Win 32: malware-gen
upper
-
moment de grace Messages postés 30049 Statut Contributeur sécurité -
moment de grace Messages postés 30049 Statut Contributeur sécurité -
Bonjour,
je suis en ce moment assez impuissant face à un virus nommé win 32: malware-gen.
avast le supprime mais au redemarrage le dit virus est encore là.
je souhaite avoir des indications pour l'eliminer definitivement. j'ai dejà essayer de desactiver la restauration puis de l'activer, j'ai aussi essayer rogue remover. je n'ai pas pu télécharger clean.zip.
merci
windows xp sp2
je suis en ce moment assez impuissant face à un virus nommé win 32: malware-gen.
avast le supprime mais au redemarrage le dit virus est encore là.
je souhaite avoir des indications pour l'eliminer definitivement. j'ai dejà essayer de desactiver la restauration puis de l'activer, j'ai aussi essayer rogue remover. je n'ai pas pu télécharger clean.zip.
merci
windows xp sp2
A voir également:
- Win 32: malware-gen
- 32 bits - Guide
- Power iso 32 bit - Télécharger - Gravure
- Win rar - Télécharger - Compression & Décompression
- Télécharger windows 7 32 bits usb - Télécharger - Systèmes d'exploitation
- Clé de produit windows 7 professionnel 32 bits gratuit - Guide
5 réponses
bonjour
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
(outil de diagnostic)
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
(outil de diagnostic)
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
voici le rapport de toolsbar:
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Default System BIOS
USER : Jean Philippe ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 100127-0] 4.8.1368 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:20 Go (Free:2 Go)
E:\ (Local Disk) - NTFS - Total:44 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - NTFS - Total:8 Go (Free:0 Go)
I:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 28/01/2010| 0:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Jean Philippe) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Jean Philippe) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.ci/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEANPH~1\Bureau\disque D\Auto Power On 2.20 Incl_Crack.rar
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\corel_utilitaires\IMAGES\Clipart\Spec_occ\Xmasmisc\NUTCRACK.cdr
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep.htm
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-attack-failled.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-clef-128-key-found.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-debut-crack-clef-wep.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-ouverture-tuto-selection-bssid.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-authentification-succesful.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-got-1024-ARP.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-reception-7-ARP.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-reception-premier-arp.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-sending-authtification-request.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-source-mac-address-rejected.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-1000IVs.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-13000IVs.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-17000IVs.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-capture-masse-packets-en-cour.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-exemple-reseau-wifi-non-crypte.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-il-se-pointe.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-lien-pour-parametre-de-aireplay.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-tous-les-reseaux-presents.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\console-instalation-carte-wifi-linux.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\console-lancement-airodump.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\console-sans-rien.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\drapeau-en.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-capture-paquets-en-cour.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-config-clef-wep-pr-decrypter-paquets.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-config-options-capture.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-ip-trouver-plein.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-paquet-decrypter-ip-trouve.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\flechefaq.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\header-tuto-fr.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ifconfig-changer-adresse-mac.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig-ath0.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig-changer-clef-wep2.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig-passage-mode-managed.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\pubbelle.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\show_ads.js
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\style.css
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\Thumbs.db
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\urchin.js
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\wifi.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\poweramc_v.9[1].5.2_eval_crack_by_swissguy_fr.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\Studio 8 Keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\File_id.diz
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\pgc.nfo
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\pgc_keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\Swish21.zip
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Xilisoft_Video_Converter_2.1.50.810b+crack.rar
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Bonus
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Bonus\Effects.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Crack\serial.txt
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Convertisseur\Xilisoft_Video_Converter_2.1.50.810b+crack.rar
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\adobe photo shop cs 2\crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\adobe photo shop cs 2\crack\CRACK_photoshop CS2 9.0_ FR_trial_tryout or Official in Full versions.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\Ulead.Photo.Express.v6.0-Lz0\crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\Ulead.Photo.Express.v6.0-Lz0\crack\Ipe.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\SYSTRAN Premium 4.05 FULL\systran.prem.4.0.keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\WinDVD6.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\file_id.diz
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\InterVideo_WinDVD_v6[1].0.B06.083_Platinum.zip
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\ror.nfo
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen\keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen\keygen.sln
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen\keygen.suo
C:\DOCUME~1\JEANPH~1\Bureau\telec\1Click & Lock v2.72 + KeyGen [mininova].torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\GetDataBack_v3_66_FAT_NTFS_keygen-Fenopy.com.torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\Pro_Evolution_Soccer_2009_CRACK_ONLY_RELOADED-Fenopy.com(2).torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\Pro_Evolution_Soccer_2009_CRACK_ONLY_RELOADED-Fenopy.com.torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\Spector_Pro_2009_The_BEST_MONITORING_Software_Keygen-Fenopy.com.torrent
1 - "C:\ToolBar SD\TB_1.txt" - 27/01/2010|22:55 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 27/01/2010|23:00 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 28/01/2010| 0:01 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 28/01/2010| 0:02 - Option : [1]
5 - "C:\ToolBar SD\TB_5.txt" - 28/01/2010| 0:04 - Option : [2]
6 - "C:\ToolBar SD\TB_6.txt" - 28/01/2010| 0:09 - Option : [2]
-----------\\ Fin du rapport a 0:09:23,67
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Default System BIOS
USER : Jean Philippe ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 100127-0] 4.8.1368 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:20 Go (Free:2 Go)
E:\ (Local Disk) - NTFS - Total:44 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - NTFS - Total:8 Go (Free:0 Go)
I:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 28/01/2010| 0:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Jean Philippe) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Jean Philippe) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.ci/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEANPH~1\Bureau\disque D\Auto Power On 2.20 Incl_Crack.rar
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\corel_utilitaires\IMAGES\Clipart\Spec_occ\Xmasmisc\NUTCRACK.cdr
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep.htm
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-attack-failled.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-clef-128-key-found.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-debut-crack-clef-wep.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aircrack-ouverture-tuto-selection-bssid.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-authentification-succesful.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-got-1024-ARP.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-reception-7-ARP.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-reception-premier-arp.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-sending-authtification-request.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\aireplay-source-mac-address-rejected.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-1000IVs.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-13000IVs.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-17000IVs.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-capture-masse-packets-en-cour.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-exemple-reseau-wifi-non-crypte.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-il-se-pointe.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-lien-pour-parametre-de-aireplay.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\airodump-tous-les-reseaux-presents.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\console-instalation-carte-wifi-linux.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\console-lancement-airodump.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\console-sans-rien.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\drapeau-en.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-capture-paquets-en-cour.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-config-clef-wep-pr-decrypter-paquets.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-config-options-capture.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-ip-trouver-plein.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ethereal-paquet-decrypter-ip-trouve.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\flechefaq.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\header-tuto-fr.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\ifconfig-changer-adresse-mac.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig-ath0.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig-changer-clef-wep2.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig-passage-mode-managed.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\iwconfig.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\pubbelle.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\show_ads.js
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\style.css
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\Thumbs.db
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\urchin.js
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Akaffou\whax\Aircrack, aireplay, airodump, Tutorial crack cle wep_files\wifi.gif
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\poweramc_v.9[1].5.2_eval_crack_by_swissguy_fr.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\Studio 8 Keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\File_id.diz
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\pgc.nfo
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\pgc_keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\ITI-Ange\swish\crack swish\Swish21.zip
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Xilisoft_Video_Converter_2.1.50.810b+crack.rar
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Bonus
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Bonus\Effects.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Atomix Virtual DJ Professional V5.0R6 + crack\Crack\serial.txt
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Convertisseur\Xilisoft_Video_Converter_2.1.50.810b+crack.rar
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\adobe photo shop cs 2\crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\adobe photo shop cs 2\crack\CRACK_photoshop CS2 9.0_ FR_trial_tryout or Official in Full versions.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\Ulead.Photo.Express.v6.0-Lz0\crack
C:\DOCUME~1\JEANPH~1\Bureau\disque D\marcel\RAP\Retouche video\Ulead.Photo.Express.v6.0-Lz0\crack\Ipe.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\SYSTRAN Premium 4.05 FULL\systran.prem.4.0.keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\WinDVD6.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\file_id.diz
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\InterVideo_WinDVD_v6[1].0.B06.083_Platinum.zip
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\disque D\WinDVD 6+Crack\KEYGEN\ror.nfo
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen\keygen.exe
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen\keygen.sln
C:\DOCUME~1\JEANPH~1\Bureau\Macromedia Director MX 2004\Keygen\keygen.suo
C:\DOCUME~1\JEANPH~1\Bureau\telec\1Click & Lock v2.72 + KeyGen [mininova].torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\GetDataBack_v3_66_FAT_NTFS_keygen-Fenopy.com.torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\Pro_Evolution_Soccer_2009_CRACK_ONLY_RELOADED-Fenopy.com(2).torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\Pro_Evolution_Soccer_2009_CRACK_ONLY_RELOADED-Fenopy.com.torrent
C:\DOCUME~1\JEANPH~1\Bureau\telec\Spector_Pro_2009_The_BEST_MONITORING_Software_Keygen-Fenopy.com.torrent
1 - "C:\ToolBar SD\TB_1.txt" - 27/01/2010|22:55 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 27/01/2010|23:00 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 28/01/2010| 0:01 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 28/01/2010| 0:02 - Option : [1]
5 - "C:\ToolBar SD\TB_5.txt" - 28/01/2010| 0:04 - Option : [2]
6 - "C:\ToolBar SD\TB_6.txt" - 28/01/2010| 0:09 - Option : [2]
-----------\\ Fin du rapport a 0:09:23,67
voici le rapport log de RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jean Philippe at 2010-01-31 15:01:38
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 2038 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:24, on 31/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-tray.exe
D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\hqtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\CCE5FC\AA4D13.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Moov Internet\Moov Internet.exe
C:\Program Files\ZHPDiag\ZHPDiag.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jean Philippe\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Jean Philippe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ci/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [vmware-tray] D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\hqtray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [AA4D13] C:\WINDOWS\system32\CCE5FC\AA4D13.EXE
O4 - HKCU\..\Run: [SuperCopier2.exe] "C:\Program Files\SuperCopier2\SuperCopier2.exe"
O4 - HKCU\..\Run: [E09FXLRD_4907953] "C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SysResources Manager] "C:\Program Files\SysResources Manager\SysResManager.exe"
O4 - Startup: AA4D13.lnk = C:\WINDOWS\system32\CCE5FC\AA4D13.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3103185C-83FF-4F62-81D9-A53EB4D1249E}: NameServer = 41.223.208.60 41.223.209.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{76CED875-A8A1-4587-9AC1-AFF578751782}: NameServer = 213.136.96.2,213.136.96.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C50F610-E228-454B-96EC-DB01AF44C13A}: NameServer = 213.136.96.2,213.136.96.37
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-ufad.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jean Philippe at 2010-01-31 15:01:38
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 2038 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:24, on 31/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-tray.exe
D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\hqtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\CCE5FC\AA4D13.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Moov Internet\Moov Internet.exe
C:\Program Files\ZHPDiag\ZHPDiag.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jean Philippe\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Jean Philippe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ci/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [vmware-tray] D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\hqtray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [AA4D13] C:\WINDOWS\system32\CCE5FC\AA4D13.EXE
O4 - HKCU\..\Run: [SuperCopier2.exe] "C:\Program Files\SuperCopier2\SuperCopier2.exe"
O4 - HKCU\..\Run: [E09FXLRD_4907953] "C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SysResources Manager] "C:\Program Files\SysResources Manager\SysResManager.exe"
O4 - Startup: AA4D13.lnk = C:\WINDOWS\system32\CCE5FC\AA4D13.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3103185C-83FF-4F62-81D9-A53EB4D1249E}: NameServer = 41.223.208.60 41.223.209.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{76CED875-A8A1-4587-9AC1-AFF578751782}: NameServer = 213.136.96.2,213.136.96.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C50F610-E228-454B-96EC-DB01AF44C13A}: NameServer = 213.136.96.2,213.136.96.37
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-ufad.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\VMware.Workstation.v6.0.0.45731.and.ACE.Edition-ZWT_CRP\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
voici le rapport info de RSIT:
info.txt logfile of random's system information tool 1.06 2010-01-31 12:46:31
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 4.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Assist TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c
Assistant Publication de sites Web Microsoft 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
Atheros Client Utility-->C:\Program Files\InstallShield Installation Information\{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}\setup.exe -runfromtemp -l0x040c
AutoCAD 2009 - Français-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-040C-0002-0060B0CE6BBA} /M ACAD
Autodesk Design Review 2009-->C:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {450063AA-643B-417C-8CF5-405BA3F4EF40} /M ADR
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BitComet 1.17-->C:\Program Files\BitComet\uninst.exe
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Boson NetSim for CCNP BETA 2a-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{B175B5EB-945A-45C6-8E03-97CEF1150D24}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
Cerebral Training - Mon coach particulier-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E41A97B-173F-4B0F-A3EE-3F278979D9D7}\setup.exe" -l0x40c
CommentCaMarche 2.0.6-->"C:\Program Files\CommentCaMarche\unins000.exe"
Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang FR-->MsiExec.exe /I{9D306690-3173-42CD-94C6-9EF9318AF24B}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files\Fichiers communs\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
EVEREST Ultimate Edition v5.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free PDF to Word Converter 1.5-->"C:\Program Files\Free PDF to Word Converter\unins000.exe"
Gestion commerciale-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52270BD3-1B06-42B6-B76A-3E6B95D3F218}\setup.exe" -l0x40c
Gestion d'énergie TOSHIBA-->C:\Program Files\InstallShield Installation Information\{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}\setup.exe -runfromtemp -l0x040c -uninst -removeonly
Ghost Recon-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}\Setup.exe"
Glary Utilities 2.16.0.758-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
Hacker Evolution (1.00.0087) (remove only)-->"C:\Program Files\Hacker Evolution\uninstall.exe"
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
Immobilisations-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC1A0B30-023D-496F-8BD5-A47646379264}\setup.exe" -l0x40c
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo AVControlSDK-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe"
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
IP Messenger for Win-->C:\Program Files\IPMsg\setup.exe /r
Le Corps humain-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Le Corps humain\Uninst.isu"
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Macromedia Director MX 2004-->C:\PROGRA~1\MACROM~1\DIRECT~1\UNWISE.EXE C:\PROGRA~1\MACROM~1\DIRECT~1\install.log
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player 8 Plugin-->MsiExec.exe /X{23AEBB83-CB47-4739-8A0C-92CC1E32AA2F}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Malwarebytes' RogueRemover-->"C:\Program Files\RogueRemover FREE\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Device Emulator version 1.0 - FRA-->MsiExec.exe /X{F6E08BCD-8411-4943-85B6-C8F79AC613AC}
Microsoft Document Explorer 2005-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Encarta 2009 - Collection-->MsiExec.exe /I{09180081-2C94-4A67-8E55-8483C019C7D2}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office OneNote 2003-->MsiExec.exe /I{90A1040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Project Professional 2003-->MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Mobile [FRA] Developer Tools-->MsiExec.exe /X{8BBF1F9B-846E-412E-A291-D471E5BED251}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
Microsoft Visual Studio 6.0 Édition Entreprise (Français)-->"C:\Program Files\Microsoft Visual Studio\Common\Setup\1036\Setup.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Moov Internet-->C:\Program Files\Moov Internet\uninst.exe
MSDN Library pour Visual Studio 6.0a (Français)-->"C:\Program Files\Microsoft Visual Studio\MSDN98\98VSa\1036\Setup\Setup.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 7 Ultra Edition-->MsiExec.exe /I{5C4620E8-D754-43F5-8F8D-54BF58611036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Outil de diagnostic PC TOSHIBA-->C:\Program Files\InstallShield Installation Information\{2C38F661-26B7-445D-B87D-B53FE2D3BD42}\setup.exe -runfromtemp -l0x040c
Packet Tracer 5.1-->"C:\Program Files\Packet Tracer 5.1\unins000.exe"
Paie 100-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{29B04269-F636-42AB-B545-57D5CFEBBD9C}\setup.exe" -l0x40c
PC Scrabble ® Edition 99-->C:\WINDOWS\unin040c.exe -fC:\SCRABBLE.99\DeIsL1.isu -cC:\SCRABBLE.99\_ISREG32.DLL
PC SECURITY TEST 2008-->"C:\Program Files\AxBx\PC Security Test 2008\unins000.exe"
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x40C
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly
Roxio Easy Media Creator 7 Basic Edition-->MsiExec.exe /I{F4862B43-A087-4826-8C50-D41646EC7728}
Sage Pilote-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F428CE0D-0E60-432D-8254-F8EED9079DC0}\setup.exe" -l0x40c
Saisie de caisse décentralisée-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{316AD333-225E-4410-AC08-9D4EB349DFA8}\setup.exe" -l0x40c
Satellite Antenna Alignment v2.65.0-->"C:\Program Files\AL-Software\Satellite Antenna Alignment\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Controls-->C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\setup.exe -runfromtemp -l0x040c
TOSHIBA Software Modem-->Tosmreg -U
Total Video Converter 3.12 080330-->"C:\Program Files\Total Video Converter\unins000.exe"
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
ubi.com-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe" -l0x40c -removeonly
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Workstation-->MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinHTTrack Website Copier 3.40-2-->"C:\Program Files\WinHTTrack\unins000.exe"
WinPcap 4.1 beta5-->C:\Program Files\WinPcap\uninstall.exe
Wireshark 1.2.2-->"C:\Program Files\Wireshark\uninstall.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~2.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1368 [VPS 100130-1]
======System event log======
Computer Name: UPPER
Event Code: 4202
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{76CED875-A8A1-4587-9AC1-AFF578751782} était déconnectée du réseau,
et la configuration réseau de la carte a été abandonnée. Si la carte
réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement.
Contactez le fabricant pour des pilotes mis à jour.
Record Number: 1752
Source Name: Tcpip
Time Written: 20100114102258.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 8003
Message: Le maître explorateur a reçu une annonce de serveur de l'ordinateur FLAISO-PC
qui pense qu'il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{76CED875-A8A1-4587.
Le maître explorateur s'arrête ou une élection est provoquée.
Record Number: 1751
Source Name: MRxSmb
Time Written: 20100114095447.000000+000
Event Type: erreur
User:
Computer Name: UPPER
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.
Record Number: 1750
Source Name: Service Control Manager
Time Written: 20100114094948.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.
Record Number: 1749
Source Name: Service Control Manager
Time Written: 20100114094848.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.
Record Number: 1748
Source Name: Service Control Manager
Time Written: 20100114094848.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: UPPER
Event Code: 0
Message:
Record Number: 5
Source Name: Capture Device Service
Time Written: 20091225184038.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 0
Message:
Record Number: 4
Source Name: Capture Device Service
Time Written: 20091225184037.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 0
Message:
Record Number: 3
Source Name: btwdins
Time Written: 20091225184034.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 1
Message:
Record Number: 2
Source Name: ccxroaming
Time Written: 20091225184021.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 1
Message:
Record Number: 1
Source Name: ccxroaming
Time Written: 20091225184021.000000+000
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-01-31 12:46:31
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 4.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Assist TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c
Assistant Publication de sites Web Microsoft 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
Atheros Client Utility-->C:\Program Files\InstallShield Installation Information\{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}\setup.exe -runfromtemp -l0x040c
AutoCAD 2009 - Français-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-040C-0002-0060B0CE6BBA} /M ACAD
Autodesk Design Review 2009-->C:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {450063AA-643B-417C-8CF5-405BA3F4EF40} /M ADR
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BitComet 1.17-->C:\Program Files\BitComet\uninst.exe
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Boson NetSim for CCNP BETA 2a-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{B175B5EB-945A-45C6-8E03-97CEF1150D24}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
Cerebral Training - Mon coach particulier-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E41A97B-173F-4B0F-A3EE-3F278979D9D7}\setup.exe" -l0x40c
CommentCaMarche 2.0.6-->"C:\Program Files\CommentCaMarche\unins000.exe"
Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang FR-->MsiExec.exe /I{9D306690-3173-42CD-94C6-9EF9318AF24B}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files\Fichiers communs\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
EVEREST Ultimate Edition v5.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free PDF to Word Converter 1.5-->"C:\Program Files\Free PDF to Word Converter\unins000.exe"
Gestion commerciale-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52270BD3-1B06-42B6-B76A-3E6B95D3F218}\setup.exe" -l0x40c
Gestion d'énergie TOSHIBA-->C:\Program Files\InstallShield Installation Information\{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}\setup.exe -runfromtemp -l0x040c -uninst -removeonly
Ghost Recon-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}\Setup.exe"
Glary Utilities 2.16.0.758-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
Hacker Evolution (1.00.0087) (remove only)-->"C:\Program Files\Hacker Evolution\uninstall.exe"
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
Immobilisations-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC1A0B30-023D-496F-8BD5-A47646379264}\setup.exe" -l0x40c
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo AVControlSDK-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe"
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
IP Messenger for Win-->C:\Program Files\IPMsg\setup.exe /r
Le Corps humain-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Le Corps humain\Uninst.isu"
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Macromedia Director MX 2004-->C:\PROGRA~1\MACROM~1\DIRECT~1\UNWISE.EXE C:\PROGRA~1\MACROM~1\DIRECT~1\install.log
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player 8 Plugin-->MsiExec.exe /X{23AEBB83-CB47-4739-8A0C-92CC1E32AA2F}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Malwarebytes' RogueRemover-->"C:\Program Files\RogueRemover FREE\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Device Emulator version 1.0 - FRA-->MsiExec.exe /X{F6E08BCD-8411-4943-85B6-C8F79AC613AC}
Microsoft Document Explorer 2005-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Encarta 2009 - Collection-->MsiExec.exe /I{09180081-2C94-4A67-8E55-8483C019C7D2}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office OneNote 2003-->MsiExec.exe /I{90A1040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Project Professional 2003-->MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Mobile [FRA] Developer Tools-->MsiExec.exe /X{8BBF1F9B-846E-412E-A291-D471E5BED251}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
Microsoft Visual Studio 6.0 Édition Entreprise (Français)-->"C:\Program Files\Microsoft Visual Studio\Common\Setup\1036\Setup.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Moov Internet-->C:\Program Files\Moov Internet\uninst.exe
MSDN Library pour Visual Studio 6.0a (Français)-->"C:\Program Files\Microsoft Visual Studio\MSDN98\98VSa\1036\Setup\Setup.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 7 Ultra Edition-->MsiExec.exe /I{5C4620E8-D754-43F5-8F8D-54BF58611036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Outil de diagnostic PC TOSHIBA-->C:\Program Files\InstallShield Installation Information\{2C38F661-26B7-445D-B87D-B53FE2D3BD42}\setup.exe -runfromtemp -l0x040c
Packet Tracer 5.1-->"C:\Program Files\Packet Tracer 5.1\unins000.exe"
Paie 100-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{29B04269-F636-42AB-B545-57D5CFEBBD9C}\setup.exe" -l0x40c
PC Scrabble ® Edition 99-->C:\WINDOWS\unin040c.exe -fC:\SCRABBLE.99\DeIsL1.isu -cC:\SCRABBLE.99\_ISREG32.DLL
PC SECURITY TEST 2008-->"C:\Program Files\AxBx\PC Security Test 2008\unins000.exe"
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x40C
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly
Roxio Easy Media Creator 7 Basic Edition-->MsiExec.exe /I{F4862B43-A087-4826-8C50-D41646EC7728}
Sage Pilote-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F428CE0D-0E60-432D-8254-F8EED9079DC0}\setup.exe" -l0x40c
Saisie de caisse décentralisée-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{316AD333-225E-4410-AC08-9D4EB349DFA8}\setup.exe" -l0x40c
Satellite Antenna Alignment v2.65.0-->"C:\Program Files\AL-Software\Satellite Antenna Alignment\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Controls-->C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\setup.exe -runfromtemp -l0x040c
TOSHIBA Software Modem-->Tosmreg -U
Total Video Converter 3.12 080330-->"C:\Program Files\Total Video Converter\unins000.exe"
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
ubi.com-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe" -l0x40c -removeonly
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Workstation-->MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinHTTrack Website Copier 3.40-2-->"C:\Program Files\WinHTTrack\unins000.exe"
WinPcap 4.1 beta5-->C:\Program Files\WinPcap\uninstall.exe
Wireshark 1.2.2-->"C:\Program Files\Wireshark\uninstall.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~2.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1368 [VPS 100130-1]
======System event log======
Computer Name: UPPER
Event Code: 4202
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{76CED875-A8A1-4587-9AC1-AFF578751782} était déconnectée du réseau,
et la configuration réseau de la carte a été abandonnée. Si la carte
réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement.
Contactez le fabricant pour des pilotes mis à jour.
Record Number: 1752
Source Name: Tcpip
Time Written: 20100114102258.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 8003
Message: Le maître explorateur a reçu une annonce de serveur de l'ordinateur FLAISO-PC
qui pense qu'il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{76CED875-A8A1-4587.
Le maître explorateur s'arrête ou une élection est provoquée.
Record Number: 1751
Source Name: MRxSmb
Time Written: 20100114095447.000000+000
Event Type: erreur
User:
Computer Name: UPPER
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.
Record Number: 1750
Source Name: Service Control Manager
Time Written: 20100114094948.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.
Record Number: 1749
Source Name: Service Control Manager
Time Written: 20100114094848.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.
Record Number: 1748
Source Name: Service Control Manager
Time Written: 20100114094848.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: UPPER
Event Code: 0
Message:
Record Number: 5
Source Name: Capture Device Service
Time Written: 20091225184038.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 0
Message:
Record Number: 4
Source Name: Capture Device Service
Time Written: 20091225184037.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 0
Message:
Record Number: 3
Source Name: btwdins
Time Written: 20091225184034.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 1
Message:
Record Number: 2
Source Name: ccxroaming
Time Written: 20091225184021.000000+000
Event Type: Informations
User:
Computer Name: UPPER
Event Code: 1
Message:
Record Number: 1
Source Name: ccxroaming
Time Written: 20091225184021.000000+000
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tu as utilisé combofix !
postes le rapport stp
de plus
Téléchargez USBFIX de El Desaparecido, C_xx
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097
/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
• Double clic sur le raccourci UsbFix présent sur le bureau .
• Choisir l'option2 suppression
(d’autres options disponibles, voir le tutoriel).
• Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.
Si un message te demande de redémarrer l'ordinateur fais le ...
● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.
● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097
Il est enregistré sur ton bureau.
Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
Merci
postes le rapport stp
de plus
Téléchargez USBFIX de El Desaparecido, C_xx
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097
/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
• Double clic sur le raccourci UsbFix présent sur le bureau .
• Choisir l'option2 suppression
(d’autres options disponibles, voir le tutoriel).
• Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.
Si un message te demande de redémarrer l'ordinateur fais le ...
● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.
● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097
Il est enregistré sur ton bureau.
Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
Merci
