMRpKyH:iD2
hT7lKb2fldRMtyyYyOTAsLpKM
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x6fac
timedatestamp.....: 0x48025187 (Sun Apr 13 18:31:35 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf13a 0xf200 6.25 14de7f6522ed864c5ea2b39ba594067b
.data 0x11000 0x292c 0x1400 0.44 d25692caa8a8a8cf2d759cfa30028425
.rsrc 0x14000 0x24ac0 0x24c00 4.56 b8addebbc610fecc4fb7cef64695ce93
( 9 imports )
> msvcrt.dll: swscanf, free, malloc, _vsnwprintf, _except_handler3, _wmakepath, _wsplitpath, __3@YAXPAX@Z, memmove, _wtoi, __2@YAPAXI@Z, setlocale
> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, RegCreateKeyW, RegCreateKeyExW, RegSetValueExW, RegOpenKeyExW, RegQueryValueW, RegDeleteValueW, RegQueryValueExW, RegOpenKeyW, RegCloseKey
> KERNEL32.dll: GetLastError, GetModuleHandleW, CloseHandle, CreateFileW, GetFileAttributesW, lstrlenW, GetProcAddress, GlobalAlloc, CreateProcessW, LoadLibraryW, SetLastError, GetModuleFileNameW, OutputDebugStringA, GetPrivateProfileIntW, SetCurrentDirectoryW, GetWindowsDirectoryW, GetCurrentDirectoryW, LocalFree, LocalAlloc, LoadLibraryA, FreeLibrary, RemoveDirectoryW, FindClose, FindNextFileW, DeleteFileW, SetFileAttributesW, FindFirstFileW, GlobalFree, SetErrorMode, GetCommandLineW, ExitProcess, CreateFileMappingW, InterlockedIncrement, InterlockedDecrement, FormatMessageW, MulDiv, GetCurrentProcess, GetVersionExW, TerminateProcess, GetExitCodeThread, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetModuleHandleA, GetSystemDirectoryW, lstrcatW, SearchPathW, GetPrivateProfileStringW, lstrcmpiW, lstrcpyW, lstrcpynW
> GDI32.dll: GetDeviceCaps, StretchBlt, BitBlt, SetTextColor, SetBkColor, GetTextMetricsW, SetMapMode, GetMapMode, CreateBitmap, DPtoLP, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, DeleteDC, GetStockObject, SetBkMode, DeleteObject, GetObjectW, CreateFontIndirectW
> USER32.dll: GetClassInfoW, SendMessageW, CallWindowProcW, SetWindowLongW, MessageBoxW, wsprintfW, LoadStringW, TranslateAcceleratorW, GetWindowLongW, DispatchMessageW, TranslateMessage, DestroyWindow, GetMessageW, DialogBoxParamW, GetSysColor, GetDlgItem, MoveWindow, GetSystemMetrics, GetWindowRect, CheckRadioButton, EndDialog, IsDlgButtonChecked, GetDlgCtrlID, GetDC, WaitMessage, PeekMessageW, LoadStringA, LoadImageW, LoadAcceleratorsW, ReleaseDC, SetMessageQueue, BringWindowToTop, SetForegroundWindow, GetLastActivePopup, FindWindowW, PostMessageW, ShowWindow, GetParent, CharNextW, CharPrevW, SetWindowTextW, SetWindowPos, EnableWindow, MsgWaitForMultipleObjects, CheckDlgButton, GetWindowTextW, DefWindowProcW, FillRect, GetClientRect, GetSysColorBrush, LoadCursorW, SetCursor, ExitWindowsEx, SendDlgItemMessageW, UpdateWindow, MapWindowPoints, InvalidateRect, IsRectEmpty, GetUpdateRect, IsWindowVisible, EnumThreadWindows, GetFocus, SetFocus, IsWindowEnabled, GetWindow, EnumChildWindows, RegisterClassExW, CreateWindowExW, CreateDialogParamW, GetDesktopWindow, MessageBeep, IsChild, GetNextDlgTabItem, LoadIconW, PostQuitMessage, DrawFocusRect, InflateRect, OffsetRect, CopyRect, DrawTextW, RedrawWindow, EndPaint, DrawEdge, BeginPaint, DrawIcon, RegisterClassW, UnregisterClassW
> SHELL32.dll: SHGetPathFromIDListW, SHGetMalloc, ShellExecuteW, SHGetSpecialFolderLocation
> ole32.dll: CoUninitialize, CoCreateInstance, CoInitialize
> OLEAUT32.dll: -
> SHLWAPI.dll: PathIsFileSpecW, PathIsURLW
( 0 exports )
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwx25b.dun
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 617 bytes
MD5...: 779a172db0088470ad8c66c9d8136ed4
SHA1..: fb21bb11792b3e68d36bbc7ca923aa1be8d92c6b
SHA256: 4080b596083f2071ecd0f094cbdfd29b2344f8fe362ad20e67ff2f233bb777fd
SHA512: 674bc66eed0c0f1aefd14b6c8e7a246261a51674cd9e187bff501096bd6d2ca2
1d45a8aeef946c67220c8593516dff2de402a01ea331cc766900b9728361068d
ssdeep: 12:ZRmLj8CWBuJBJf8gPQaOW4o6a1NSC/+JJ6UpU42iAvkAxHx/vkH29lCdHFG:L
mLj8d4JBJfCap4oJ//mHPAsA+29lCFQ
PEiD..: -
TrID..: File type identification
Generic INI configuration (100.0%)
PEInfo: -
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\phone.icw
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 2921 bytes
MD5...: 78ee68e61bf9afe6a1096558fec1d79b
SHA1..: fb1e721bc682a2cff5a693ce318359005befc8de
SHA256: fa0c00d72529f524e6cef9237c564f43e08f71d12ac56d1dad755a80e43d9d79
SHA512: eceaa0605ca86e709b24b71e86e69e5b7616508d54097f02a6b6edda524b4f09
48ce4971f31449987556f0d9100889a4b17b94be142e40d850fbceb99f30fc91
ssdeep: 24:IRGUJXa+hQLd/i+coaRN65NHJ+EQ+u+CPmX5ayb+wm+//7+UX+USZ+UWkKJx0
tZX:+XEIcoU51lCZdOgz+JqAo
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 73728 bytes
MD5...: 44b50968b3f3c695cad05e04fb43d6e1
SHA1..: 1e9068828d9cd35a26e36512d288e7dcc0fda34b
SHA256: 45d83cb484b29ff7240558d828c8dac3efa388d23dc914b89257ffcf6ad9ce62
SHA512: 6fef9b6a7878f899118e58b837ad1cd332272798ea4361a83c27aa5e5fc8d0dc
277e9789c6bdd6a72b70e793196a545e32170f743d861628e155457ec861bd94
ssdeep: 1536:HgkD6WVUs4GuXRvhcQiZHIEv+Ff4jYFLdz7hCwHI+c:HgMWphvhcQqv+Ff4
jIL7Cwon
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2eb0
timedatestamp.....: 0x3b7d8344 (Fri Aug 17 20:49:08 2001)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x7ed6 0x8000 6.57 91c2b89de07f2ac712d22e0d7d25770a
.data 0x9000 0x10d8 0x1000 1.54 83eac1e741839dbe93ca9efcd5705dfe
.rsrc 0xb000 0x728c 0x8000 7.25 482480a4a6c0a8d0f872f12a08f7906e
( 4 imports )
> KERNEL32.dll: MultiByteToWideChar, lstrcatA, GetModuleFileNameA, GetFileAttributesA, lstrcpynA, lstrlenA, lstrcpyA, FreeLibrary, GetProcAddress, LoadLibraryW, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersionExA, ExitProcess, WriteFile, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetLastError, GetEnvironmentStringsW, SetHandleCount, GetFileType, DeleteCriticalSection, TlsFree, SetLastError, GetCurrentThreadId, TlsSetValue, TlsGetValue, TlsAlloc, HeapDestroy, HeapCreate, VirtualFree, HeapFree, GetCPInfo, LeaveCriticalSection, EnterCriticalSection, HeapAlloc, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, GetStringTypeA, GetStringTypeW, LoadLibraryA, GetACP, GetOEMCP, InitializeCriticalSection, VirtualAlloc, HeapReAlloc, VirtualProtect, GetSystemInfo, VirtualQuery, LCMapStringA, LCMapStringW, RtlUnwind, GetLocaleInfoW
> ole32.dll: CoTaskMemAlloc
> urlmon.dll: CreateURLMoniker
> OLEAUT32.dll: -, -
( 0 exports )
C:\Program Files\Internet Explorer\Connection Wizard\icwconn.dll
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 61440 bytes
MD5...: 56cbd039c78ebd6609ba8b84ea8da6f5
SHA1..: ff7deaf54e06c5c4d9c46f99ecac3f146f8baa11
SHA256: 114058263d6893c0e63be5dd4057c9ccad1c27bc7e176c7a44d2583c0bf523e9
SHA512: 3228d114c6e8f1257e5e62469dc31ebdfed0c30cae03b0f5533efacc541f4907
caf0ca0c442536421b81b0c8293b914d698d790bb7b7aea99bf5555307250e6c
ssdeep: 768:W2GCoea/dokcBegD8Mbi7ZQvCJC42ZYknW4j/W4wqHZuE:CCIKfBeE8aiiv+
1Y7yYZn
PEiD..: -
TrID..: File type identification
DirectShow filter (77.7%)
Win32 Executable MS Visual C++ (generic) (14.5%)
Win32 Executable Generic (3.2%)
Win32 Dynamic Link Library (generic) (2.9%)
Generic Win/DOS Executable (0.7%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xa6ec
timedatestamp.....: 0x4802c208 (Mon Apr 14 02:31:36 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xa640 0xb000 6.16 a4940b9d2c8ecc36b0e3f9f92e2e8586
.data 0xc000 0xa04 0x1000 0.66 ecaf7b060da7f884ca14c105c961c02c
.rsrc 0xd000 0x3f0 0x1000 1.08 0597f601c3fb65e87e2f7fc15bc5a777
.reloc 0xe000 0xc62 0x1000 5.36 18e18763302f492701bbfdc046893770
( 10 imports )
> msvcrt.dll: __2@YAPAXI@Z, free, _adjust_fdiv, _initterm, wcschr, _vsnwprintf, _itow, _strcmpi, malloc, __3@YAXPAX@Z
> KERNEL32.dll: lstrcmpW, LocalFree, FormatMessageW, GetCurrentDirectoryW, GetUserDefaultLCID, lstrcatW, GetLocalTime, ResetEvent, DeleteFileW, GlobalFree, WriteFile, CreateFileW, GetFileAttributesW, ReadFile, CopyFileW, GetTempFileNameW, GetTempPathW, GetTickCount, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, LoadLibraryA, GlobalAlloc, GetProcAddress, GetCurrentThreadId, MultiByteToWideChar, SetEvent, MulDiv, CloseHandle, lstrcpyW, InterlockedDecrement, InterlockedIncrement, LoadLibraryW, FreeLibrary, CreateEventW, lstrlenW
> USER32.dll: DispatchMessageW, TranslateMessage, MsgWaitForMultipleObjects, UnhookWindowsHookEx, MessageBoxW, SetWindowsHookExW, LoadIconW, GetSystemMetrics, DestroyIcon, SetWindowTextW, MoveWindow, MapWindowPoints, GetWindowRect, MapDialogRect, GetWindowTextW, SetDlgItemTextW, SetFocus, GetDlgItemTextW, CreateDialogParamW, IsWindowVisible, UpdateWindow, EnableWindow, CheckDlgButton, SetTimer, EndDialog, KillTimer, SetActiveWindow, DialogBoxParamW, PeekMessageW, CallNextHookEx, ShowWindow, GetWindowLongW, SetWindowLongW, GetParent, PostMessageW, GetDlgItem, SetWindowPos, SetCursor, LoadCursorW, DefWindowProcW, GetSysColorBrush, GetDC, ReleaseDC, LoadStringW, wsprintfW, GetClientRect, CreateWindowExW, SendMessageW, LoadAcceleratorsW, FillRect
> GDI32.dll: CreateCompatibleDC, GetStockObject, SetBkMode, SetTextColor, SelectObject, BitBlt, DeleteDC, DeleteObject, GetObjectW, GetDeviceCaps, StretchBlt, CreateFontIndirectW
> COMCTL32.dll: ImageList_Create, ImageList_ReplaceIcon, CreatePropertySheetPageW, DestroyPropertySheetPage, InitCommonControlsEx, ImageList_Destroy
> SHELL32.dll: SHGetMalloc, SHGetSpecialFolderLocation, SHGetPathFromIDListW
> ole32.dll: CoCreateInstance, StgCreateDocfile
> OLEAUT32.dll: -
> AVIFIL32.dll: AVIFileRelease, AVIFileInit, AVIFileOpenW, AVIFileInfoW, AVIFileExit
> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegCloseKey
( 5 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, GetICWCONNVersion
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 218624 bytes
MD5...: b9080d5587fc70b2ae2c3da016f88c1b
SHA1..: d402b80e4e1d8221258c61302c3a47a43fe61c11
SHA256: 3c3bf8f3aff439467e503a55ecdd37fc97d62c3925dce548989b4e5e3cd205fc
SHA512: 422abb93dfbfc00a53fba26d7eba140de695179792bfc59b3b66e5b92e7a4d75
6018237447c6a2336b67944da146b6aa37b916ea9d3f2ee8e58df349f18b7920
ssdeep: 1536:iD6vhT7lKlDau2flaLoRMtrXC2gyYy5cTTdPIIM0YeaYuUsRtMRpKyH:iD2
hT7lKb2fldRMtyyYyOTAsLpKM
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x6fac
timedatestamp.....: 0x48025187 (Sun Apr 13 18:31:35 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf13a 0xf200 6.25 14de7f6522ed864c5ea2b39ba594067b
.data 0x11000 0x292c 0x1400 0.44 d25692caa8a8a8cf2d759cfa30028425
.rsrc 0x14000 0x24ac0 0x24c00 4.56 b8addebbc610fecc4fb7cef64695ce93
( 9 imports )
> msvcrt.dll: swscanf, free, malloc, _vsnwprintf, _except_handler3, _wmakepath, _wsplitpath, __3@YAXPAX@Z, memmove, _wtoi, __2@YAPAXI@Z, setlocale
> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, RegCreateKeyW, RegCreateKeyExW, RegSetValueExW, RegOpenKeyExW, RegQueryValueW, RegDeleteValueW, RegQueryValueExW, RegOpenKeyW, RegCloseKey
> KERNEL32.dll: GetLastError, GetModuleHandleW, CloseHandle, CreateFileW, GetFileAttributesW, lstrlenW, GetProcAddress, GlobalAlloc, CreateProcessW, LoadLibraryW, SetLastError, GetModuleFileNameW, OutputDebugStringA, GetPrivateProfileIntW, SetCurrentDirectoryW, GetWindowsDirectoryW, GetCurrentDirectoryW, LocalFree, LocalAlloc, LoadLibraryA, FreeLibrary, RemoveDirectoryW, FindClose, FindNextFileW, DeleteFileW, SetFileAttributesW, FindFirstFileW, GlobalFree, SetErrorMode, GetCommandLineW, ExitProcess, CreateFileMappingW, InterlockedIncrement, InterlockedDecrement, FormatMessageW, MulDiv, GetCurrentProcess, GetVersionExW, TerminateProcess, GetExitCodeThread, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetModuleHandleA, GetSystemDirectoryW, lstrcatW, SearchPathW, GetPrivateProfileStringW, lstrcmpiW, lstrcpyW, lstrcpynW
> GDI32.dll: GetDeviceCaps, StretchBlt, BitBlt, SetTextColor, SetBkColor, GetTextMetricsW, SetMapMode, GetMapMode, CreateBitmap, DPtoLP, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, DeleteDC, GetStockObject, SetBkMode, DeleteObject, GetObjectW, CreateFontIndirectW
> USER32.dll: GetClassInfoW, SendMessageW, CallWindowProcW, SetWindowLongW, MessageBoxW, wsprintfW, LoadStringW, TranslateAcceleratorW, GetWindowLongW, DispatchMessageW, TranslateMessage, DestroyWindow, GetMessageW, DialogBoxParamW, GetSysColor, GetDlgItem, MoveWindow, GetSystemMetrics, GetWindowRect, CheckRadioButton, EndDialog, IsDlgButtonChecked, GetDlgCtrlID, GetDC, WaitMessage, PeekMessageW, LoadStringA, LoadImageW, LoadAcceleratorsW, ReleaseDC, SetMessageQueue, BringWindowToTop, SetForegroundWindow, GetLastActivePopup, FindWindowW, PostMessageW, ShowWindow, GetParent, CharNextW, CharPrevW, SetWindowTextW, SetWindowPos, EnableWindow, MsgWaitForMultipleObjects, CheckDlgButton, GetWindowTextW, DefWindowProcW, FillRect, GetClientRect, GetSysColorBrush, LoadCursorW, SetCursor, ExitWindowsEx, SendDlgItemMessageW, UpdateWindow, MapWindowPoints, InvalidateRect, IsRectEmpty, GetUpdateRect, IsWindowVisible, EnumThreadWindows, GetFocus, SetFocus, IsWindowEnabled, GetWindow, EnumChildWindows, RegisterClassExW, CreateWindowExW, CreateDialogParamW, GetDesktopWindow, MessageBeep, IsChild, GetNextDlgTabItem, LoadIconW, PostQuitMessage, DrawFocusRect, InflateRect, OffsetRect, CopyRect, DrawTextW, RedrawWindow, EndPaint, DrawEdge, BeginPaint, DrawIcon, RegisterClassW, UnregisterClassW
> SHELL32.dll: SHGetPathFromIDListW, SHGetMalloc, ShellExecuteW, SHGetSpecialFolderLocation
> ole32.dll: CoUninitialize, CoCreateInstance, CoInitialize
> OLEAUT32.dll: -
> SHLWAPI.dll: PathIsFileSpecW, PathIsURLW
( 0 exports )
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwx25b.dun
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 617 bytes
MD5...: 779a172db0088470ad8c66c9d8136ed4
SHA1..: fb21bb11792b3e68d36bbc7ca923aa1be8d92c6b
SHA256: 4080b596083f2071ecd0f094cbdfd29b2344f8fe362ad20e67ff2f233bb777fd
SHA512: 674bc66eed0c0f1aefd14b6c8e7a246261a51674cd9e187bff501096bd6d2ca2
1d45a8aeef946c67220c8593516dff2de402a01ea331cc766900b9728361068d
ssdeep: 12:ZRmLj8CWBuJBJf8gPQaOW4o6a1NSC/+JJ6UpU42iAvkAxHx/vkH29lCdHFG:L
mLj8d4JBJfCap4oJ//mHPAsA+29lCFQ
PEiD..: -
TrID..: File type identification
Generic INI configuration (100.0%)
PEInfo: -
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\phone.icw
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 2921 bytes
MD5...: 78ee68e61bf9afe6a1096558fec1d79b
SHA1..: fb1e721bc682a2cff5a693ce318359005befc8de
SHA256: fa0c00d72529f524e6cef9237c564f43e08f71d12ac56d1dad755a80e43d9d79
SHA512: eceaa0605ca86e709b24b71e86e69e5b7616508d54097f02a6b6edda524b4f09
48ce4971f31449987556f0d9100889a4b17b94be142e40d850fbceb99f30fc91
ssdeep: 24:IRGUJXa+hQLd/i+coaRN65NHJ+EQ+u+CPmX5ayb+wm+//7+UX+USZ+UWkKJx0
tZX:+XEIcoU51lCZdOgz+JqAo
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
Rapport pour
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
Information additionnelle
File size: 73728 bytes
MD5...: 44b50968b3f3c695cad05e04fb43d6e1
SHA1..: 1e9068828d9cd35a26e36512d288e7dcc0fda34b
SHA256: 45d83cb484b29ff7240558d828c8dac3efa388d23dc914b89257ffcf6ad9ce62
SHA512: 6fef9b6a7878f899118e58b837ad1cd332272798ea4361a83c27aa5e5fc8d0dc
277e9789c6bdd6a72b70e793196a545e32170f743d861628e155457ec861bd94
ssdeep: 1536:HgkD6WVUs4GuXRvhcQiZHIEv+Ff4jYFLdz7hCwHI+c:HgMWphvhcQqv+Ff4
jIL7Cwon
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2eb0
timedatestamp.....: 0x3b7d8344 (Fri Aug 17 20:49:08 2001)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x7ed6 0x8000 6.57 91c2b89de07f2ac712d22e0d7d25770a
.data 0x9000 0x10d8 0x1000 1.54 83eac1e741839dbe93ca9efcd5705dfe
.rsrc 0xb000 0x728c 0x8000 7.25 482480a4a6c0a8d0f872f12a08f7906e
( 4 imports )
> KERNEL32.dll: MultiByteToWideChar, lstrcatA, GetModuleFileNameA, GetFileAttributesA, lstrcpynA, lstrlenA, lstrcpyA, FreeLibrary, GetProcAddress, LoadLibraryW, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersionExA, ExitProcess, WriteFile, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetLastError, GetEnvironmentStringsW, SetHandleCount, GetFileType, DeleteCriticalSection, TlsFree, SetLastError, GetCurrentThreadId, TlsSetValue, TlsGetValue, TlsAlloc, HeapDestroy, HeapCreate, VirtualFree, HeapFree, GetCPInfo, LeaveCriticalSection, EnterCriticalSection, HeapAlloc, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, GetStringTypeA, GetStringTypeW, LoadLibraryA, GetACP, GetOEMCP, InitializeCriticalSection, VirtualAlloc, HeapReAlloc, VirtualProtect, GetSystemInfo, VirtualQuery, LCMapStringA, LCMapStringW, RtlUnwind, GetLocaleInfoW
> ole32.dll: CoTaskMemAlloc
> urlmon.dll: CreateURLMoniker
> OLEAUT32.dll: -, -
( 0 exports )
ok
tu as quoi comme box?
vire les pilotes que tu as mis et en général tu mets le cd de ta box et tu suis la procedure (il suffit d'avoir les codes fournis au depart)
ici pour la livebox:
https://www.jechange.fr/telecom/internet/guides/test-livebox-play-3187
tu as quoi comme box?
vire les pilotes que tu as mis et en général tu mets le cd de ta box et tu suis la procedure (il suffit d'avoir les codes fournis au depart)
ici pour la livebox:
https://www.jechange.fr/telecom/internet/guides/test-livebox-play-3187
slt fais ceci
Pour fusionner:
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
_______________
telecharge combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
_________________
Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radc\rad419.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe
C:\DOCUME~1\JC\APPLIC~1\Search Settings
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radC9C.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad17E.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad712.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBDF.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBE5.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad2\rad016.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad19B.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad729.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad47A.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\radE4F.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad96F.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radFDF.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\rad969.vbs
H:\start.exe
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
"MS-RAD2"=-
"MS-RADF"=-
"MS-RADE"=-
"MS-RAD3"=-
"MS-RAD9"=-
"MS-RADC"=-
"MS-RAD0"=-
"MS-RADD"=-
"MS-RADA"=-
"MS-RADB"=-
"MS-RAD4"=-
"MS-RAD1"=-
"MS-RAD5"=-
"MS-RAD7"=-
"MS-RAD8"=-
"MS-RAD6"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbbd16e4-fbd0-11db-8521-0018ded2b979}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c54e4a24-b206-11dc-8559-0018ded2b979}]
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
Pour fusionner:
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
_______________
telecharge combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
_________________
Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radc\rad419.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe
C:\DOCUME~1\JC\APPLIC~1\Search Settings
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radC9C.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad17E.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad712.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBDF.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBE5.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad2\rad016.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radb\rad19B.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad729.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad47A.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\radE4F.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad96F.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radFDF.vbs
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\rad969.vbs
H:\start.exe
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
"MS-RAD2"=-
"MS-RADF"=-
"MS-RADE"=-
"MS-RAD3"=-
"MS-RAD9"=-
"MS-RADC"=-
"MS-RAD0"=-
"MS-RADD"=-
"MS-RADA"=-
"MS-RADB"=-
"MS-RAD4"=-
"MS-RAD1"=-
"MS-RAD5"=-
"MS-RAD7"=-
"MS-RAD8"=-
"MS-RAD6"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbbd16e4-fbd0-11db-8521-0018ded2b979}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c54e4a24-b206-11dc-8559-0018ded2b979}]
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
Avant de te donner le compte rendu du scan, je te précise qu il y a eu bcp de messages dans la barre des taches concernant des fichiers endommagés, à voir avec chkdsk
j ai ce genre de message depuis qqs jours, mais là le nb est important et concerne tjs des fichiers différents
le post maintenant
ComboFix 09-03-15.01 - JC 2009-03-17 12:39:45.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1314 [GMT 1:00]
Lancé depuis: c:\documents and settings\JC\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\JC\Bureau\CFscript .txt
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
FILE ::
c:\docume~1\JC\APPLIC~1\Search Settings
c:\docume~1\JC\APPLIC~1\Search Settings\kb127
c:\docume~1\JC\APPLIC~1\Search Settings\kb127\temp
c:\docume~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBDF.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBE5.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad1\radE4F.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad2\rad016.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad3\radC9C.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad17E.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad712.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad6\rad969.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad6\radFDF.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rada\rad47A.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\radb\rad19B.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\radc\rad419.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rade\rad729.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rade\rad96F.vbs
c:\program files\Search Settings
c:\program files\Search Settings\kb127
c:\program files\Search Settings\kb127\SearchSettings.dll
c:\program files\Search Settings\kb127\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
H:\start.exe
.
[color=purple]Les fichiers ci-dessous ont été désactivés pendant l'exécution:[/color]
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
c:\program files\Search Settings\kb127\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\RTELM.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 ))))))))))))))))))))))))))))))))))))
.
2009-03-16 19:55 . 2009-03-16 19:55 <REP> d-------- C:\ToolBar SD
2009-03-16 08:01 . 2009-03-16 08:01 172 --a------ C:\curr_ver.tmp
2009-03-15 21:35 . 2009-03-15 21:35 <REP> d-------- C:\rsit
2009-03-15 21:35 . 2009-03-15 21:35 <REP> d-------- c:\program files\trend micro
2009-03-14 13:15 . 2009-03-14 13:15 <REP> d-------- c:\program files\Avira
2009-03-14 13:15 . 2009-03-14 13:15 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-03-14 05:24 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2009-03-13 20:37 . 2009-03-13 20:37 <REP> d-------- c:\program files\Panda Security
2009-03-12 17:48 . 2005-02-25 00:00 46,080 --a------ c:\windows\system32\escimgd.dll
2009-03-12 17:48 . 2005-02-25 00:00 29,696 --a------ c:\windows\system32\escwiad.dll
2009-03-12 17:48 . 2005-02-25 00:00 22,016 --a------ c:\windows\system32\esccmd.dll
2009-03-08 19:15 . 2009-03-08 19:15 <REP> d-------- C:\photo classe nautique
2009-03-07 08:00 . 2009-03-07 08:00 115,343,872 --ahs---- C:\eDS_PSD_drive.vmdf
2009-03-07 07:59 . 2009-03-07 08:00 188 --a------ c:\windows\system32\eDataSecurity.dat
2009-03-06 12:33 . 2002-03-06 22:19 454,656 --a------ c:\windows\system32\PaintX.dll
2009-03-06 12:33 . 2004-01-22 17:06 157,696 --a------ c:\windows\system32\unrar.dll
2009-03-06 12:33 . 2002-02-17 23:58 98,304 --a------ c:\windows\system32\unzip.dll
2009-03-06 12:33 . 2001-01-12 10:52 94,208 --a------ c:\windows\system32\vbpng.dll
2009-03-06 12:33 . 2003-11-18 00:37 72,192 --a------ c:\windows\system32\zlib.dll
2009-03-06 12:32 . 2009-03-06 12:32 <REP> d-------- c:\program files\Gentibus CD
2009-03-06 12:32 . 2000-05-21 21:00 232,640 --a------ c:\windows\system32\MSDATLST.OCX
2009-03-06 12:17 . 2009-03-06 12:17 <REP> d-------- c:\documents and settings\JC\Application Data\dvdcss
2009-03-05 19:16 . 2008-08-07 08:49 296,982 --a------ c:\windows\hpbj1200.hi1
2009-03-05 19:16 . 2008-08-07 08:49 23,824 --a------ c:\windows\mariner.hi1
2009-03-05 19:16 . 2008-08-07 08:49 18,672 --a------ c:\windows\hpbj1200.bu1
2009-03-05 19:16 . 2008-08-07 08:49 5,699 --a------ c:\windows\mariner.bu1
2009-03-02 17:49 . 2009-03-02 17:49 <REP> d-------- c:\documents and settings\JC\Application Data\Cimaware
2009-03-02 17:40 . 2009-03-02 17:40 <REP> d-------- c:\program files\Cimaware
2009-02-26 13:28 . 2009-02-24 20:26 84,992 --a------ C:\INSRUCTION MORALE et CIVIQUE.doc
2009-02-25 14:16 . 2009-02-25 14:16 <REP> d-------- C:\FILM ENFANTS
2009-02-25 13:27 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-25 13:27 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll
2009-02-25 13:26 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-02-25 13:26 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\dllcache\kbdhid.sys
2009-02-25 09:00 . 2009-03-11 09:00 1,374 --a------ c:\windows\imsins.BAK
2009-02-17 20:23 . 2009-02-17 20:23 <REP> d-------- c:\program files\NODouble
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:05 1,846,912 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-31 13:13 --------- d-----w c:\program files\VisualDivX
2009-01-28 16:59 --------- d-----w c:\program files\Resco
2009-01-27 16:16 --------- d-----w c:\program files\SKTools
2009-01-25 18:39 194,880 ----a-w c:\documents and settings\JC\Application Data\GDIPFONTCACHEV1.DAT
2009-01-24 08:43 --------- d-----w c:\program files\Philips
2009-01-24 08:42 --------- d-----w c:\documents and settings\JC\Application Data\InstallShield
2009-01-21 17:34 --------- d-----w c:\program files\PC Inspector File Recovery
2009-01-18 13:51 4,730 ----a-w c:\windows\system32\PerfStringBackup.TMP
2009-01-17 18:49 --------- d-----w c:\documents and settings\JC\Application Data\SmartCom
2009-01-17 18:28 --------- d-----w c:\documents and settings\All Users\Application Data\RTE
2009-01-17 18:21 --------- d-----w c:\program files\WellPhone DirectSync
2009-01-17 18:21 --------- d-----w c:\program files\Fichiers communs\XCPCSync.OEM
2009-01-17 18:20 --------- d-----w c:\program files\Fichiers communs\SmartCom
2009-01-17 18:20 --------- d-----w c:\documents and settings\JC\Application Data\RTE
2009-01-17 18:19 --------- d-----w c:\program files\SmartCom
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-10-15 15:45 4 --sh--r c:\documents and settings\All Users\Application Data\sysqcl1129139270.dat
2004-08-10 04:00 57,344 --sha-w c:\windows\system32\mfc42loc.dll
2004-08-10 04:00 253,952 --sha-w c:\windows\system32\msvcrt20.dll
1995-09-20 15:16 35,088 --sha-w c:\windows\system32\msjint32.dll
1998-05-18 02:06 368,912 --sha-w c:\windows\system32\vbar332.dll
2008-04-14 03:33 413,696 --sha-w c:\windows\system32\msvcp60.dll
2008-04-14 03:33 1,028,096 --sha-w c:\windows\system32\mfc42.dll
1995-09-20 15:13 977,680 --sha-w c:\windows\system32\msjt3032.dll
1995-09-20 15:16 23,824 --sha-w c:\windows\system32\msjter32.dll
1995-09-24 10:02 243,472 --sha-w c:\windows\system32\vbar2232.dll
2006-05-03 10:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-09-27 07:25 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092720080928\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-08-22 94208]
"Red Swoosh"="c:\program files\RSSoft\RedSwoosh.exe" [2007-02-27 62436]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"RTEGPRS"="c:\program files\Fichiers communs\SmartCom\RTEGPRS.exe" [2005-04-22 2371584]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-08-09 342016]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"FinePrint Dispatcher v5"="c:\windows\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-11-07 507904]
"Alt-Tab Thingy"="c:\program files\Alt-Tab Thingy v3\attmain.exe" [2005-10-24 80896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Canal Widget"="c:\program files\Canal\Canal Widget\Launcher.exe" [2009-02-04 106040]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-05 185896]
"HPWUTOOLBOX"="c:\program files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe" [2006-11-15 352256]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"WellPhone DirectSync - ScheduleSync"="c:\progra~1\WELLPH~1\SCHEDU~1.EXE" [2005-04-14 45056]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\JC\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-01-21 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:c *
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\System32\\javaw.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:DCOM
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-03-14 28544]
R2 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-04-11 61440]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-01-21 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-01-21 78208]
R2 Roku;Roku;c:\program files\RokuNSE\Roku.exe [2007-02-27 311296]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-11-30 1097728]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-07-29 16512]
.
Contenu du dossier 'Tâches planifiées'
2009-03-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://fr.fr.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{27914077-B4D6-4A0E-9763-76B6E9DD9A81} - c:\program files\Buyertools Reminder\ReminderIE.exe
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-17 12:46:25
Windows 5.1.2600 Service Pack 3 FAT NTAPI
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9042FABB-50EC-B756-D2AC-4954F2DFF16E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paflmifahcdkpodopdokmhkfmbnpeljo"=hex:69,61,61,65,64,6d,70,6e,64,6d,62,68,70,
64,6b,62,6e,6f,00,00
"oadlgjglfogpfmoenpaejjimgjcnih"=hex:69,61,61,65,64,6d,70,6e,64,6d,62,68,70,64,
6b,62,6e,6f,00,00
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:00000020
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000004
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000003
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000002
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:00000020
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\RUNDLL32.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Heure de fin: 2009-03-17 12:52:53 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-17 11:52:48
Avant-CF: 8 120 238 080 octets libres
Après-CF: 8,211,464,192 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
Current=3 Default=3 Failed=1 LastKnownGood=5 Sets=1,2,3,4,5
336 --- E O F --- 2009-03-11 08:01:03
j ai ce genre de message depuis qqs jours, mais là le nb est important et concerne tjs des fichiers différents
le post maintenant
ComboFix 09-03-15.01 - JC 2009-03-17 12:39:45.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1314 [GMT 1:00]
Lancé depuis: c:\documents and settings\JC\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\JC\Bureau\CFscript .txt
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
FILE ::
c:\docume~1\JC\APPLIC~1\Search Settings
c:\docume~1\JC\APPLIC~1\Search Settings\kb127
c:\docume~1\JC\APPLIC~1\Search Settings\kb127\temp
c:\docume~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBDF.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad0\radBE5.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad1\radE4F.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad2\rad016.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad3\radC9C.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad785.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad17E.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad712.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad6\rad969.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rad6\radFDF.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rada\rad47A.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\radb\rad19B.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\radb\rad9A3.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\radc\rad419.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rade\rad729.vbs
c:\program files\Internet Explorer\Connection Wizard\icwconn1\rade\rad96F.vbs
c:\program files\Search Settings
c:\program files\Search Settings\kb127
c:\program files\Search Settings\kb127\SearchSettings.dll
c:\program files\Search Settings\kb127\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
H:\start.exe
.
[color=purple]Les fichiers ci-dessous ont été désactivés pendant l'exécution:[/color]
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\JC\APPLIC~1\Search Settings\kb127\temp\ws-14318.log
c:\program files\Search Settings\kb127\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\RTELM.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 ))))))))))))))))))))))))))))))))))))
.
2009-03-16 19:55 . 2009-03-16 19:55 <REP> d-------- C:\ToolBar SD
2009-03-16 08:01 . 2009-03-16 08:01 172 --a------ C:\curr_ver.tmp
2009-03-15 21:35 . 2009-03-15 21:35 <REP> d-------- C:\rsit
2009-03-15 21:35 . 2009-03-15 21:35 <REP> d-------- c:\program files\trend micro
2009-03-14 13:15 . 2009-03-14 13:15 <REP> d-------- c:\program files\Avira
2009-03-14 13:15 . 2009-03-14 13:15 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-03-14 05:24 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2009-03-13 20:37 . 2009-03-13 20:37 <REP> d-------- c:\program files\Panda Security
2009-03-12 17:48 . 2005-02-25 00:00 46,080 --a------ c:\windows\system32\escimgd.dll
2009-03-12 17:48 . 2005-02-25 00:00 29,696 --a------ c:\windows\system32\escwiad.dll
2009-03-12 17:48 . 2005-02-25 00:00 22,016 --a------ c:\windows\system32\esccmd.dll
2009-03-08 19:15 . 2009-03-08 19:15 <REP> d-------- C:\photo classe nautique
2009-03-07 08:00 . 2009-03-07 08:00 115,343,872 --ahs---- C:\eDS_PSD_drive.vmdf
2009-03-07 07:59 . 2009-03-07 08:00 188 --a------ c:\windows\system32\eDataSecurity.dat
2009-03-06 12:33 . 2002-03-06 22:19 454,656 --a------ c:\windows\system32\PaintX.dll
2009-03-06 12:33 . 2004-01-22 17:06 157,696 --a------ c:\windows\system32\unrar.dll
2009-03-06 12:33 . 2002-02-17 23:58 98,304 --a------ c:\windows\system32\unzip.dll
2009-03-06 12:33 . 2001-01-12 10:52 94,208 --a------ c:\windows\system32\vbpng.dll
2009-03-06 12:33 . 2003-11-18 00:37 72,192 --a------ c:\windows\system32\zlib.dll
2009-03-06 12:32 . 2009-03-06 12:32 <REP> d-------- c:\program files\Gentibus CD
2009-03-06 12:32 . 2000-05-21 21:00 232,640 --a------ c:\windows\system32\MSDATLST.OCX
2009-03-06 12:17 . 2009-03-06 12:17 <REP> d-------- c:\documents and settings\JC\Application Data\dvdcss
2009-03-05 19:16 . 2008-08-07 08:49 296,982 --a------ c:\windows\hpbj1200.hi1
2009-03-05 19:16 . 2008-08-07 08:49 23,824 --a------ c:\windows\mariner.hi1
2009-03-05 19:16 . 2008-08-07 08:49 18,672 --a------ c:\windows\hpbj1200.bu1
2009-03-05 19:16 . 2008-08-07 08:49 5,699 --a------ c:\windows\mariner.bu1
2009-03-02 17:49 . 2009-03-02 17:49 <REP> d-------- c:\documents and settings\JC\Application Data\Cimaware
2009-03-02 17:40 . 2009-03-02 17:40 <REP> d-------- c:\program files\Cimaware
2009-02-26 13:28 . 2009-02-24 20:26 84,992 --a------ C:\INSRUCTION MORALE et CIVIQUE.doc
2009-02-25 14:16 . 2009-02-25 14:16 <REP> d-------- C:\FILM ENFANTS
2009-02-25 13:27 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-25 13:27 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll
2009-02-25 13:26 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-02-25 13:26 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\dllcache\kbdhid.sys
2009-02-25 09:00 . 2009-03-11 09:00 1,374 --a------ c:\windows\imsins.BAK
2009-02-17 20:23 . 2009-02-17 20:23 <REP> d-------- c:\program files\NODouble
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:05 1,846,912 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-31 13:13 --------- d-----w c:\program files\VisualDivX
2009-01-28 16:59 --------- d-----w c:\program files\Resco
2009-01-27 16:16 --------- d-----w c:\program files\SKTools
2009-01-25 18:39 194,880 ----a-w c:\documents and settings\JC\Application Data\GDIPFONTCACHEV1.DAT
2009-01-24 08:43 --------- d-----w c:\program files\Philips
2009-01-24 08:42 --------- d-----w c:\documents and settings\JC\Application Data\InstallShield
2009-01-21 17:34 --------- d-----w c:\program files\PC Inspector File Recovery
2009-01-18 13:51 4,730 ----a-w c:\windows\system32\PerfStringBackup.TMP
2009-01-17 18:49 --------- d-----w c:\documents and settings\JC\Application Data\SmartCom
2009-01-17 18:28 --------- d-----w c:\documents and settings\All Users\Application Data\RTE
2009-01-17 18:21 --------- d-----w c:\program files\WellPhone DirectSync
2009-01-17 18:21 --------- d-----w c:\program files\Fichiers communs\XCPCSync.OEM
2009-01-17 18:20 --------- d-----w c:\program files\Fichiers communs\SmartCom
2009-01-17 18:20 --------- d-----w c:\documents and settings\JC\Application Data\RTE
2009-01-17 18:19 --------- d-----w c:\program files\SmartCom
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-10-15 15:45 4 --sh--r c:\documents and settings\All Users\Application Data\sysqcl1129139270.dat
2004-08-10 04:00 57,344 --sha-w c:\windows\system32\mfc42loc.dll
2004-08-10 04:00 253,952 --sha-w c:\windows\system32\msvcrt20.dll
1995-09-20 15:16 35,088 --sha-w c:\windows\system32\msjint32.dll
1998-05-18 02:06 368,912 --sha-w c:\windows\system32\vbar332.dll
2008-04-14 03:33 413,696 --sha-w c:\windows\system32\msvcp60.dll
2008-04-14 03:33 1,028,096 --sha-w c:\windows\system32\mfc42.dll
1995-09-20 15:13 977,680 --sha-w c:\windows\system32\msjt3032.dll
1995-09-20 15:16 23,824 --sha-w c:\windows\system32\msjter32.dll
1995-09-24 10:02 243,472 --sha-w c:\windows\system32\vbar2232.dll
2006-05-03 10:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-09-27 07:25 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092720080928\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-08-22 94208]
"Red Swoosh"="c:\program files\RSSoft\RedSwoosh.exe" [2007-02-27 62436]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"RTEGPRS"="c:\program files\Fichiers communs\SmartCom\RTEGPRS.exe" [2005-04-22 2371584]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-08-09 342016]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"FinePrint Dispatcher v5"="c:\windows\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-11-07 507904]
"Alt-Tab Thingy"="c:\program files\Alt-Tab Thingy v3\attmain.exe" [2005-10-24 80896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Canal Widget"="c:\program files\Canal\Canal Widget\Launcher.exe" [2009-02-04 106040]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-05 185896]
"HPWUTOOLBOX"="c:\program files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe" [2006-11-15 352256]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"WellPhone DirectSync - ScheduleSync"="c:\progra~1\WELLPH~1\SCHEDU~1.EXE" [2005-04-14 45056]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\JC\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-01-21 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:c *
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\System32\\javaw.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:DCOM
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-03-14 28544]
R2 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-04-11 61440]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-01-21 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-01-21 78208]
R2 Roku;Roku;c:\program files\RokuNSE\Roku.exe [2007-02-27 311296]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-11-30 1097728]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-07-29 16512]
.
Contenu du dossier 'Tâches planifiées'
2009-03-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://fr.fr.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{27914077-B4D6-4A0E-9763-76B6E9DD9A81} - c:\program files\Buyertools Reminder\ReminderIE.exe
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-17 12:46:25
Windows 5.1.2600 Service Pack 3 FAT NTAPI
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9042FABB-50EC-B756-D2AC-4954F2DFF16E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paflmifahcdkpodopdokmhkfmbnpeljo"=hex:69,61,61,65,64,6d,70,6e,64,6d,62,68,70,
64,6b,62,6e,6f,00,00
"oadlgjglfogpfmoenpaejjimgjcnih"=hex:69,61,61,65,64,6d,70,6e,64,6d,62,68,70,64,
6b,62,6e,6f,00,00
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:00000020
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000004
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000003
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000002
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-494740861-2030384276-3883387808-1005\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:00000020
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\RUNDLL32.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Heure de fin: 2009-03-17 12:52:53 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-17 11:52:48
Avant-CF: 8 120 238 080 octets libres
Après-CF: 8,211,464,192 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
Current=3 Default=3 Failed=1 LastKnownGood=5 Sets=1,2,3,4,5
336 --- E O F --- 2009-03-11 08:01:03
repare windows comme ceci:
https://www.pcastuces.com/pratique/windows/xp/default.htm
___________________
ensuite faire une recherche d'erreur sur le disque principal (C)
en allant dans POSTE DE TRAVAIL puis cliquer avec le bouton droit de la souris sur C
et choisir PROPRIETE puis OUTILS puis VERIFIER MAINTENANT et cocher la première case uniquement (pas la deuxième surtout sinon cela prend des jours!)
puis DEMARRER
il faudra probablement faire redémarrer ton ordi puis au démarrage un chkdsk se fera tout seul! tu laisse faire
_______________________
remets ensuite un rapport RSIT et dis si encore des soucis
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
https://www.pcastuces.com/pratique/windows/xp/default.htm
___________________
ensuite faire une recherche d'erreur sur le disque principal (C)
en allant dans POSTE DE TRAVAIL puis cliquer avec le bouton droit de la souris sur C
et choisir PROPRIETE puis OUTILS puis VERIFIER MAINTENANT et cocher la première case uniquement (pas la deuxième surtout sinon cela prend des jours!)
puis DEMARRER
il faudra probablement faire redémarrer ton ordi puis au démarrage un chkdsk se fera tout seul! tu laisse faire
_______________________
remets ensuite un rapport RSIT et dis si encore des soucis
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
j ai un pbm avec sfc : il mereclame le cd de windows, j ai, mais avec le sp3 et là, je l ai installé à partir de windows update. y a t il une astuce ?
d abord le log
Logfile of random's system information tool 1.05 (written by random/random)
Run by JC at 2009-03-17 21:27:11
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (7%) free of 54 GB
Total RAM: 2038 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:33, on 17/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\Alt-Tab Thingy v3\attmain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\JC\Bureau\RSIT(2).exe
C:\Program Files\trend micro\JC.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.fr.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [Alt-Tab Thingy] "C:\Program Files\Alt-Tab Thingy v3\attmain.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Red Swoosh] C:\Program Files\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Roku - Mark Heaton - C:\Program Files\RokuNSE\Roku.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by JC at 2009-03-17 21:27:11
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (7%) free of 54 GB
Total RAM: 2038 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:33, on 17/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\Alt-Tab Thingy v3\attmain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\JC\Bureau\RSIT(2).exe
C:\Program Files\trend micro\JC.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.fr.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [Alt-Tab Thingy] "C:\Program Files\Alt-Tab Thingy v3\attmain.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Red Swoosh] C:\Program Files\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Roku - Mark Heaton - C:\Program Files\RokuNSE\Roku.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Mettre a jour java:
https://javara.fr.malavida.com/
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
___________________________
comment se comporte le pc?
encore des soucis???
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Mettre a jour java:
https://javara.fr.malavida.com/
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
___________________________
comment se comporte le pc?
encore des soucis???
le pc est stable, pas de message penible ni d ecran bleu
bcp de ref croisées dans le chkdsk (de l ordre d une centaine)
le log de javara :
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Wed Mar 18 05:49:00 2009
Found and removed: C:\Program Files\Java\jre1.5.0_11
Found and removed: C:\Program Files\Java\jre1.6.0_01
Found and removed: C:\Program Files\Java\jre1.6.0_03
Found and removed: C:\Program Files\Java\jre1.6.0_05
Found and removed: C:\Program Files\Java\jre1.6.0_07
Found and removed: Software\JavaSoft\Java2D\1.5.0_11
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Classes\JavaPlugin.150_11
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\JavaPlugin.160_01
Found and removed: SOFTWARE\Classes\JavaPlugin.160_03
Found and removed: SOFTWARE\Classes\JavaPlugin.160_05
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11
Found and removed: Software\Classes\JavaPlugin.160_01
Found and removed: Software\Classes\JavaPlugin.160_03
Found and removed: Software\Classes\JavaPlugin.160_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05
Found and removed: Software\JavaSoft\Java2D\1.6.0_01
Found and removed: Software\JavaSoft\Java2D\1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.6.0_05
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\
------------------------------------
Finished reporting.
bcp de ref croisées dans le chkdsk (de l ordre d une centaine)
le log de javara :
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Wed Mar 18 05:49:00 2009
Found and removed: C:\Program Files\Java\jre1.5.0_11
Found and removed: C:\Program Files\Java\jre1.6.0_01
Found and removed: C:\Program Files\Java\jre1.6.0_03
Found and removed: C:\Program Files\Java\jre1.6.0_05
Found and removed: C:\Program Files\Java\jre1.6.0_07
Found and removed: Software\JavaSoft\Java2D\1.5.0_11
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Classes\JavaPlugin.150_11
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\JavaPlugin.160_01
Found and removed: SOFTWARE\Classes\JavaPlugin.160_03
Found and removed: SOFTWARE\Classes\JavaPlugin.160_05
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11
Found and removed: Software\Classes\JavaPlugin.160_01
Found and removed: Software\Classes\JavaPlugin.160_03
Found and removed: Software\Classes\JavaPlugin.160_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05
Found and removed: Software\JavaSoft\Java2D\1.6.0_01
Found and removed: Software\JavaSoft\Java2D\1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.6.0_05
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\
------------------------------------
Finished reporting.
pour virer ce qui a été utilisé lance tool cleaner et colle le rapport:
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
_______________
désactive ta restauration puis redemarre ton ordi puis réactive là
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
_______________
désactive ta restauration puis redemarre ton ordi puis réactive là
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fdocid/20020830101856924
