423 utilisateurs connectés
 |
|
 |
trojan: csrss
wildwoolfy
le 24 mai 2009 à 22h37
salut tout le monde,
j'ai un tres grand probleme avec mon ordi la il y'a quelque chose qui bouffe ton mon cpu et j'arrive pas a voir quoi quand j'ai ete dans le task manager jai vu la presence d'un certain csrss.exe en faisant une recherche j'ai vu que ce pourrait etre la cause. s'il vous plait aidez moi j'ai un projet a remettre au plus vite et j'arrive pas a utiliser les logiciels tel autocad et les autres logiciels 3d merci d'avance
j'ai un tres grand probleme avec mon ordi la il y'a quelque chose qui bouffe ton mon cpu et j'arrive pas a voir quoi quand j'ai ete dans le task manager jai vu la presence d'un certain csrss.exe en faisant une recherche j'ai vu que ce pourrait etre la cause. s'il vous plait aidez moi j'ai un projet a remettre au plus vite et j'arrive pas a utiliser les logiciels tel autocad et les autres logiciels 3d merci d'avance
répondre
dédétraqué
le 24 mai 2009 à 22h50
Salut wildwoolfy
On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe
- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe
- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
wildwoolfy
le 24 mai 2009 à 23h19
merci detraque
j'ai fait ce que vous m'avez dit mais je vois le le processus s'arrete ou se ralenti car sa ne bouge pas dans "listing and event blogs" est ce normal sinon jusqu'a present j'attends
j'ai fait ce que vous m'avez dit mais je vois le le processus s'arrete ou se ralenti car sa ne bouge pas dans "listing and event blogs" est ce normal sinon jusqu'a present j'attends
dédétraqué
le 24 mai 2009 à 23h26
Salut wildwoolfy
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==
Double clique sur combofix.exe, clique sur OUI et valide par Entrée
Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\ Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==
Double clique sur combofix.exe, clique sur OUI et valide par Entrée
Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\ Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++
wildwoolfy
le 24 mai 2009 à 23h47
bon je vous donne ce que j'ai pour l'instant
pour l'info voila :
info.txt logfile of random's system information tool 1.06 2009-05-24 16:06:19
======Uninstall list======
-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Big City Adventures San Francisco\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Diner Dash Hometown Hero\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Dream Chronicles 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Family Feud 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\JoJo's Fashion Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Luxor 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Hidden Object Game Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Price is Right\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Tradewinds Legends\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wheel of Fortune 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\Installers\5ac697db6c6103f6f8b5198d25f73f7\Setup.exe
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
Adobe After Effects CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{0CEC06EF-5052-4CE8-8256-74AE363A4238}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe ExtendScript Toolkit 2-->C:\Program Files (x86)\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.2-->MsiExec.exe /I{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}
Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArchiBar Toolbar-->C:\PROGRA~2\ArchiBar\UNWISE.EXE /U C:\PROGRA~2\ArchiBar\INSTALL.LOG
ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
Ask.com Search Assistant 1.0.1-->C:\Program Files (x86)\Ask Search Assistant\uninst.exe
Autodesk 3ds Max 8 Additional Maps and Materials-->MsiExec.exe /I{59D070F5-CCE6-418B-84A3-CCA63D75ED8A}
Autodesk 3ds Max 8 Architectural Materials-->MsiExec.exe /I{28FDF917-8750-4A54-9E05-D7798E699B47}
Autodesk 3ds Max 8 Reference Files-->MsiExec.exe /I{73C935A7-36C6-48B5-A32E-FD5BD96FD25C}
Autodesk 3ds Max 8-->MsiExec.exe /I{DBB313D6-4B13-4961-BD5F-673CDA1793CC}
Autodesk DWF Viewer-->C:\PROGRA~2\Autodesk\AUTODE~1\Setup.exe /remove
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Catalyst Control Center - Branding-->MsiExec.exe /I{558FF444-F562-4E4C-98BD-7B20EE184D2E}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CINEMA 4D Release 10 Architecture Edition-->C:\Windows\unvise32.exe C:\Program Files (x86)\MAXON\CINEMA 4D R10\uninstal_C4D.log
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
Driver Detective-->C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
FL Studio 8-->C:\Program Files (x86)\Image-Line\FL Studio 8\uninstall.exe
FLV Player 1.3.3-->"C:\Program Files (x86)\FLVPlayer\uninstall.exe"
GuitarFX 3-->C:\PROGRA~2\GUITAR~1\UNWISE.EXE C:\PROGRA~2\GUITAR~1\INSTALL.LOG
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Quick Launch Buttons 6.40 H2-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0125-->MsiExec.exe /X{C4CF43CE-94AE-498E-9EB1-C804E05CB3CA}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPTCSSetup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{30D3B7BC-5798-45D9-822D-05CA18F39E99}\setup.exe" -l0x9 -removeonly
IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x9 -remove -removeonly
IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Juno Preloader-->MsiExec.exe /X{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Mask Pro 4.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2DFAC810-6DD8-4E23-96A4-BEB118408203}\setup.exe" -l0x9 -uninst -removeonly
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
MetaProducts Download Express-->C:\Program Files (x86)\Download Express\dep.exe /UnInstall
Microsoft Encarta 2008 - Études-->MsiExec.exe /I{08181881-FCA5-44A7-B863-D66037A16AAF}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Live Search Toolbar-->MsiExec.exe /X{6A370610-3778-44AF-9AAC-69B2FD1A3356}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft Visual C# 2008 Express Edition - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual C# 2008 Express Edition - ENU\setup.exe
Microsoft Visual C# 2008 Express Edition - ENU-->MsiExec.exe /X{2D07422C-CA35-375A-A3A8-3631AB85BFE5}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Microsoft Visual Studio 2008 Express Editions-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\MSDN Library for Microsoft Visual Studio 2008 Express Editions\install.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
NetZero Preloader-->MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Product Key Explorer 1.9.6-->"C:\Program Files (x86)\Nsasoft\ProductKeyExplorer\unins000.exe"
Pure Networks Network Magic-->C:\Program Files (x86)\Pure Networks\Network Magic\Uninstall.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Samsung USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{713E5AB1-2389-43A6-8313-CB4D3C44C4FA}\Setup.exe" anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
SharkMate 1.30-->C:\Program Files (x86)\SharkMate\uninst.exe
Slingbox - Watch Your TV Anywhere-->MsiExec.exe /X{7B798B31-2F33-4DC8-BDA4-D36488E86636}
SlingPlayer-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{004B0DCB-4C60-465B-8F01-44B0A4111187} /l1033
Smart Defrag 1.03-->"C:\Program Files (x86)\IObit\IObit SmartDefrag\unins000.exe"
SPORE Creature Creator Trial Edition-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
SWF Opener-->"C:\Program Files (x86)\UnH Solutions\SWF Opener\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
ToggleEN Toolbar-->C:\PROGRA~2\ToggleEN\UNWISE.EXE /U C:\PROGRA~2\ToggleEN\INSTALL.LOG
Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}
Video URL Extractor-->MsiExec.exe /I{1FACEA04-5C3B-4F1E-BD5D-F77F027BD0B8}
VideoLAN VLC media player 0.8.6d-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSO CopyToDVD 4-->"C:\Program Files (x86)\VSO\unins000.exe"
WBEncarta-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files (x86)\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinHTTrack Website Copier 3.43-3-->"C:\Program Files (x86)\WinHTTrack\unins000.exe"
winpcap-nmap 4.02-->"C:\Program Files (x86)\WinPcap\uninstall.exe"
WinRAR archiver-->C:\Program Files (x86)\WinRar\uninstall.exe
Xilisoft Video Converter Ultimate-->C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe
Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
======Hosts File======
127.0.0.1 localhost
127.0.0.1 atwola.com
72.167.163.234 ads1.msn.com
38.113.174.32 dehp.myspace.com
38.113.174.32 demr.myspace.com
38.113.174.32 desk.myspace.com
38.113.174.32 delb.myspace.com
38.113.174.32 delb2.myspace.com
38.113.174.32 debr.myspace.com
======Security center information======
AV: Kaspersky Internet Security
FW: Kaspersky Internet Security
AS: Windows Defender
AS: Kaspersky Internet Security
======System event log======
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
pour le log voila
Logfile of random's system information tool 1.06 (written by random/random)
Run by ROLF at 2009-05-24 16:03:08
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 38 GB (17%) free of 225 GB
Total RAM: 3837 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:04:03, on 24/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\ROLF\Documents\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\ROLF.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
R3 - URLSearchHook: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 72.167.163.234 ads1.msn.com
O1 - Hosts: 38.113.174.32 dehp.myspace.com
O1 - Hosts: 38.113.174.32 demr.myspace.com
O1 - Hosts: 38.113.174.32 desk.myspace.com
O1 - Hosts: 38.113.174.32 delb.myspace.com
O1 - Hosts: 38.113.174.32 delb2.myspace.com
O1 - Hosts: 38.113.174.32 debr.myspace.com
O1 - Hosts: 68.178.151.28 view.atdmt.com
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O3 - Toolbar: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [L08FXLRD_15765866] "C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\RunOnce: [NeroHomeFirstStart] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroScoutOptions.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files (x86)\Download Express\Add_Url.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15233 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24cc1362-11c6-4918-a2c0-b9ee5a563185}]
ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Microsoft Live Search Toolbar Helper - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-05-18 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - Microsoft Live Search Toolbar - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
{24cc1362-11c6-4918-a2c0-b9ee5a563185} - ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-05-18 148888]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]
""= []
"Adobe_ID0EYTHM"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2009-03-09 270128]
"L08FXLRD_15765866"=C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE [2007-06-12 351000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"=C:\Program Files (x86)\Common Files\Ahead\Lib\NeroScoutOptions.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\setup.hta
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}]
shell\AutoRun\command - F:\yannh.cmd
shell\explore\command - F:\yannh.cmd
shell\open\command - F:\yannh.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{093ac70e-f174-11dd-b968-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b3600d1-4527-11de-86d8-001eecf6179d}]
shell\1\command - Recycled.exe
shell\2\command - Recycled.exe
shell\AutoRun\command - Recycled.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}]
shell\AUtOPLaY\command - G:\mhsk.pif
shell\AutoRun\command - G:\mhsk.pif
shell\exPLoRE\command - G:\mhsk.pif
shell\opeN\command - G:\mhsk.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - g1ljsm.com
shell\open\command - g1ljsm.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360ed7-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360f2f-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360f51-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - F:\b.cmd
shell\explore\command - F:\b.cmd
shell\open\command - F:\b.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c476d3c-0920-11de-9327-001eecf6179d}]
shell\AutoRun\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}]
shell\AutoRun\command - F:\xfoolavp.com
shell\explore\command - F:\xfoolavp.com
shell\open\command - F:\xfoolavp.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2342112e-f4a4-11dd-a10c-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}]
shell\AutoRun\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunmex.exe
shell\open\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunmex.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39bcbacf-e856-11dd-9a5e-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4594cff8-246d-11de-93c9-001eecf6179d}]
shell\AUtOplay\command - qxxg.pif
shell\AutoRun\command - qxxg.pif
shell\exploRe\command - qxxg.pif
shell\Open\command - qxxg.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - F:\d1vmq.exe
shell\open\command - F:\d1vmq.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d1a249f-204b-11de-a89c-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55d04857-40ab-11de-8037-001eecf6179d}]
shell\AutoRun\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\wmmplayer.exe
shell\open\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\wmmplayer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55d04ab1-40ab-11de-8037-001eecf6179d}]
shell\1\command - F:\Recycled.exe
shell\2\command - F:\Recycled.exe
shell\AutoRun\command - F:\Recycled.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}]
shell\AutoRun\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - q0dhfjf.exe
shell\open\command - q0dhfjf.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - q0dhfjf.exe
shell\open\command - q0dhfjf.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}]
shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fbb34b5-2051-11de-b2a1-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86e98375-f268-11dd-986a-001eecf6179d}]
shell\AutoRun\command - e.cmd
shell\explore\command - e.cmd
shell\open\command - e.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}]
shell\AutoRun\command - fr.com
shell\explore\command - fr.com
shell\open\command - fr.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3786847-376e-11de-b1b0-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}]
shell\AutoRun\command - G:\DATA\SYSTEM\Xp.exe
shell\open\command - G:\DATA\SYSTEM\Xp.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}]
shell\AutoRun\command - F:\g1ljsm.com
shell\open\command - F:\g1ljsm.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}]
shell\AutoRun\command - F:\icxpa.cmd
shell\open\command - F:\icxpa.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}]
shell\AutoRun\command - F:\luk1ylq.com
shell\open\command - F:\luk1ylq.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}]
shell\AutoRun\command - F:\scvshosts.exe
shell\Open\command - F:\scvshosts.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}]
shell\AutoRun\command - F:\uh.exe
shell\open\command - F:\uh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5f34946-0f67-11de-a421-001eecf6179d}]
shell\AutoRun\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8388600-1afd-11de-8439-001eecf6179d}]
shell\AutoRun\command - F:\2fiy.bat
shell\open\command - F:\2fiy.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}]
shell\AutoRun\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49891b3-fb12-11dd-b3bc-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\stcvhost.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\stcvhost.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d56d6463-3014-11de-a68e-001eecf6179d}]
shell\AutoRun\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd3a7531-f3fa-11dd-9a22-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd4e045a-102e-11de-936c-001eecf6179d}]
shell\AutoRun\command - rcukd.cmd
shell\explore\command - rcukd.cmd
shell\open\command - rcukd.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}]
shell\AutoRun\command - F:\
shell\open\command - .\autorun.exe explore
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}]
shell\AutoRun\command - F:\m0vnonh.bat
shell\open\command - F:\m0vnonh.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee64e887-3fb6-11de-a57d-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1d919f7-1287-11de-8980-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8c59d74-f024-11dd-91f1-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}]
shell\AutoRun\command - F:\luk1ylq.com
shell\open\command - F:\luk1ylq.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fee66daf-3803-11de-9305-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
======File associations======
.reg - open - "regedit.exe" "%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2009-05-24 16:03:08 ----D---- C:\rsit
2009-05-24 15:53:43 ----D---- C:\Program Files (x86)\Trend Micro
2009-05-24 15:19:43 ----SHD---- C:\Config.Msi
2009-05-23 05:00:00 ----D---- C:\Program Files (x86)\UnH Solutions
2009-05-19 18:16:59 ----D---- C:\Users\ROLF\AppData\Roaming\CVitae
2009-05-19 18:16:34 ----D---- C:\Program Files (x86)\MonProduit
2009-05-18 10:38:30 ----A---- C:\Windows\system32\javaws.exe
2009-05-18 10:38:30 ----A---- C:\Windows\system32\deploytk.dll
2009-05-18 10:38:29 ----A---- C:\Windows\system32\javaw.exe
2009-05-18 10:38:29 ----A---- C:\Windows\system32\java.exe
2009-05-16 17:32:18 ----D---- C:\Program Files (x86)\ArchiBar
2009-05-16 16:00:48 ----D---- C:\Program Files (x86)\FunWebProducts
2009-05-16 13:42:10 ----D---- C:\Programs
2009-05-16 13:42:07 ----D---- C:\Temp
2009-05-16 13:42:03 ----D---- C:\Program Files (x86)\SharkMate
2009-05-14 11:55:58 ----D---- C:\Windows\system32\Adobe
2009-05-14 05:29:07 ----D---- C:\Program Files (x86)\Mulgra
2009-05-14 05:04:57 ----D---- C:\Program Files (x86)\WinPcap
2009-05-13 19:34:35 ----D---- C:\Users\ROLF\AppData\Roaming\Poser Pro
2009-05-12 11:41:39 ----D---- C:\Users\ROLF\AppData\Roaming\Autodesk
2009-05-12 11:40:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-05-11 17:34:31 ----D---- C:\Program Files (x86)\Microsoft
2009-05-11 17:34:13 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-05-10 21:22:32 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-05-10 21:16:29 ----D---- C:\Users\ROLF\AppData\Roaming\Anthropics
2009-05-10 20:22:38 ----D---- C:\Users\ROLF\AppData\Roaming\Thinstall
2009-05-09 06:12:24 ----D---- C:\ProgramData\AMV Converter Studio
2009-05-09 05:28:26 ----D---- C:\Users\ROLF\AppData\Roaming\ImTOO Software Studio
2009-05-08 18:34:40 ----D---- C:\Program Files (x86)\Common Files\SWF Studio
2009-05-07 14:22:09 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-05-07 14:22:09 ----D---- C:\Program Files (x86)\PC Drivers HeadQuarters
2009-05-07 14:00:15 ----D---- C:\Users\ROLF\AppData\Roaming\GetRightToGo
2009-05-02 21:13:33 ----D---- C:\Program Files (x86)\onOne Software
2009-05-02 21:01:10 ----D---- C:\ProgramData\FLEXnet
2009-05-02 20:50:31 ----D---- C:\Program Files (x86)\Common Files\Control Panels
2009-05-02 20:46:36 ----D---- C:\ProgramData\ALM
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32_FlashUtil.exe
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32.dll
2009-05-02 13:25:31 ----D---- C:\Program Files (x86)\Kaspersky Lab
2009-05-02 13:25:29 ----D---- C:\ProgramData\Kaspersky Lab
2009-05-02 10:03:03 ----D---- C:\Windows\Minidump
pour l'info voila :
info.txt logfile of random's system information tool 1.06 2009-05-24 16:06:19
======Uninstall list======
-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Big City Adventures San Francisco\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Diner Dash Hometown Hero\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Dream Chronicles 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Family Feud 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\JoJo's Fashion Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Luxor 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Hidden Object Game Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Price is Right\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Tradewinds Legends\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wheel of Fortune 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\Installers\5ac697db6c6103f6f8b5198d25f73f7\Setup.exe
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
Adobe After Effects CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{0CEC06EF-5052-4CE8-8256-74AE363A4238}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe ExtendScript Toolkit 2-->C:\Program Files (x86)\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.2-->MsiExec.exe /I{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}
Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArchiBar Toolbar-->C:\PROGRA~2\ArchiBar\UNWISE.EXE /U C:\PROGRA~2\ArchiBar\INSTALL.LOG
ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
Ask.com Search Assistant 1.0.1-->C:\Program Files (x86)\Ask Search Assistant\uninst.exe
Autodesk 3ds Max 8 Additional Maps and Materials-->MsiExec.exe /I{59D070F5-CCE6-418B-84A3-CCA63D75ED8A}
Autodesk 3ds Max 8 Architectural Materials-->MsiExec.exe /I{28FDF917-8750-4A54-9E05-D7798E699B47}
Autodesk 3ds Max 8 Reference Files-->MsiExec.exe /I{73C935A7-36C6-48B5-A32E-FD5BD96FD25C}
Autodesk 3ds Max 8-->MsiExec.exe /I{DBB313D6-4B13-4961-BD5F-673CDA1793CC}
Autodesk DWF Viewer-->C:\PROGRA~2\Autodesk\AUTODE~1\Setup.exe /remove
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Catalyst Control Center - Branding-->MsiExec.exe /I{558FF444-F562-4E4C-98BD-7B20EE184D2E}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CINEMA 4D Release 10 Architecture Edition-->C:\Windows\unvise32.exe C:\Program Files (x86)\MAXON\CINEMA 4D R10\uninstal_C4D.log
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
Driver Detective-->C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
FL Studio 8-->C:\Program Files (x86)\Image-Line\FL Studio 8\uninstall.exe
FLV Player 1.3.3-->"C:\Program Files (x86)\FLVPlayer\uninstall.exe"
GuitarFX 3-->C:\PROGRA~2\GUITAR~1\UNWISE.EXE C:\PROGRA~2\GUITAR~1\INSTALL.LOG
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Quick Launch Buttons 6.40 H2-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0125-->MsiExec.exe /X{C4CF43CE-94AE-498E-9EB1-C804E05CB3CA}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPTCSSetup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{30D3B7BC-5798-45D9-822D-05CA18F39E99}\setup.exe" -l0x9 -removeonly
IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x9 -remove -removeonly
IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Juno Preloader-->MsiExec.exe /X{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Mask Pro 4.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2DFAC810-6DD8-4E23-96A4-BEB118408203}\setup.exe" -l0x9 -uninst -removeonly
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
MetaProducts Download Express-->C:\Program Files (x86)\Download Express\dep.exe /UnInstall
Microsoft Encarta 2008 - Études-->MsiExec.exe /I{08181881-FCA5-44A7-B863-D66037A16AAF}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Live Search Toolbar-->MsiExec.exe /X{6A370610-3778-44AF-9AAC-69B2FD1A3356}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft Visual C# 2008 Express Edition - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual C# 2008 Express Edition - ENU\setup.exe
Microsoft Visual C# 2008 Express Edition - ENU-->MsiExec.exe /X{2D07422C-CA35-375A-A3A8-3631AB85BFE5}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Microsoft Visual Studio 2008 Express Editions-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\MSDN Library for Microsoft Visual Studio 2008 Express Editions\install.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
NetZero Preloader-->MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Product Key Explorer 1.9.6-->"C:\Program Files (x86)\Nsasoft\ProductKeyExplorer\unins000.exe"
Pure Networks Network Magic-->C:\Program Files (x86)\Pure Networks\Network Magic\Uninstall.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Samsung USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{713E5AB1-2389-43A6-8313-CB4D3C44C4FA}\Setup.exe" anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
SharkMate 1.30-->C:\Program Files (x86)\SharkMate\uninst.exe
Slingbox - Watch Your TV Anywhere-->MsiExec.exe /X{7B798B31-2F33-4DC8-BDA4-D36488E86636}
SlingPlayer-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{004B0DCB-4C60-465B-8F01-44B0A4111187} /l1033
Smart Defrag 1.03-->"C:\Program Files (x86)\IObit\IObit SmartDefrag\unins000.exe"
SPORE Creature Creator Trial Edition-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
SWF Opener-->"C:\Program Files (x86)\UnH Solutions\SWF Opener\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
ToggleEN Toolbar-->C:\PROGRA~2\ToggleEN\UNWISE.EXE /U C:\PROGRA~2\ToggleEN\INSTALL.LOG
Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}
Video URL Extractor-->MsiExec.exe /I{1FACEA04-5C3B-4F1E-BD5D-F77F027BD0B8}
VideoLAN VLC media player 0.8.6d-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSO CopyToDVD 4-->"C:\Program Files (x86)\VSO\unins000.exe"
WBEncarta-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files (x86)\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinHTTrack Website Copier 3.43-3-->"C:\Program Files (x86)\WinHTTrack\unins000.exe"
winpcap-nmap 4.02-->"C:\Program Files (x86)\WinPcap\uninstall.exe"
WinRAR archiver-->C:\Program Files (x86)\WinRar\uninstall.exe
Xilisoft Video Converter Ultimate-->C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe
Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
======Hosts File======
127.0.0.1 localhost
127.0.0.1 atwola.com
72.167.163.234 ads1.msn.com
38.113.174.32 dehp.myspace.com
38.113.174.32 demr.myspace.com
38.113.174.32 desk.myspace.com
38.113.174.32 delb.myspace.com
38.113.174.32 delb2.myspace.com
38.113.174.32 debr.myspace.com
======Security center information======
AV: Kaspersky Internet Security
FW: Kaspersky Internet Security
AS: Windows Defender
AS: Kaspersky Internet Security
======System event log======
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
pour le log voila
Logfile of random's system information tool 1.06 (written by random/random)
Run by ROLF at 2009-05-24 16:03:08
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 38 GB (17%) free of 225 GB
Total RAM: 3837 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:04:03, on 24/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\ROLF\Documents\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\ROLF.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
R3 - URLSearchHook: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 72.167.163.234 ads1.msn.com
O1 - Hosts: 38.113.174.32 dehp.myspace.com
O1 - Hosts: 38.113.174.32 demr.myspace.com
O1 - Hosts: 38.113.174.32 desk.myspace.com
O1 - Hosts: 38.113.174.32 delb.myspace.com
O1 - Hosts: 38.113.174.32 delb2.myspace.com
O1 - Hosts: 38.113.174.32 debr.myspace.com
O1 - Hosts: 68.178.151.28 view.atdmt.com
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O3 - Toolbar: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [L08FXLRD_15765866] "C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\RunOnce: [NeroHomeFirstStart] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroScoutOptions.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files (x86)\Download Express\Add_Url.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15233 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24cc1362-11c6-4918-a2c0-b9ee5a563185}]
ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Microsoft Live Search Toolbar Helper - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-05-18 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - Microsoft Live Search Toolbar - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
{24cc1362-11c6-4918-a2c0-b9ee5a563185} - ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-05-18 148888]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]
""= []
"Adobe_ID0EYTHM"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2009-03-09 270128]
"L08FXLRD_15765866"=C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE [2007-06-12 351000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"=C:\Program Files (x86)\Common Files\Ahead\Lib\NeroScoutOptions.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\setup.hta
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}]
shell\AutoRun\command - F:\yannh.cmd
shell\explore\command - F:\yannh.cmd
shell\open\command - F:\yannh.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{093ac70e-f174-11dd-b968-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b3600d1-4527-11de-86d8-001eecf6179d}]
shell\1\command - Recycled.exe
shell\2\command - Recycled.exe
shell\AutoRun\command - Recycled.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}]
shell\AUtOPLaY\command - G:\mhsk.pif
shell\AutoRun\command - G:\mhsk.pif
shell\exPLoRE\command - G:\mhsk.pif
shell\opeN\command - G:\mhsk.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - g1ljsm.com
shell\open\command - g1ljsm.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360ed7-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360f2f-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b360f51-4527-11de-86d8-001eecf6179d}]
shell\AutoRun\command - F:\b.cmd
shell\explore\command - F:\b.cmd
shell\open\command - F:\b.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c476d3c-0920-11de-9327-001eecf6179d}]
shell\AutoRun\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}]
shell\AutoRun\command - F:\xfoolavp.com
shell\explore\command - F:\xfoolavp.com
shell\open\command - F:\xfoolavp.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2342112e-f4a4-11dd-a10c-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}]
shell\AutoRun\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunmex.exe
shell\open\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunmex.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39bcbacf-e856-11dd-9a5e-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4594cff8-246d-11de-93c9-001eecf6179d}]
shell\AUtOplay\command - qxxg.pif
shell\AutoRun\command - qxxg.pif
shell\exploRe\command - qxxg.pif
shell\Open\command - qxxg.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - F:\d1vmq.exe
shell\open\command - F:\d1vmq.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d1a249f-204b-11de-a89c-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55d04857-40ab-11de-8037-001eecf6179d}]
shell\AutoRun\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\wmmplayer.exe
shell\open\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\wmmplayer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55d04ab1-40ab-11de-8037-001eecf6179d}]
shell\1\command - F:\Recycled.exe
shell\2\command - F:\Recycled.exe
shell\AutoRun\command - F:\Recycled.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}]
shell\AutoRun\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - q0dhfjf.exe
shell\open\command - q0dhfjf.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - q0dhfjf.exe
shell\open\command - q0dhfjf.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}]
shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fbb34b5-2051-11de-b2a1-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86e98375-f268-11dd-986a-001eecf6179d}]
shell\AutoRun\command - e.cmd
shell\explore\command - e.cmd
shell\open\command - e.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}]
shell\AutoRun\command - fr.com
shell\explore\command - fr.com
shell\open\command - fr.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3786847-376e-11de-b1b0-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}]
shell\AutoRun\command - G:\DATA\SYSTEM\Xp.exe
shell\open\command - G:\DATA\SYSTEM\Xp.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}]
shell\AutoRun\command - F:\g1ljsm.com
shell\open\command - F:\g1ljsm.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}]
shell\AutoRun\command - F:\icxpa.cmd
shell\open\command - F:\icxpa.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}]
shell\AutoRun\command - F:\luk1ylq.com
shell\open\command - F:\luk1ylq.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}]
shell\AutoRun\command - F:\scvshosts.exe
shell\Open\command - F:\scvshosts.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}]
shell\AutoRun\command - F:\uh.exe
shell\open\command - F:\uh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5f34946-0f67-11de-a421-001eecf6179d}]
shell\AutoRun\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8388600-1afd-11de-8439-001eecf6179d}]
shell\AutoRun\command - F:\2fiy.bat
shell\open\command - F:\2fiy.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}]
shell\AutoRun\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49891b3-fb12-11dd-b3bc-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\stcvhost.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\stcvhost.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d56d6463-3014-11de-a68e-001eecf6179d}]
shell\AutoRun\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd3a7531-f3fa-11dd-9a22-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd4e045a-102e-11de-936c-001eecf6179d}]
shell\AutoRun\command - rcukd.cmd
shell\explore\command - rcukd.cmd
shell\open\command - rcukd.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}]
shell\AutoRun\command - F:\
shell\open\command - .\autorun.exe explore
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}]
shell\AutoRun\command - F:\m0vnonh.bat
shell\open\command - F:\m0vnonh.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\venet.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee64e887-3fb6-11de-a57d-001eecf6179d}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1d919f7-1287-11de-8980-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8c59d74-f024-11dd-91f1-001eecf6179d}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}]
shell\AutoRun\command - F:\luk1ylq.com
shell\open\command - F:\luk1ylq.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fee66daf-3803-11de-9305-001eecf6179d}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\lusrmgr32.exe
======File associations======
.reg - open - "regedit.exe" "%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2009-05-24 16:03:08 ----D---- C:\rsit
2009-05-24 15:53:43 ----D---- C:\Program Files (x86)\Trend Micro
2009-05-24 15:19:43 ----SHD---- C:\Config.Msi
2009-05-23 05:00:00 ----D---- C:\Program Files (x86)\UnH Solutions
2009-05-19 18:16:59 ----D---- C:\Users\ROLF\AppData\Roaming\CVitae
2009-05-19 18:16:34 ----D---- C:\Program Files (x86)\MonProduit
2009-05-18 10:38:30 ----A---- C:\Windows\system32\javaws.exe
2009-05-18 10:38:30 ----A---- C:\Windows\system32\deploytk.dll
2009-05-18 10:38:29 ----A---- C:\Windows\system32\javaw.exe
2009-05-18 10:38:29 ----A---- C:\Windows\system32\java.exe
2009-05-16 17:32:18 ----D---- C:\Program Files (x86)\ArchiBar
2009-05-16 16:00:48 ----D---- C:\Program Files (x86)\FunWebProducts
2009-05-16 13:42:10 ----D---- C:\Programs
2009-05-16 13:42:07 ----D---- C:\Temp
2009-05-16 13:42:03 ----D---- C:\Program Files (x86)\SharkMate
2009-05-14 11:55:58 ----D---- C:\Windows\system32\Adobe
2009-05-14 05:29:07 ----D---- C:\Program Files (x86)\Mulgra
2009-05-14 05:04:57 ----D---- C:\Program Files (x86)\WinPcap
2009-05-13 19:34:35 ----D---- C:\Users\ROLF\AppData\Roaming\Poser Pro
2009-05-12 11:41:39 ----D---- C:\Users\ROLF\AppData\Roaming\Autodesk
2009-05-12 11:40:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-05-11 17:34:31 ----D---- C:\Program Files (x86)\Microsoft
2009-05-11 17:34:13 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-05-10 21:22:32 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-05-10 21:16:29 ----D---- C:\Users\ROLF\AppData\Roaming\Anthropics
2009-05-10 20:22:38 ----D---- C:\Users\ROLF\AppData\Roaming\Thinstall
2009-05-09 06:12:24 ----D---- C:\ProgramData\AMV Converter Studio
2009-05-09 05:28:26 ----D---- C:\Users\ROLF\AppData\Roaming\ImTOO Software Studio
2009-05-08 18:34:40 ----D---- C:\Program Files (x86)\Common Files\SWF Studio
2009-05-07 14:22:09 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-05-07 14:22:09 ----D---- C:\Program Files (x86)\PC Drivers HeadQuarters
2009-05-07 14:00:15 ----D---- C:\Users\ROLF\AppData\Roaming\GetRightToGo
2009-05-02 21:13:33 ----D---- C:\Program Files (x86)\onOne Software
2009-05-02 21:01:10 ----D---- C:\ProgramData\FLEXnet
2009-05-02 20:50:31 ----D---- C:\Program Files (x86)\Common Files\Control Panels
2009-05-02 20:46:36 ----D---- C:\ProgramData\ALM
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32_FlashUtil.exe
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32.dll
2009-05-02 13:25:31 ----D---- C:\Program Files (x86)\Kaspersky Lab
2009-05-02 13:25:29 ----D---- C:\ProgramData\Kaspersky Lab
2009-05-02 10:03:03 ----D---- C:\Windows\Minidump
wildwoolfy
le 25 mai 2009 à 00h05
la j'ai un probleme quand je lance le combofix il y a une boite de dialogue qui dit que combofix ne fonctionne que avec windows 2000 xp, car moi jai un vista 64. que faire ?
dédétraqué
le 25 mai 2009 à 00h07
Salut wildwoolfy
Faire le scan avec Combofix comme demandé et poste le rapport.
@++
Faire le scan avec Combofix comme demandé et poste le rapport.
@++
wildwoolfy
le 25 mai 2009 à 00h24
oui je l'ai fait et je vous ai dit ce que cela a donne. OS imcompatible. combofiux ne fonctionnne que pour windows 2000 ou xp. voila ce que sa me donne en plusieurs langue
dédétraqué
le 25 mai 2009 à 00h41
Salut wildwoolfy
Télécharge et installe UsbFix (de C_XX & Chiquitine29)
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
Faire un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "exécuter en tant qu'administrateur".
Choisir l'option 1 (Recherche)
Laisse travailler l'outil.
Ensuite poste le rapport UsbFix.txt qui apparaîtra.
Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
@++
Télécharge et installe UsbFix (de C_XX & Chiquitine29)
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
@++
wildwoolfy
le 25 mai 2009 à 01h27
voila le resultat
############################## [ UsbFix V3.025 | Scan ]
############################## [ Processus actifs ]
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\P2Pcontrol\p2control.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
################## [ Registre Startup ]
HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
HKCU_Main: "Start Page"="http://www2.iesearch.com/"
HKCU_Main: "Start Page Restore"="http://go.microsoft.com/fwlink/?LinkId=69157"
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: QlbCtrl.exe="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
HKLM_Run: AVP="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
HKLM_Run: SunJavaUpdateSched="C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
HKLM_Run: Acrobat Assistant 8.0="C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
HKLM_Run: Adobe_ID0EYTHM=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
HKLM_Run: P2Pcontrol="C:\Program Files (x86)\P2Pcontrol\p2control.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ehTray.exe=C:\Windows\ehome\ehTray.exe
HKCU_Run: uTorrent="C:\Program Files (x86)\uTorrent\uTorrent.exe"
HKCU_Run: L08FXLRD_15765866="C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
HKCU_Run: msnmsgr="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: link 1="C:\ProgramData\Default44.3winm"
HKCU_Run: Long Internet Team Stupid="C:\ProgramData\AIM LOG SURF.o638n"
HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\EnforceRMS.dll
Found ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\CM\CMInstall.exe
Found ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\TDM\TDMInstall.exe
Found ! F:\doup.pif
Found ! "F:\Recycle\D-0-060-0000000000-1111111-2222222"
Found ! "F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013"
Found ! F:\Recycle\D-0-060-0000000000-1111111-2222222\Desktop.ini
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{093ac70e-f174-11dd-b968-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b3600d1-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{1b360ed7-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360f2f-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{1c476d3c-0920-11de-9327-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1c476d3c-0920-11de-9327-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{2342112e-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{39bcbacf-e856-11dd-9a5e-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{4d1a249f-204b-11de-a89c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{55d04857-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{55d04857-40ab-11de-8037-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{55d04ab1-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7fbb34b5-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{a3786847-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c5f34946-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c5f34946-0f67-11de-a421-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c8388600-1afd-11de-8439-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c8388600-1afd-11de-8439-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{d49891b3-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{d56d6463-3014-11de-a68e-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{d56d6463-3014-11de-a68e-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{dd3a7531-f3fa-11dd-9a22-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ee64e887-3fb6-11de-a57d-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{f1d919f7-1287-11de-8980-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{f1d919f7-1287-11de-8980-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{f8c59d74-f024-11dd-91f1-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{fee66daf-3803-11de-9305-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{fee66daf-3803-11de-9305-001eecf6179d}\Shell\open\Command
################## [ Informations # Fichier Suspect ]
################## [ Cracks # Keygens # Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.025 ! ]
############################## [ UsbFix V3.025 | Scan ]
############################## [ Processus actifs ]
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Users\ROLF\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\P2Pcontrol\p2control.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
################## [ Registre Startup ]
HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
HKCU_Main: "Start Page"="http://www2.iesearch.com/"
HKCU_Main: "Start Page Restore"="http://go.microsoft.com/fwlink/?LinkId=69157"
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: QlbCtrl.exe="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
HKLM_Run: AVP="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
HKLM_Run: SunJavaUpdateSched="C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
HKLM_Run: Acrobat Assistant 8.0="C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
HKLM_Run: Adobe_ID0EYTHM=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
HKLM_Run: P2Pcontrol="C:\Program Files (x86)\P2Pcontrol\p2control.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ehTray.exe=C:\Windows\ehome\ehTray.exe
HKCU_Run: uTorrent="C:\Program Files (x86)\uTorrent\uTorrent.exe"
HKCU_Run: L08FXLRD_15765866="C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
HKCU_Run: msnmsgr="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: link 1="C:\ProgramData\Default44.3winm"
HKCU_Run: Long Internet Team Stupid="C:\ProgramData\AIM LOG SURF.o638n"
HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\EnforceRMS.dll
Found ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\CM\CMInstall.exe
Found ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\TDM\TDMInstall.exe
Found ! F:\doup.pif
Found ! "F:\Recycle\D-0-060-0000000000-1111111-2222222"
Found ! "F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013"
Found ! F:\Recycle\D-0-060-0000000000-1111111-2222222\Desktop.ini
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{093ac70e-f174-11dd-b968-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b3600d1-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{1b360ed7-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360f2f-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{1c476d3c-0920-11de-9327-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{1c476d3c-0920-11de-9327-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{2342112e-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{39bcbacf-e856-11dd-9a5e-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{4d1a249f-204b-11de-a89c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{55d04857-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{55d04857-40ab-11de-8037-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{55d04ab1-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{7fbb34b5-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{a3786847-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c5f34946-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c5f34946-0f67-11de-a421-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c8388600-1afd-11de-8439-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c8388600-1afd-11de-8439-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{d49891b3-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{d56d6463-3014-11de-a68e-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{d56d6463-3014-11de-a68e-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{dd3a7531-f3fa-11dd-9a22-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\explore\Command
HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{ee64e887-3fb6-11de-a57d-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{f1d919f7-1287-11de-8980-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{f1d919f7-1287-11de-8980-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{f8c59d74-f024-11dd-91f1-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}\Shell\open\Command
HKCU\...\Explorer\MountPoints2\{fee66daf-3803-11de-9305-001eecf6179d}\Shell\AutoRun\Command
HKCU\...\Explorer\MountPoints2\{fee66daf-3803-11de-9305-001eecf6179d}\Shell\open\Command
################## [ Informations # Fichier Suspect ]
################## [ Cracks # Keygens # Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.025 ! ]
dédétraqué
le 25 mai 2009 à 01h33
Salut wildwoolfy
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
Faire un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "exécuter en tant qu'administrateur".
Choisir l'option 2 (Suppression)
Ton bureau disparaîtra et le pc redémarrera.
Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .
Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
@++
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
@++
wildwoolfy
le 25 mai 2009 à 02h36
j'ai fait et on dirait que cela a marche merci beaucoup. jai fai une remarque sur le task manager. jai vu qu'il y a moins de programme en process. cela veut dire que les autres n'etaient pas importants pour le fonctionnement ou bien je ne sais pas quoi?
quelque chose de tres important a vous demander comment faire pour eviter de me faire infecter. quels sont les sources possible de mon infection?
quelque chose de tres important a vous demander comment faire pour eviter de me faire infecter. quels sont les sources possible de mon infection?
dédétraqué
le 25 mai 2009 à 03h05
Salut wildwoolfy
J'aurais aimé avoir le rapport, les outils ne supprimes pas toute les infections, donc faut faire des vérifications sinon l'infection peut revenir.
@++
J'aurais aimé avoir le rapport, les outils ne supprimes pas toute les infections, donc faut faire des vérifications sinon l'infection peut revenir.
@++
wildwoolfy
le 25 mai 2009 à 03h26
daccord je vois mais comment je vais faire pour verifier dis moi comment le faire je tenverrai les rapports. voila j'ai ete verifie dans le folder usbfix dans la racine de mon disc jai trouve ces rapport je vous envoi au cas ou ce sera sa.
############################## [ UsbFix V3.025 | Cleaning ]
############################## [ Processus actifs ]
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
C:\Windows\SysWOW64\runonce.exe
C:\Windows\SysWOW64\conime.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\EnforceRMS.dll
Deleted ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\CM\CMInstall.exe
Deleted ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\TDM\TDMInstall.exe
Deleted ! F:\doup.pif
Deleted ! F:\Recycle\D-0-060-0000000000-1111111-2222222\Desktop.ini
Deleted ! "F:\Recycle\D-0-060-0000000000-1111111-2222222"
Deleted ! "F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013"
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
Deleted ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{093ac70e-f174-11dd-b968-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b3600d1-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360ed7-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360f2f-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1c476d3c-0920-11de-9327-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{2342112e-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{39bcbacf-e856-11dd-9a5e-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{4d1a249f-204b-11de-a89c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{55d04857-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{55d04ab1-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7fbb34b5-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a3786847-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c5f34946-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c8388600-1afd-11de-8439-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{d49891b3-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{d56d6463-3014-11de-a68e-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{dd3a7531-f3fa-11dd-9a22-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ee64e887-3fb6-11de-a57d-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f1d919f7-1287-11de-8980-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f8c59d74-f024-11dd-91f1-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{fee66daf-3803-11de-9305-001eecf6179d}\Shell\AutoRun\Command
################## [ Listing des fichiers présent ]
[20/01/2008 21:50|-rahs----|333203] - C:\bootmgr
[24/05/2009 17:22|--a------|846] - C:\Bug.txt
[?|?|?] - C:\hiberfil.sys
[02/12/2006 01:37|--a------|904704] - C:\msdia80.dll
[?|?|?] - C:\pagefile.sys
[24/05/2009 19:10|--a------|7619] - C:\UsbFix.txt
[01/02/2009 21:50|--a------|158] - C:\YServer.txt
[19/01/2009 08:28|---hs----|13] - D:\BLOCK.RIN
[03/10/2006 18:02|---hs----|438328] - D:\bootmgr
[28/02/2009 21:34|--a------|32] - D:\defaultPerfLog.txt
[12/09/2008 13:00|---hs----|1199] - D:\Desktop.ini
[10/09/2002 11:14|---hs----|8134] - D:\Folder.htt
[24/05/2009 18:48|--ahs----|203] - D:\MASTER.LOG
[12/09/2008 12:17|---hs----|381873] - D:\protect.arabic
[15/09/2008 10:57|---hs----|182624] - D:\protect.bulgarian
[16/09/2002 09:37|---hs----|181898] - D:\protect.chinese hong kong
[16/09/2002 09:37|---hs----|181916] - D:\protect.chinese simplified
[16/09/2002 09:37|---hs----|181898] - D:\protect.chinese traditional
[27/04/2006 11:19|---hs----|181865] - D:\protect.czech
[03/11/2005 10:21|---hs----|181726] - D:\protect.danish
[10/09/2002 08:56|---hs----|181605] - D:\protect.dutch
[10/09/2002 08:50|---hs----|181651] - D:\protect.ed
[22/11/2004 10:28|---hs----|181648] - D:\protect.english
[03/11/2005 10:20|---hs----|181673] - D:\protect.finnish
[03/11/2005 10:19|---hs----|181736] - D:\protect.french
[03/11/2005 10:18|---hs----|181669] - D:\protect.german
[23/11/2005 10:56|---hs----|182689] - D:\protect.greek
[23/01/2006 04:18|---hs----|182605] - D:\protect.hebrew
[28/08/2007 09:58|---hs----|181696] - D:\protect.hungarian
[03/11/2005 10:17|---hs----|181554] - D:\protect.italian
[19/06/2007 10:22|---hs----|182351] - D:\protect.japanese
[24/11/2005 06:24|---hs----|218295] - D:\protect.korean
[03/11/2005 10:15|---hs----|181578] - D:\protect.norwegian
[25/04/2006 09:44|---hs----|181789] - D:\protect.polish
[03/11/2005 10:13|---hs----|181624] - D:\protect.portuguese
[27/10/2005 14:24|---hs----|181882] - D:\protect.portuguese brazilian
[15/09/2008 10:57|---hs----|181735] - D:\protect.romanian
[28/06/2004 03:52|---hs----|211936] - D:\protect.russian
[04/07/2007 06:46|---hs----|181954] - D:\protect.slovak
[03/11/2005 10:11|---hs----|181586] - D:\protect.spanish
[10/09/2002 09:15|---hs----|181602] - D:\protect.swedish
[12/08/2003 05:37|---hs----|181783] - D:\protect.turkish
[13/05/2009 18:50|--a------|7855249] - F:\jump.jpg
[29/01/2008 12:37|--a------|3139002] - F:\CEC.jpg
[14/05/2009 09:46|---h-----|3189760] - F:\~WRL0001.tmp
[14/05/2009 13:46|--a------|124416] - F:\UAUIDUFH.doc
[15/05/2009 11:00|--a------|128000] - F:\BONNE FETE CEC.doc
[28/05/2006 23:26|--a------|735195136] - F:\Canadian Pie DVDRip.avi
[14/05/2009 11:48|--a------|31232] - F:\18 mai (programme 2).doc
[14/05/2009 13:46|--a------|22528] - F:\Doc4.doc
[26/03/2009 15:32|-rahs----|119808] - F:\hhytat.exe
[14/05/2009 11:42|--a------|774656] - F:\18 mai (programme 1).doc
[14/05/2009 13:46|--a------|122880] - F:\COLLEGE D.doc
[17/05/2009 15:25|--a------|1298611] - F:\jump cool.jpg
[20/05/2009 13:28|--a------|2347008] - F:\rolf curriculum.indd
################## [ Vaccination ]
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## [ Informations # Fichier Suspect ]
################## [ Cracks # Keygens # Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.025 ! ]
et ca aussi
1dfc 1b54 WinMain
1dfc 1b54 lpCmdLine: '/REGSERVER'
1dfc 1b54 Run
1dfc 1b54 lpCmdLine: '/REGSERVER'
1dfc 1b54 nCmdShow: 10
1dfc 1b54 leaving WinMain
et un fichie texte du nom de bug
32788R22FWJFW\PEV.exe uzip "32788R22FWJFW\License\pv_5_2_2.zip" "32788R22FWJFW\License" && MOVE /Y "32788R22FWJFW\License\pv.exe" 32788R22FWJFW\
The system cannot find message text for message number 0x236e in the message file for Application.
32788R22FWJFW\pv.exe -kf n.com
Killing 'n.com'
pv: No matching processes found
MOVE /Y 32788R22FWJFW\pv.exe 32788R22FWJFW\pv.cfexe
The system cannot find message text for message number 0x236e in the message file for Application.
32788R22FWJFW\pv.cfexe -kf n.com
Killing 'n.com'
pv: No matching processes found
PUSHD "C:\32788R22FWJFW"
IF NOT EXIST pev.cfexe COPY /Y pev.exe pev.cfexe
IF NOT EXIST Nircmd.com COPY /Y n.com Nircmd.com
SET "Comspec=C:\Windows\system32\cmd.execf"
IF NOT EXIST C:\Windows\system32\cmd.exe GOTO Not_NT
IF EXIST OsVer EXIT
.
voila
merci
############################## [ UsbFix V3.025 | Cleaning ]
############################## [ Processus actifs ]
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
C:\Windows\SysWOW64\runonce.exe
C:\Windows\SysWOW64\conime.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\EnforceRMS.dll
Deleted ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\CM\CMInstall.exe
Deleted ! C:\Users\ROLF\AppData\Local\Temp\SFXD70E.tmp\TDM\TDMInstall.exe
Deleted ! F:\doup.pif
Deleted ! F:\Recycle\D-0-060-0000000000-1111111-2222222\Desktop.ini
Deleted ! "F:\Recycle\D-0-060-0000000000-1111111-2222222"
Deleted ! "F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013"
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
Deleted ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{0403b1b5-ef4a-11dd-8b77-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{093ac70e-f174-11dd-b968-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b3600d1-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b3600e5-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360ed3-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360ed7-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360f2f-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1b360f51-4527-11de-86d8-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1c476d3c-0920-11de-9327-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{23421126-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{2342112e-f4a4-11dd-a10c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{2b6156fa-1a4e-11de-a7e6-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{39bcbacf-e856-11dd-9a5e-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{4594cff8-246d-11de-93c9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{49c9b6d1-3a20-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{4d1a249f-204b-11de-a89c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{55d04857-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{55d04ab1-40ab-11de-8037-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{5d1112ed-29af-11de-89ff-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7dfbce3c-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7dfbce44-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7dfbd4a4-3ab3-11de-b3e9-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7fbb34b2-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7fbb34b5-2051-11de-b2a1-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{86e98375-f268-11dd-986a-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a10b8f2d-efd0-11dd-9028-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a3786847-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a37868bd-376e-11de-b1b0-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ac515e9f-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ac515ff8-f214-11dd-950d-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{adea90ef-2e8a-11de-af1c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{b81f498e-ec7d-11dd-a74c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c1c4779c-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c1c479c7-0192-11de-99a3-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c5f34946-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c5f34b81-0f67-11de-a421-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c8388600-1afd-11de-8439-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c8cb1037-0f17-11de-aad2-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{d49891b3-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{d49891d2-fb12-11dd-b3bc-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{d56d6463-3014-11de-a68e-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{dd3a7531-f3fa-11dd-9a22-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{dd4e045a-102e-11de-936c-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{e205c6e3-3c41-11de-9a88-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{e956c97d-eae5-11dd-b443-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ed7dbb90-f01e-11dd-a19a-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{ee64e887-3fb6-11de-a57d-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f1d919f7-1287-11de-8980-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f52c6b57-e8ee-11dd-ad44-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f8c59d74-f024-11dd-91f1-001eecf6179d}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{fdb30e14-1f87-11de-9906-d1d91552f379}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{fee66daf-3803-11de-9305-001eecf6179d}\Shell\AutoRun\Command
################## [ Listing des fichiers présent ]
[20/01/2008 21:50|-rahs----|333203] - C:\bootmgr
[24/05/2009 17:22|--a------|846] - C:\Bug.txt
[?|?|?] - C:\hiberfil.sys
[02/12/2006 01:37|--a------|904704] - C:\msdia80.dll
[?|?|?] - C:\pagefile.sys
[24/05/2009 19:10|--a------|7619] - C:\UsbFix.txt
[01/02/2009 21:50|--a------|158] - C:\YServer.txt
[19/01/2009 08:28|---hs----|13] - D:\BLOCK.RIN
[03/10/2006 18:02|---hs----|438328] - D:\bootmgr
[28/02/2009 21:34|--a------|32] - D:\defaultPerfLog.txt
[12/09/2008 13:00|---hs----|1199] - D:\Desktop.ini
[10/09/2002 11:14|---hs----|8134] - D:\Folder.htt
[24/05/2009 18:48|--ahs----|203] - D:\MASTER.LOG
[12/09/2008 12:17|---hs----|381873] - D:\protect.arabic
[15/09/2008 10:57|---hs----|182624] - D:\protect.bulgarian
[16/09/2002 09:37|---hs----|181898] - D:\protect.chinese hong kong
[16/09/2002 09:37|---hs----|181916] - D:\protect.chinese simplified
[16/09/2002 09:37|---hs----|181898] - D:\protect.chinese traditional
[27/04/2006 11:19|---hs----|181865] - D:\protect.czech
[03/11/2005 10:21|---hs----|181726] - D:\protect.danish
[10/09/2002 08:56|---hs----|181605] - D:\protect.dutch
[10/09/2002 08:50|---hs----|181651] - D:\protect.ed
[22/11/2004 10:28|---hs----|181648] - D:\protect.english
[03/11/2005 10:20|---hs----|181673] - D:\protect.finnish
[03/11/2005 10:19|---hs----|181736] - D:\protect.french
[03/11/2005 10:18|---hs----|181669] - D:\protect.german
[23/11/2005 10:56|---hs----|182689] - D:\protect.greek
[23/01/2006 04:18|---hs----|182605] - D:\protect.hebrew
[28/08/2007 09:58|---hs----|181696] - D:\protect.hungarian
[03/11/2005 10:17|---hs----|181554] - D:\protect.italian
[19/06/2007 10:22|---hs----|182351] - D:\protect.japanese
[24/11/2005 06:24|---hs----|218295] - D:\protect.korean
[03/11/2005 10:15|---hs----|181578] - D:\protect.norwegian
[25/04/2006 09:44|---hs----|181789] - D:\protect.polish
[03/11/2005 10:13|---hs----|181624] - D:\protect.portuguese
[27/10/2005 14:24|---hs----|181882] - D:\protect.portuguese brazilian
[15/09/2008 10:57|---hs----|181735] - D:\protect.romanian
[28/06/2004 03:52|---hs----|211936] - D:\protect.russian
[04/07/2007 06:46|---hs----|181954] - D:\protect.slovak
[03/11/2005 10:11|---hs----|181586] - D:\protect.spanish
[10/09/2002 09:15|---hs----|181602] - D:\protect.swedish
[12/08/2003 05:37|---hs----|181783] - D:\protect.turkish
[13/05/2009 18:50|--a------|7855249] - F:\jump.jpg
[29/01/2008 12:37|--a------|3139002] - F:\CEC.jpg
[14/05/2009 09:46|---h-----|3189760] - F:\~WRL0001.tmp
[14/05/2009 13:46|--a------|124416] - F:\UAUIDUFH.doc
[15/05/2009 11:00|--a------|128000] - F:\BONNE FETE CEC.doc
[28/05/2006 23:26|--a------|735195136] - F:\Canadian Pie DVDRip.avi
[14/05/2009 11:48|--a------|31232] - F:\18 mai (programme 2).doc
[14/05/2009 13:46|--a------|22528] - F:\Doc4.doc
[26/03/2009 15:32|-rahs----|119808] - F:\hhytat.exe
[14/05/2009 11:42|--a------|774656] - F:\18 mai (programme 1).doc
[14/05/2009 13:46|--a------|122880] - F:\COLLEGE D.doc
[17/05/2009 15:25|--a------|1298611] - F:\jump cool.jpg
[20/05/2009 13:28|--a------|2347008] - F:\rolf curriculum.indd
################## [ Vaccination ]
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## [ Informations # Fichier Suspect ]
################## [ Cracks # Keygens # Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.025 ! ]
et ca aussi
1dfc 1b54 WinMain
1dfc 1b54 lpCmdLine: '/REGSERVER'
1dfc 1b54 Run
1dfc 1b54 lpCmdLine: '/REGSERVER'
1dfc 1b54 nCmdShow: 10
1dfc 1b54 leaving WinMain
et un fichie texte du nom de bug
32788R22FWJFW\PEV.exe uzip "32788R22FWJFW\License\pv_5_2_2.zip" "32788R22FWJFW\License" && MOVE /Y "32788R22FWJFW\License\pv.exe" 32788R22FWJFW\
The system cannot find message text for message number 0x236e in the message file for Application.
32788R22FWJFW\pv.exe -kf n.com
Killing 'n.com'
pv: No matching processes found
MOVE /Y 32788R22FWJFW\pv.exe 32788R22FWJFW\pv.cfexe
The system cannot find message text for message number 0x236e in the message file for Application.
32788R22FWJFW\pv.cfexe -kf n.com
Killing 'n.com'
pv: No matching processes found
PUSHD "C:\32788R22FWJFW"
IF NOT EXIST pev.cfexe COPY /Y pev.exe pev.cfexe
IF NOT EXIST Nircmd.com COPY /Y n.com Nircmd.com
SET "Comspec=C:\Windows\system32\cmd.execf"
IF NOT EXIST C:\Windows\system32\cmd.exe GOTO Not_NT
IF EXIST OsVer EXIT
.
voila
merci
dédétraqué
le 25 mai 2009 à 03h39
Salut wildwoolfy
OK cela es bon, selon les rapports tu est de mon coin de pays
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse
Le rapport est dans le dossier ici C:\rsit
Comme ton premier rapport n'étais pas complet avec RSIT essai de vérifier qu'il soit complet.
@++
OK cela es bon, selon les rapports tu est de mon coin de pays
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse
Le rapport est dans le dossier ici C:\rsit
Comme ton premier rapport n'étais pas complet avec RSIT essai de vérifier qu'il soit complet.
@++
wildwoolfy
le 25 mai 2009 à 04h22
voila l'info
info.txt logfile of random's system information tool 1.06 2009-05-24 21:08:08
======Uninstall list======
-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Big City Adventures San Francisco\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Diner Dash Hometown Hero\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Dream Chronicles 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Family Feud 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\JoJo's Fashion Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Luxor 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Hidden Object Game Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Price is Right\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Tradewinds Legends\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wheel of Fortune 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
3wPlayer-->C:\Program Files (x86)\3wPlayer\uninstall.exe
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\Installers\5ac697db6c6103f6f8b5198d25f73f7\Setup.exe
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
Adobe After Effects CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{0CEC06EF-5052-4CE8-8256-74AE363A4238}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe ExtendScript Toolkit 2-->C:\Program Files (x86)\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.2-->MsiExec.exe /I{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}
Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArchiBar Toolbar-->C:\PROGRA~2\ArchiBar\UNWISE.EXE /U C:\PROGRA~2\ArchiBar\INSTALL.LOG
ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
Ask.com Search Assistant 1.0.1-->C:\Program Files (x86)\Ask Search Assistant\uninst.exe
Autodesk 3ds Max 8 Additional Maps and Materials-->MsiExec.exe /I{59D070F5-CCE6-418B-84A3-CCA63D75ED8A}
Autodesk 3ds Max 8 Architectural Materials-->MsiExec.exe /I{28FDF917-8750-4A54-9E05-D7798E699B47}
Autodesk 3ds Max 8 Reference Files-->MsiExec.exe /I{73C935A7-36C6-48B5-A32E-FD5BD96FD25C}
Autodesk 3ds Max 8-->MsiExec.exe /I{DBB313D6-4B13-4961-BD5F-673CDA1793CC}
Autodesk DWF Viewer-->C:\PROGRA~2\Autodesk\AUTODE~1\Setup.exe /remove
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Catalyst Control Center - Branding-->MsiExec.exe /I{558FF444-F562-4E4C-98BD-7B20EE184D2E}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CINEMA 4D Release 10 Architecture Edition-->C:\Windows\unvise32.exe C:\Program Files (x86)\MAXON\CINEMA 4D R10\uninstal_C4D.log
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
Driver Detective-->C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
FL Studio 8-->C:\Program Files (x86)\Image-Line\FL Studio 8\uninstall.exe
FLV Player 1.3.3-->"C:\Program Files (x86)\FLVPlayer\uninstall.exe"
GuitarFX 3-->C:\PROGRA~2\GUITAR~1\UNWISE.EXE C:\PROGRA~2\GUITAR~1\INSTALL.LOG
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Quick Launch Buttons 6.40 H2-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0125-->MsiExec.exe /X{C4CF43CE-94AE-498E-9EB1-C804E05CB3CA}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPTCSSetup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{30D3B7BC-5798-45D9-822D-05CA18F39E99}\setup.exe" -l0x9 -removeonly
IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x9 -remove -removeonly
IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Juno Preloader-->MsiExec.exe /X{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Mask Pro 4.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2DFAC810-6DD8-4E23-96A4-BEB118408203}\setup.exe" -l0x9 -uninst -removeonly
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
MetaProducts Download Express-->C:\Program Files (x86)\Download Express\dep.exe /UnInstall
Microsoft Encarta 2008 - Études-->MsiExec.exe /I{08181881-FCA5-44A7-B863-D66037A16AAF}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Live Search Toolbar-->MsiExec.exe /X{6A370610-3778-44AF-9AAC-69B2FD1A3356}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft Visual C# 2008 Express Edition - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual C# 2008 Express Edition - ENU\setup.exe
Microsoft Visual C# 2008 Express Edition - ENU-->MsiExec.exe /X{2D07422C-CA35-375A-A3A8-3631AB85BFE5}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Microsoft Visual Studio 2008 Express Editions-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\MSDN Library for Microsoft Visual Studio 2008 Express Editions\install.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
NetZero Preloader-->MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
P2Pcontrol 1.0-->C:\Program Files (x86)\P2Pcontrol\uninst.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Product Key Explorer 1.9.6-->"C:\Program Files (x86)\Nsasoft\ProductKeyExplorer\unins000.exe"
Pure Networks Network Magic-->C:\Program Files (x86)\Pure Networks\Network Magic\Uninstall.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Samsung USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{713E5AB1-2389-43A6-8313-CB4D3C44C4FA}\Setup.exe" anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
SharkMate 1.30-->C:\Program Files (x86)\SharkMate\uninst.exe
Slingbox - Watch Your TV Anywhere-->MsiExec.exe /X{7B798B31-2F33-4DC8-BDA4-D36488E86636}
SlingPlayer-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{004B0DCB-4C60-465B-8F01-44B0A4111187} /l1033
Smart Defrag 1.03-->"C:\Program Files (x86)\IObit\IObit SmartDefrag\unins000.exe"
SPORE Creature Creator Trial Edition-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
SWF Opener-->"C:\Program Files (x86)\UnH Solutions\SWF Opener\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
ToggleEN Toolbar-->C:\PROGRA~2\ToggleEN\UNWISE.EXE /U C:\PROGRA~2\ToggleEN\INSTALL.LOG
Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
UsbFix-->C:\UsbFix\Uninstal.exe
VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}
Video URL Extractor-->MsiExec.exe /I{1FACEA04-5C3B-4F1E-BD5D-F77F027BD0B8}
VideoLAN VLC media player 0.8.6d-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSO CopyToDVD 4-->"C:\Program Files (x86)\VSO\unins000.exe"
WBEncarta-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files (x86)\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinHTTrack Website Copier 3.43-3-->"C:\Program Files (x86)\WinHTTrack\unins000.exe"
winpcap-nmap 4.02-->"C:\Program Files (x86)\WinPcap\uninstall.exe"
WinRAR archiver-->C:\Program Files (x86)\WinRar\uninstall.exe
Xilisoft Video Converter Ultimate-->C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe
Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
======Hosts File======
127.0.0.1 localhost
127.0.0.1 atwola.com
72.167.163.234 ads1.msn.com
38.113.174.32 dehp.myspace.com
38.113.174.32 demr.myspace.com
38.113.174.32 desk.myspace.com
38.113.174.32 delb.myspace.com
38.113.174.32 delb2.myspace.com
38.113.174.32 debr.myspace.com
======Security center information======
AV: Kaspersky Internet Security (disabled)
FW: Kaspersky Internet Security
AS: Windows Defender
AS: Kaspersky Internet Security (disabled)
======System event log======
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52582
Source Name: Tcpip
Time Written: 20090525004021.329710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52586
Source Name: Tcpip
Time Written: 20090525004649.626710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52587
Source Name: Tcpip
Time Written: 20090525005453.098710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52588
Source Name: Tcpip
Time Written: 20090525011141.665710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52591
Source Name: Tcpip
Time Written: 20090525014459.899710-000
Event Type: Warning
User:
=====Application event log=====
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xe20, application start time 0x01c9dccf675223a2.
Record Number: 19516
Source Name: Application Error
Time Written: 20090525002622.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xdc0, application start time 0x01c9dccf7267d0f2.
Record Number: 19518
Source Name: Application Error
Time Written: 20090525002641.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xc14, application start time 0x01c9dccf7e7795b2.
Record Number: 19520
Source Name: Application Error
Time Written: 20090525002702.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0x144, application start time 0x01c9dccf8aead732.
Record Number: 19522
Source Name: Application Error
Time Written: 20090525002722.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xb70, application start time 0x01c9dccf964c0c72.
Record Number: 19524
Source Name: Application Error
Time Written: 20090525002740.000000-000
Event Type: Error
User:
=====Security event log=====
Computer Name: ROLF-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 15834
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235257.901710-000
Event Type: Audit Success
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15835
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235339.472710-000
Event Type: Audit Failure
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15836
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235953.372710-000
Event Type: Audit Failure
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15837
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235953.372710-000
Event Type: Audit Failure
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15838
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235953.377710-000
Event Type: Audit Failure
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\CyberLink\Power2Go;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files (x86)\backburner 2\;C:\Program Files (x86)\Autodesk\backburner\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=AMD64 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
et voila le log
Logfile of random's system information tool 1.06 (written by random/random)
Run by ROLF at 2009-05-24 21:06:20
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 49 GB (22%) free of 225 GB
Total RAM: 3837 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:43, on 24/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\ROLF\Documents\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\ROLF.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
R3 - URLSearchHook: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O1 - Hosts: 72.167.163.234 ads1.msn.com
O1 - Hosts: 38.113.174.32 dehp.myspace.com
O1 - Hosts: 38.113.174.32 demr.myspace.com
O1 - Hosts: 38.113.174.32 desk.myspace.com
O1 - Hosts: 38.113.174.32 delb.myspace.com
O1 - Hosts: 38.113.174.32 delb2.myspace.com
O1 - Hosts: 38.113.174.32 debr.myspace.com
O1 - Hosts: 68.178.151.28 view.atdmt.com
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O3 - Toolbar: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [P2Pcontrol] "C:\Program Files (x86)\P2Pcontrol\p2control.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [L08FXLRD_15765866] "C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [link 1] "C:\ProgramData\Default44.ch3dt"
O4 - HKCU\..\Run: [Long Internet Team Stupid] "C:\ProgramData\AIM LOG SURF.o638n"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files (x86)\Download Express\Add_Url.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14944 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24cc1362-11c6-4918-a2c0-b9ee5a563185}]
ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Microsoft Live Search Toolbar Helper - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-05-18 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - Microsoft Live Search Toolbar - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
{24cc1362-11c6-4918-a2c0-b9ee5a563185} - ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-05-18 148888]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]
""= []
"Adobe_ID0EYTHM"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"P2Pcontrol"=C:\Program Files (x86)\P2Pcontrol\p2control.exe [2009-05-13 184320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2009-03-09 270128]
"L08FXLRD_15765866"=C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE [2007-06-12 351000]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"link 1"=C:\ProgramData\Default44.ch3dt [2009-05-24 344080]
"Long Internet Team Stupid"=C:\ProgramData\AIM LOG SURF.o638n [2009-05-24 245776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFind"=0
"NoFolderOptions"=0
"NoRun"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.reg - open - "regedit.exe" "%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2009-05-24 21:06:20 ----D---- C:\rsit
2009-05-24 19:10:23 ----RASHD---- C:\autorun.inf
2009-05-24 18:48:54 ----A---- C:\UsbFix.txt
2009-05-24 18:02:52 ----D---- C:\UsbFix
2009-05-24 17:31:42 ----D---- C:\Program Files (x86)\P2Pcontrol
2009-05-24 17:30:22 ----D---- C:\ProgramData\comp two long internet
2009-05-24 17:29:23 ----D---- C:\Program Files (x86)\3wPlayer
2009-05-24 17:29:03 ----D---- C:\ProgramData\Proc Dead Junk
2009-05-24 17:22:33 ----D---- C:\ComboFix
2009-05-24 17:22:30 ----A---- C:\Windows\system32\CF21662.exe
2009-05-24 17:00:57 ----A---- C:\Windows\system32\CF17299.exe
2009-05-24 17:00:55 ----A---- C:\Windows\system32\swsc.exe
2009-05-24 17:00:08 ----D---- C:\Qoobox
2009-05-24 16:59:37 ----A---- C:\Bug.txt
2009-05-24 16:59:35 ----A---- C:\Windows\system32\cmd.execf
2009-05-24 15:53:43 ----D---- C:\Program Files (x86)\Trend Micro
2009-05-24 15:19:43 ----SHD---- C:\Config.Msi
2009-05-23 05:00:00 ----D---- C:\Program Files (x86)\UnH Solutions
2009-05-19 18:16:59 ----D---- C:\Users\ROLF\AppData\Roaming\CVitae
2009-05-19 18:16:34 ----D---- C:\Program Files (x86)\MonProduit
2009-05-18 10:38:30 ----A---- C:\Windows\system32\javaws.exe
2009-05-18 10:38:30 ----A---- C:\Windows\system32\deploytk.dll
2009-05-18 10:38:29 ----A---- C:\Windows\system32\javaw.exe
2009-05-18 10:38:29 ----A---- C:\Windows\system32\java.exe
2009-05-16 17:32:18 ----D---- C:\Program Files (x86)\ArchiBar
2009-05-16 16:00:48 ----D---- C:\Program Files (x86)\FunWebProducts
2009-05-16 13:42:10 ----D---- C:\Programs
2009-05-16 13:42:07 ----D---- C:\Temp
2009-05-16 13:42:03 ----D---- C:\Program Files (x86)\SharkMate
2009-05-14 11:55:58 ----D---- C:\Windows\system32\Adobe
2009-05-14 05:29:07 ----D---- C:\Program Files (x86)\Mulgra
2009-05-14 05:04:57 ----D---- C:\Program Files (x86)\WinPcap
2009-05-13 19:34:35 ----D---- C:\Users\ROLF\AppData\Roaming\Poser Pro
2009-05-12 11:41:39 ----D---- C:\Users\ROLF\AppData\Roaming\Autodesk
2009-05-12 11:40:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-05-11 17:34:31 ----D---- C:\Program Files (x86)\Microsoft
2009-05-11 17:34:13 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-05-10 21:22:32 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-05-10 21:16:29 ----D---- C:\Users\ROLF\AppData\Roaming\Anthropics
2009-05-10 20:22:38 ----D---- C:\Users\ROLF\AppData\Roaming\Thinstall
2009-05-09 06:12:24 ----D---- C:\ProgramData\AMV Converter Studio
2009-05-09 05:28:26 ----D---- C:\Users\ROLF\AppData\Roaming\ImTOO Software Studio
2009-05-08 18:34:40 ----D---- C:\Program Files (x86)\Common Files\SWF Studio
2009-05-07 14:22:09 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-05-07 14:22:09 ----D---- C:\Program Files (x86)\PC Drivers HeadQuarters
2009-05-07 14:00:15 ----D---- C:\Users\ROLF\AppData\Roaming\GetRightToGo
2009-05-02 21:13:33 ----D---- C:\Program Files (x86)\onOne Software
2009-05-02 21:01:10 ----D---- C:\ProgramData\FLEXnet
2009-05-02 20:50:31 ----D---- C:\Program Files (x86)\Common Files\Control Panels
2009-05-02 20:46:36 ----D---- C:\ProgramData\ALM
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32_FlashUtil.exe
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32.dll
2009-05-02 13:25:31 ----D---- C:\Program Files (x86)\Kaspersky Lab
2009-05-02 13:25:29 ----D---- C:\ProgramData\Kaspersky Lab
2009-05-02 10:03:03 ----D---- C:\Windows\Minidump
2009-05-02 05:54:46 ----D---- C:\Users\ROLF\AppData\Roaming\dvdcss
2009-05-02 03:09:44 ----A---- C:\Windows\system32\ieframe.dll
2009-05-02 03:09:43 ----A---- C:\Windows\system32\iertutil.dll
2009-05-02 03:09:42 ----A---- C:\Windows\system32\mshtml.dll
2009-05-02 03:09:40 ----A---- C:\Windows\system32\ieencode.dll
2009-05-02 03:09:39 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-02 03:09:39 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-02 03:09:38 ----A---- C:\Windows\system32\wininet.dll
2009-05-02 03:09:38 ----A---- C:\Windows\system32\mstime.dll
2009-05-02 03:09:38 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-02 03:09:37 ----A---- C:\Windows\system32\urlmon.dll
2009-05-02 03:09:37 ----A---- C:\Windows\system32\occache.dll
2009-05-02 03:09:35 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-02 03:09:35 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\sdohlp.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iasrecst.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iashost.exe
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iasdatastore.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iasads.dll
2009-05-02 03:06:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-05-01 17:42:22 ----D---- C:\Program Files (x86)\Ask Search Assistant
2009-05-01 17:20:37 ----A---- C:\Windows\system32\EncDec.dll
2009-05-01 17:20:36 ----A---- C:\Windows\system32\psisdecd.dll
2009-05-01 17:02:05 ----A---- C:\Windows\system32\winhttp.dll
2009-05-01 17:01:45 ----A---- C:\Windows\system32\secur32.dll
2009-05-01 17:01:45 ----A---- C:\Windows\system32\kernel32.dll
2009-05-01 17:01:44 ----A---- C:\Windows\system32\apilogen.dll
2009-05-01 17:01:44 ----A---- C:\Windows\system32\amxread.dll
2009-05-01 10:59:47 ----A---- C:\Windows\system32\msdtcprx.dll
2009-05-01 10:59:46 ----A---- C:\Windows\system32\xolehlp.dll
2009-05-01 10:58:55 ----A---- C:\Windows\system32\schannel.dll
======List of files/folders modified in the last 1 months======
2009-05-24 21:07:22 ----D---- C:\Users\ROLF\AppData\Roaming\uTorrent
2009-05-24 21:06:54 ----D---- C:\Windows\Temp
2009-05-24 19:54:03 ----A---- C:\Windows\ntbtlog.txt
2009-05-24 19:20:33 ----SHD---- C:\$RECYCLE.BIN
2009-05-24 19:10:28 ----D---- C:\Windows\Prefetch
2009-05-24 18:56:39 ----D---- C:\Windows\System32
2009-05-24 18:56:39 ----D---- C:\Windows\inf
2009-05-24 18:37:12 ----HD---- C:\ProgramData
2009-05-24 17:34:08 ----SHD---- C:\System Volume Information
2009-05-24 17:31:42 ----RD---- C:\Program Files (x86)
2009-05-24 17:31:33 ----D---- C:\Windows\system32\drivers
2009-05-24 17:22:30 ----D---- C:\Windows\SysWOW64
2009-05-24 16:01:45 ----D---- C:\Program Files (x86)\Red Kawa
2009-05-24 15:26:10 ----SHD---- C:\Windows\Installer
2009-05-24 15:23:20 ----D---- C:\Program Files (x86)\Common Files\Ahead
2009-05-24 15:17:56 ----A---- C:\Windows\Irremote.ini
2009-05-24 15:17:47 ----D---- C:\Windows\pss
2009-05-20 23:57:13 ----A---- C:\Windows\win.ini
2009-05-19 21:11:50 ----SD---- C:\Users\ROLF\AppData\Roaming\Microsoft
2009-05-18 20:57:19 ----D---- C:\Windows
2009-05-18 20:56:23 ----D---- C:\ProgramData\Adobe
2009-05-18 20:47:31 ----D---- C:\Program Files (x86)\Adobe
2009-05-18 20:34:53 ----RSD---- C:\Windows\Fonts
2009-05-18 20:26:34 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-05-18 10:37:41 ----D---- C:\Program Files (x86)\Java
2009-05-17 13:06:34 ----D---- C:\Program Files (x86)\Xilisoft
%
info.txt logfile of random's system information tool 1.06 2009-05-24 21:08:08
======Uninstall list======
-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Big City Adventures San Francisco\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Diner Dash Hometown Hero\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Dream Chronicles 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Family Feud 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\JoJo's Fashion Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Luxor 3\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Hidden Object Game Show\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\The Price is Right\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Tradewinds Legends\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Wheel of Fortune 2\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
3wPlayer-->C:\Program Files (x86)\3wPlayer\uninstall.exe
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\Installers\5ac697db6c6103f6f8b5198d25f73f7\Setup.exe
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
Adobe After Effects CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{0CEC06EF-5052-4CE8-8256-74AE363A4238}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe ExtendScript Toolkit 2-->C:\Program Files (x86)\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.2-->MsiExec.exe /I{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}
Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArchiBar Toolbar-->C:\PROGRA~2\ArchiBar\UNWISE.EXE /U C:\PROGRA~2\ArchiBar\INSTALL.LOG
ASIO4ALL-->C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe
Ask.com Search Assistant 1.0.1-->C:\Program Files (x86)\Ask Search Assistant\uninst.exe
Autodesk 3ds Max 8 Additional Maps and Materials-->MsiExec.exe /I{59D070F5-CCE6-418B-84A3-CCA63D75ED8A}
Autodesk 3ds Max 8 Architectural Materials-->MsiExec.exe /I{28FDF917-8750-4A54-9E05-D7798E699B47}
Autodesk 3ds Max 8 Reference Files-->MsiExec.exe /I{73C935A7-36C6-48B5-A32E-FD5BD96FD25C}
Autodesk 3ds Max 8-->MsiExec.exe /I{DBB313D6-4B13-4961-BD5F-673CDA1793CC}
Autodesk DWF Viewer-->C:\PROGRA~2\Autodesk\AUTODE~1\Setup.exe /remove
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Catalyst Control Center - Branding-->MsiExec.exe /I{558FF444-F562-4E4C-98BD-7B20EE184D2E}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CINEMA 4D Release 10 Architecture Edition-->C:\Windows\unvise32.exe C:\Program Files (x86)\MAXON\CINEMA 4D R10\uninstal_C4D.log
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
Driver Detective-->C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
FL Studio 8-->C:\Program Files (x86)\Image-Line\FL Studio 8\uninstall.exe
FLV Player 1.3.3-->"C:\Program Files (x86)\FLVPlayer\uninstall.exe"
GuitarFX 3-->C:\PROGRA~2\GUITAR~1\UNWISE.EXE C:\PROGRA~2\GUITAR~1\INSTALL.LOG
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall
HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MULTIPLE MODEM INSTALLER for VISTA-->MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Quick Launch Buttons 6.40 H2-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0125-->MsiExec.exe /X{C4CF43CE-94AE-498E-9EB1-C804E05CB3CA}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPTCSSetup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{30D3B7BC-5798-45D9-822D-05CA18F39E99}\setup.exe" -l0x9 -removeonly
IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x9 -remove -removeonly
IL Download Manager-->C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Juno Preloader-->MsiExec.exe /X{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Mask Pro 4.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2DFAC810-6DD8-4E23-96A4-BEB118408203}\setup.exe" -l0x9 -uninst -removeonly
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
MetaProducts Download Express-->C:\Program Files (x86)\Download Express\dep.exe /UnInstall
Microsoft Encarta 2008 - Études-->MsiExec.exe /I{08181881-FCA5-44A7-B863-D66037A16AAF}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Live Search Toolbar-->MsiExec.exe /X{6A370610-3778-44AF-9AAC-69B2FD1A3356}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft Visual C# 2008 Express Edition - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual C# 2008 Express Edition - ENU\setup.exe
Microsoft Visual C# 2008 Express Edition - ENU-->MsiExec.exe /X{2D07422C-CA35-375A-A3A8-3631AB85BFE5}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Microsoft Visual Studio 2008 Express Editions-->C:\Program Files (x86)\Microsoft Visual Studio 9.0\MSDN Library for Microsoft Visual Studio 2008 Express Editions\install.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
My HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
NetZero Preloader-->MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
P2Pcontrol 1.0-->C:\Program Files (x86)\P2Pcontrol\uninst.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PoiZone-->C:\Program Files (x86)\Image-Line\PoiZone\uninstall.exe
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Product Key Explorer 1.9.6-->"C:\Program Files (x86)\Nsasoft\ProductKeyExplorer\unins000.exe"
Pure Networks Network Magic-->C:\Program Files (x86)\Pure Networks\Network Magic\Uninstall.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Samsung USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{713E5AB1-2389-43A6-8313-CB4D3C44C4FA}\Setup.exe" anything
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
SharkMate 1.30-->C:\Program Files (x86)\SharkMate\uninst.exe
Slingbox - Watch Your TV Anywhere-->MsiExec.exe /X{7B798B31-2F33-4DC8-BDA4-D36488E86636}
SlingPlayer-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{004B0DCB-4C60-465B-8F01-44B0A4111187} /l1033
Smart Defrag 1.03-->"C:\Program Files (x86)\IObit\IObit SmartDefrag\unins000.exe"
SPORE Creature Creator Trial Edition-->"C:\Program Files (x86)\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
SWF Opener-->"C:\Program Files (x86)\UnH Solutions\SWF Opener\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
ToggleEN Toolbar-->C:\PROGRA~2\ToggleEN\UNWISE.EXE /U C:\PROGRA~2\ToggleEN\INSTALL.LOG
Toxic Biohazard-->C:\Program Files (x86)\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
UsbFix-->C:\UsbFix\Uninstal.exe
VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}
Video URL Extractor-->MsiExec.exe /I{1FACEA04-5C3B-4F1E-BD5D-F77F027BD0B8}
VideoLAN VLC media player 0.8.6d-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSO CopyToDVD 4-->"C:\Program Files (x86)\VSO\unins000.exe"
WBEncarta-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files (x86)\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinHTTrack Website Copier 3.43-3-->"C:\Program Files (x86)\WinHTTrack\unins000.exe"
winpcap-nmap 4.02-->"C:\Program Files (x86)\WinPcap\uninstall.exe"
WinRAR archiver-->C:\Program Files (x86)\WinRar\uninstall.exe
Xilisoft Video Converter Ultimate-->C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe
Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
======Hosts File======
127.0.0.1 localhost
127.0.0.1 atwola.com
72.167.163.234 ads1.msn.com
38.113.174.32 dehp.myspace.com
38.113.174.32 demr.myspace.com
38.113.174.32 desk.myspace.com
38.113.174.32 delb.myspace.com
38.113.174.32 delb2.myspace.com
38.113.174.32 debr.myspace.com
======Security center information======
AV: Kaspersky Internet Security (disabled)
FW: Kaspersky Internet Security
AS: Windows Defender
AS: Kaspersky Internet Security (disabled)
======System event log======
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52582
Source Name: Tcpip
Time Written: 20090525004021.329710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52586
Source Name: Tcpip
Time Written: 20090525004649.626710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52587
Source Name: Tcpip
Time Written: 20090525005453.098710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52588
Source Name: Tcpip
Time Written: 20090525011141.665710-000
Event Type: Warning
User:
Computer Name: ROLF-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 52591
Source Name: Tcpip
Time Written: 20090525014459.899710-000
Event Type: Warning
User:
=====Application event log=====
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xe20, application start time 0x01c9dccf675223a2.
Record Number: 19516
Source Name: Application Error
Time Written: 20090525002622.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xdc0, application start time 0x01c9dccf7267d0f2.
Record Number: 19518
Source Name: Application Error
Time Written: 20090525002641.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xc14, application start time 0x01c9dccf7e7795b2.
Record Number: 19520
Source Name: Application Error
Time Written: 20090525002702.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0x144, application start time 0x01c9dccf8aead732.
Record Number: 19522
Source Name: Application Error
Time Written: 20090525002722.000000-000
Event Type: Error
User:
Computer Name: ROLF-PC
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.6001.18164, time stamp 0x4907e242, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0xb70, application start time 0x01c9dccf964c0c72.
Record Number: 19524
Source Name: Application Error
Time Written: 20090525002740.000000-000
Event Type: Error
User:
=====Security event log=====
Computer Name: ROLF-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 15834
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235257.901710-000
Event Type: Audit Success
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15835
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235339.472710-000
Event Type: Audit Failure
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15836
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235953.372710-000
Event Type: Audit Failure
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15837
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235953.372710-000
Event Type: Audit Failure
User:
Computer Name: ROLF-PC
Event Code: 5032
Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
Error Code: 2
Record Number: 15838
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524235953.377710-000
Event Type: Audit Failure
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\CyberLink\Power2Go;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files (x86)\backburner 2\;C:\Program Files (x86)\Autodesk\backburner\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=AMD64 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
et voila le log
Logfile of random's system information tool 1.06 (written by random/random)
Run by ROLF at 2009-05-24 21:06:20
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 49 GB (22%) free of 225 GB
Total RAM: 3837 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:43, on 24/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\ROLF\Documents\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\ROLF.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ht&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
R3 - URLSearchHook: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O1 - Hosts: 72.167.163.234 ads1.msn.com
O1 - Hosts: 38.113.174.32 dehp.myspace.com
O1 - Hosts: 38.113.174.32 demr.myspace.com
O1 - Hosts: 38.113.174.32 desk.myspace.com
O1 - Hosts: 38.113.174.32 delb.myspace.com
O1 - Hosts: 38.113.174.32 delb2.myspace.com
O1 - Hosts: 38.113.174.32 debr.myspace.com
O1 - Hosts: 68.178.151.28 view.atdmt.com
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files (x86)\ToggleEN\tbTog0.dll
O3 - Toolbar: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files (x86)\ArchiBar\tbArch.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [P2Pcontrol] "C:\Program Files (x86)\P2Pcontrol\p2control.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [L08FXLRD_15765866] "C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [link 1] "C:\ProgramData\Default44.ch3dt"
O4 - HKCU\..\Run: [Long Internet Team Stupid] "C:\ProgramData\AIM LOG SURF.o638n"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files (x86)\Download Express\Add_Url.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - (no file)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files (x86)\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14944 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24cc1362-11c6-4918-a2c0-b9ee5a563185}]
ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Microsoft Live Search Toolbar Helper - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-05-18 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - Microsoft Live Search Toolbar - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28 86032]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files (x86)\ToggleEN\tbTog0.dll [2008-11-24 1784856]
{24cc1362-11c6-4918-a2c0-b9ee5a563185} - ArchiBar Toolbar - C:\Program Files (x86)\ArchiBar\tbArch.dll [2009-05-12 2094104]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-05-18 148888]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]
""= []
"Adobe_ID0EYTHM"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"P2Pcontrol"=C:\Program Files (x86)\P2Pcontrol\p2control.exe [2009-05-13 184320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2009-03-09 270128]
"L08FXLRD_15765866"=C:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE [2007-06-12 351000]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"link 1"=C:\ProgramData\Default44.ch3dt [2009-05-24 344080]
"Long Internet Team Stupid"=C:\ProgramData\AIM LOG SURF.o638n [2009-05-24 245776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFind"=0
"NoFolderOptions"=0
"NoRun"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.reg - open - "regedit.exe" "%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2009-05-24 21:06:20 ----D---- C:\rsit
2009-05-24 19:10:23 ----RASHD---- C:\autorun.inf
2009-05-24 18:48:54 ----A---- C:\UsbFix.txt
2009-05-24 18:02:52 ----D---- C:\UsbFix
2009-05-24 17:31:42 ----D---- C:\Program Files (x86)\P2Pcontrol
2009-05-24 17:30:22 ----D---- C:\ProgramData\comp two long internet
2009-05-24 17:29:23 ----D---- C:\Program Files (x86)\3wPlayer
2009-05-24 17:29:03 ----D---- C:\ProgramData\Proc Dead Junk
2009-05-24 17:22:33 ----D---- C:\ComboFix
2009-05-24 17:22:30 ----A---- C:\Windows\system32\CF21662.exe
2009-05-24 17:00:57 ----A---- C:\Windows\system32\CF17299.exe
2009-05-24 17:00:55 ----A---- C:\Windows\system32\swsc.exe
2009-05-24 17:00:08 ----D---- C:\Qoobox
2009-05-24 16:59:37 ----A---- C:\Bug.txt
2009-05-24 16:59:35 ----A---- C:\Windows\system32\cmd.execf
2009-05-24 15:53:43 ----D---- C:\Program Files (x86)\Trend Micro
2009-05-24 15:19:43 ----SHD---- C:\Config.Msi
2009-05-23 05:00:00 ----D---- C:\Program Files (x86)\UnH Solutions
2009-05-19 18:16:59 ----D---- C:\Users\ROLF\AppData\Roaming\CVitae
2009-05-19 18:16:34 ----D---- C:\Program Files (x86)\MonProduit
2009-05-18 10:38:30 ----A---- C:\Windows\system32\javaws.exe
2009-05-18 10:38:30 ----A---- C:\Windows\system32\deploytk.dll
2009-05-18 10:38:29 ----A---- C:\Windows\system32\javaw.exe
2009-05-18 10:38:29 ----A---- C:\Windows\system32\java.exe
2009-05-16 17:32:18 ----D---- C:\Program Files (x86)\ArchiBar
2009-05-16 16:00:48 ----D---- C:\Program Files (x86)\FunWebProducts
2009-05-16 13:42:10 ----D---- C:\Programs
2009-05-16 13:42:07 ----D---- C:\Temp
2009-05-16 13:42:03 ----D---- C:\Program Files (x86)\SharkMate
2009-05-14 11:55:58 ----D---- C:\Windows\system32\Adobe
2009-05-14 05:29:07 ----D---- C:\Program Files (x86)\Mulgra
2009-05-14 05:04:57 ----D---- C:\Program Files (x86)\WinPcap
2009-05-13 19:34:35 ----D---- C:\Users\ROLF\AppData\Roaming\Poser Pro
2009-05-12 11:41:39 ----D---- C:\Users\ROLF\AppData\Roaming\Autodesk
2009-05-12 11:40:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-05-11 17:34:31 ----D---- C:\Program Files (x86)\Microsoft
2009-05-11 17:34:13 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-05-10 21:22:32 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-05-10 21:16:29 ----D---- C:\Users\ROLF\AppData\Roaming\Anthropics
2009-05-10 20:22:38 ----D---- C:\Users\ROLF\AppData\Roaming\Thinstall
2009-05-09 06:12:24 ----D---- C:\ProgramData\AMV Converter Studio
2009-05-09 05:28:26 ----D---- C:\Users\ROLF\AppData\Roaming\ImTOO Software Studio
2009-05-08 18:34:40 ----D---- C:\Program Files (x86)\Common Files\SWF Studio
2009-05-07 14:22:09 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-05-07 14:22:09 ----D---- C:\Program Files (x86)\PC Drivers HeadQuarters
2009-05-07 14:00:15 ----D---- C:\Users\ROLF\AppData\Roaming\GetRightToGo
2009-05-02 21:13:33 ----D---- C:\Program Files (x86)\onOne Software
2009-05-02 21:01:10 ----D---- C:\ProgramData\FLEXnet
2009-05-02 20:50:31 ----D---- C:\Program Files (x86)\Common Files\Control Panels
2009-05-02 20:46:36 ----D---- C:\ProgramData\ALM
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32_FlashUtil.exe
2009-05-02 20:42:56 ----A---- C:\Windows\system32\NPSWF32.dll
2009-05-02 13:25:31 ----D---- C:\Program Files (x86)\Kaspersky Lab
2009-05-02 13:25:29 ----D---- C:\ProgramData\Kaspersky Lab
2009-05-02 10:03:03 ----D---- C:\Windows\Minidump
2009-05-02 05:54:46 ----D---- C:\Users\ROLF\AppData\Roaming\dvdcss
2009-05-02 03:09:44 ----A---- C:\Windows\system32\ieframe.dll
2009-05-02 03:09:43 ----A---- C:\Windows\system32\iertutil.dll
2009-05-02 03:09:42 ----A---- C:\Windows\system32\mshtml.dll
2009-05-02 03:09:40 ----A---- C:\Windows\system32\ieencode.dll
2009-05-02 03:09:39 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-02 03:09:39 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-02 03:09:38 ----A---- C:\Windows\system32\wininet.dll
2009-05-02 03:09:38 ----A---- C:\Windows\system32\mstime.dll
2009-05-02 03:09:38 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-02 03:09:37 ----A---- C:\Windows\system32\urlmon.dll
2009-05-02 03:09:37 ----A---- C:\Windows\system32\occache.dll
2009-05-02 03:09:35 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-02 03:09:35 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\sdohlp.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iasrecst.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iashost.exe
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iasdatastore.dll
2009-05-02 03:08:49 ----A---- C:\Windows\system32\iasads.dll
2009-05-02 03:06:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-05-01 17:42:22 ----D---- C:\Program Files (x86)\Ask Search Assistant
2009-05-01 17:20:37 ----A---- C:\Windows\system32\EncDec.dll
2009-05-01 17:20:36 ----A---- C:\Windows\system32\psisdecd.dll
2009-05-01 17:02:05 ----A---- C:\Windows\system32\winhttp.dll
2009-05-01 17:01:45 ----A---- C:\Windows\system32\secur32.dll
2009-05-01 17:01:45 ----A---- C:\Windows\system32\kernel32.dll
2009-05-01 17:01:44 ----A---- C:\Windows\system32\apilogen.dll
2009-05-01 17:01:44 ----A---- C:\Windows\system32\amxread.dll
2009-05-01 10:59:47 ----A---- C:\Windows\system32\msdtcprx.dll
2009-05-01 10:59:46 ----A---- C:\Windows\system32\xolehlp.dll
2009-05-01 10:58:55 ----A---- C:\Windows\system32\schannel.dll
======List of files/folders modified in the last 1 months======
2009-05-24 21:07:22 ----D---- C:\Users\ROLF\AppData\Roaming\uTorrent
2009-05-24 21:06:54 ----D---- C:\Windows\Temp
2009-05-24 19:54:03 ----A---- C:\Windows\ntbtlog.txt
2009-05-24 19:20:33 ----SHD---- C:\$RECYCLE.BIN
2009-05-24 19:10:28 ----D---- C:\Windows\Prefetch
2009-05-24 18:56:39 ----D---- C:\Windows\System32
2009-05-24 18:56:39 ----D---- C:\Windows\inf
2009-05-24 18:37:12 ----HD---- C:\ProgramData
2009-05-24 17:34:08 ----SHD---- C:\System Volume Information
2009-05-24 17:31:42 ----RD---- C:\Program Files (x86)
2009-05-24 17:31:33 ----D---- C:\Windows\system32\drivers
2009-05-24 17:22:30 ----D---- C:\Windows\SysWOW64
2009-05-24 16:01:45 ----D---- C:\Program Files (x86)\Red Kawa
2009-05-24 15:26:10 ----SHD---- C:\Windows\Installer
2009-05-24 15:23:20 ----D---- C:\Program Files (x86)\Common Files\Ahead
2009-05-24 15:17:56 ----A---- C:\Windows\Irremote.ini
2009-05-24 15:17:47 ----D---- C:\Windows\pss
2009-05-20 23:57:13 ----A---- C:\Windows\win.ini
2009-05-19 21:11:50 ----SD---- C:\Users\ROLF\AppData\Roaming\Microsoft
2009-05-18 20:57:19 ----D---- C:\Windows
2009-05-18 20:56:23 ----D---- C:\ProgramData\Adobe
2009-05-18 20:47:31 ----D---- C:\Program Files (x86)\Adobe
2009-05-18 20:34:53 ----RSD---- C:\Windows\Fonts
2009-05-18 20:26:34 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-05-18 10:37:41 ----D---- C:\Program Files (x86)\Java
2009-05-17 13:06:34 ----D---- C:\Program Files (x86)\Xilisoft
%
dédétraqué
le 25 mai 2009 à 04h42
Salut wildwoolfy
Ton rapport n'est pas complet, utilise cjoint.com pour poster en lien ton rapport :
http://cjoint.com/
- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint
- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.
Si ton rapport plus grand que 500Ko ici : http://www.sendspace.com/
Poste seulement la rapport log.txt
@++
Ton rapport n'est pas complet, utilise cjoint.com pour poster en lien ton rapport :
http://cjoint.com/
- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint
- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.
Si ton rapport plus grand que 500Ko ici : http://www.sendspace.com/
Poste seulement la rapport log.txt
@++
wildwoolfy
le 25 mai 2009 à 05h21
salut
voila l'info
http://cjoint.com/?fzftBwhOUS
et voila le log
http://cjoint.com/?fzfuMxCCOB
voila merci de votre patience
voila l'info
http://cjoint.com/?fzftBwhOUS
et voila le log
http://cjoint.com/?fzfuMxCCOB
voila merci de votre patience
dédétraqué
le 25 mai 2009 à 12h44
Salut wildwoolfy
Via Programmes et fonctionnalités désinstalle 3wPlayer et Ask.com Search Assistant
Supprime si encore présent :
C:\Program Files (x86)\3wPlayer
C:\Program Files (x86)\Ask Search Assistant
Important : Désactive toute protection résidente ! (Antivirus, antispywares) :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
Télécharge Lop S&D sur ton bureau ici :
http://eric.71.mespages.googlepages.com/LopSD.exe
- Double clique sur LopSD.exe qui est sur le bureau pour lancer l'installation
- Double clique sur le raccourci Lop S&D créé sur ton Bureau
- Sélectionne la langue souhaitée et choisis l'option 1 (Recherche)
- Poste le rapport (C:\lopR.txt) dans ton prochain poste
Note : Si le bureau ne réapparaît pas appuis sur Ctrl + Alt + Suppr , le gestionnaire des tâche apparaît. Dans le haut clique sur Fichier/Nouvelle tâche, tape explorer.exe et OK pour valider
Tutoriel : http://www.malekal.com/tutorial_Lop_SD.php
@++
Via Programmes et fonctionnalités désinstalle 3wPlayer et Ask.com Search Assistant
Supprime si encore présent :
C:\Program Files (x86)\3wPlayer
C:\Program Files (x86)\Ask Search Assistant
Important : Désactive toute protection résidente ! (Antivirus, antispywares) :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
Télécharge Lop S&D sur ton bureau ici :
http://eric.71.mespages.googlepages.com/LopSD.exe
- Double clique sur LopSD.exe qui est sur le bureau pour lancer l'installation
- Double clique sur le raccourci Lop S&D créé sur ton Bureau
- Sélectionne la langue souhaitée et choisis l'option 1 (Recherche)
- Poste le rapport (C:\lopR.txt) dans ton prochain poste
Note : Si le bureau ne réapparaît pas appuis sur Ctrl + Alt + Suppr , le gestionnaire des tâche apparaît. Dans le haut clique sur Fichier/Nouvelle tâche, tape explorer.exe et OK pour valider
Tutoriel : http://www.malekal.com/tutorial_Lop_SD.php
@++
-->Message édité par dédétraqué le 25/05/2009 12:46:17<--
wildwoolfy
le 25 mai 2009 à 19h58
Salut dedetraque quand je lance le LOPSD j'ai ce messaj la program compatibilty assistance "if this program didn't install correctly try reinstalling using settings that are compatible with this version of windows"
qu dois je faire dans ce cas jai essaiye plus de deux fois
qu dois je faire dans ce cas jai essaiye plus de deux fois
dédétraqué
le 25 mai 2009 à 23h54
Salut wildwoolfy
-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Mets le à jour
---
- Redémarre en mode sans échec :
Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php
@++
-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Mets le à jour
---
- Redémarre en mode sans échec :
Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php
@++
wildwoolfy
le 26 mai 2009 à 04h04
salut dedetraque
jai fait tous les etapes
voila les rapports
http://cjoint.com/?fAecrqeXZo
et
http://cjoint.com/?fAec0614HP
merci
jai fait tous les etapes
voila les rapports
http://cjoint.com/?fAecrqeXZo
et
http://cjoint.com/?fAec0614HP
merci
dédétraqué
le 26 mai 2009 à 04h11
Salut wildwoolfy
Bon, maintenant va falloir travailler manuellement, pas grand logiciel compatible avec vista64.
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
Bon, maintenant va falloir travailler manuellement, pas grand logiciel compatible avec vista64.
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
wildwoolfy
le 26 mai 2009 à 04h29
dédétraqué
le 26 mai 2009 à 04h39
Salut wildwoolfy
As-tu installer ces toolbar?
ToggleEN Toolbar
ArchiBar Toolbar
Connais-tu ce programme :
C:\Program Files (x86)\P2Pcontrol
@++
As-tu installer ces toolbar?
ToggleEN Toolbar
ArchiBar Toolbar
Connais-tu ce programme :
C:\Program Files (x86)\P2Pcontrol
@++
wildwoolfy
le 26 mai 2009 à 04h42
oui j'ai installe archibar mais toggleEn non jai pa installe, P2p control je connais pas vraiment
dédétraqué
le 26 mai 2009 à 04h52
Salut wildwoolfy
Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
Double-clique sur OTMoveIt3.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3
Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
Double-clique sur OTMoveIt3.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3
Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
wildwoolfy
le 26 mai 2009 à 05h08
ok c'est fait et voila le resultat
http://cjoint.com/?fAfhhIrZiR
http://cjoint.com/?fAfhhIrZiR
dédétraqué
le 26 mai 2009 à 05h34
Salut wildwoolfy
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
wildwoolfy
le 26 mai 2009 à 05h41
dédétraqué
le 27 mai 2009 à 05h06
Salut wildwoolfy
Clique sur le menu Démarrer/Tous les programmes/Accessoires, clique avec le bouton droit sur Bloc-notes, puis clique sur Exécuter en tant qu'administrateur.
Ouvre le fichier Hosts via le menu Fichier > Ouvrir :
C:\Windows\System32\drivers\etc\hosts
Supprime toutes les lignes, excepté celle-ci :
127.0.0.1 localhost
Puis clique sur Enregistrer dans le menu Edition, ferme le bloc-notes.
-----
Double-clique sur OTMoveIt3.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3
Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
Clique sur le menu Démarrer/Tous les programmes/Accessoires, clique avec le bouton droit sur Bloc-notes, puis clique sur Exécuter en tant qu'administrateur.
Ouvre le fichier Hosts via le menu Fichier > Ouvrir :
C:\Windows\System32\drivers\etc\hosts
Supprime toutes les lignes, excepté celle-ci :
127.0.0.1 localhost
Puis clique sur Enregistrer dans le menu Edition, ferme le bloc-notes.
-----
Double-clique sur OTMoveIt3.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3
Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
wildwoolfy
le 27 mai 2009 à 05h47
salut dedetraque
jespere que tout va tres bien pour toi car cela fait des jours que tu m'aide. merci
bon j'ai suivi tes instructions et voila les rapports
http://cjoint.com/?fBfTWl6Rlj
http://cjoint.com/?fBfUKP2jeh
voila et merci encore
jespere que tout va tres bien pour toi car cela fait des jours que tu m'aide. merci
bon j'ai suivi tes instructions et voila les rapports
http://cjoint.com/?fBfTWl6Rlj
http://cjoint.com/?fBfUKP2jeh
voila et merci encore
dédétraqué
le 27 mai 2009 à 12h01
Salut wildwoolfy
Désactive le contrôle des comptes utilisateurs UAC (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Important Désactive ton Antivirus avant le scan en ligne :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
http://www.eset-nod32.fr/scanner.html
Dans le bas de la page clique sur Scanner en ligne >
Dans la nouvelle page, coche la case devant OUI, j'accepte les termes du contrat de licence et clique sur Start pour débuter.
Dans la nouvelle page(qui est assez longue a charger) tu auras une alerte pour la barre d'information, clique sur Fermé.
Maintenant faire un clique droit dans la barre d'information en jaune dans le haut de la page, et clique sur Installer le contrôle ActiveX.
Une boite d'information va s'ouvrir, clique sur Installer
Dans la nouvelle page clique en bas sur Démarrer, le téléchargement de la base des signatures de virus va débuter.
Après le scan du PC va débuter, patience le temps du scan, ne pas faire de navigation durant le scan, on a désactivé l'Antivirus.
Une fois le scan fini, cliqué sur Terminé et fermé la page.
Ouvrir l'explorateur Windows et retrouver le rapport qui est dans ce répertoire :
C:\Program Files\ESET\ESET Online Scanner\log.txt
Copie/colle le contenue de ce rapport log.txt
@++
Désactive le contrôle des comptes utilisateurs UAC (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Important Désactive ton Antivirus avant le scan en ligne :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm
Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
http://www.eset-nod32.fr/scanner.html
Dans le bas de la page clique sur Scanner en ligne >
Dans la nouvelle page, coche la case devant OUI, j'accepte les termes du contrat de licence et clique sur Start pour débuter.
Dans la nouvelle page(qui est assez longue a charger) tu auras une alerte pour la barre d'information, clique sur Fermé.
Maintenant faire un clique droit dans la barre d'information en jaune dans le haut de la page, et clique sur Installer le contrôle ActiveX.
Une boite d'information va s'ouvrir, clique sur Installer
Dans la nouvelle page clique en bas sur Démarrer, le téléchargement de la base des signatures de virus va débuter.
Après le scan du PC va débuter, patience le temps du scan, ne pas faire de navigation durant le scan, on a désactivé l'Antivirus.
Une fois le scan fini, cliqué sur Terminé et fermé la page.
Ouvrir l'explorateur Windows et retrouver le rapport qui est dans ce répertoire :
C:\Program Files\ESET\ESET Online Scanner\log.txt
Copie/colle le contenue de ce rapport log.txt
@++
wildwoolfy
le 28 mai 2009 à 05h56
salut dedetraque
voila le resultat
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=9927c65dc1019840979ff3d861fb374a
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-05-28 03:39:12
# local_time=2009-05-27 10:39:12 (-0500, SA Pacific Standard Time)
# country="France"
# lang=1036
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1283 61 100 99 20052301673847
# compatibility_mode=5889 61 100 100 425982994622750
# scanned=339188
# found=10
# cleaned=10
# scan_time=7186
C:\Program Files (x86)\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll une variante probable de Win32/Delf cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Program Files (x86)\MAXON\CINEMA 4D R10\modules\Extension Kits\keygen.exe une variante probable de Win32/Spy.Agent cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\Public\crack\max8keygen.exe une variante probable de Win32/SdBot cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\nickson\FOUND.004\FILE0001.CHK INF/Autorun virus (supprimé - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\software\FL STUDIO\patch(fixed).exe une variante probable de Win32/Delf cheval de troie (supprimé - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\software\studio cinema 4d\MAXON.CINEMA.4D.Studio.Bundle.v10.111.Multilanguage\keygen.exe une variante probable de Win32/Spy.Agent cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\software\studio cinema 4d\MAXON.CINEMA.4D.Studio.Bundle.v10.111.Multilanguage\CINEMA 4D R10\modules\Extension Kits\keygen.exe une variante probable de Win32/Spy.Agent cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Music\vanessa\autorun.inf INF/Autorun virus (supprimé - mis en quarantaine) 00000000000000000000000000000000
D:\boot\BOOTSECT.EXE Win32/Sality.NAU virus (nettoyé - mis en quarantaine) 00000000000000000000000000000000
D:\HP\RECOVERY\RestoreWiz.exe Win32/Sality.NAU virus (nettoyé - mis en quarantaine) 00000000000000000000000000000000
voila le resultat
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=9927c65dc1019840979ff3d861fb374a
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-05-28 03:39:12
# local_time=2009-05-27 10:39:12 (-0500, SA Pacific Standard Time)
# country="France"
# lang=1036
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1283 61 100 99 20052301673847
# compatibility_mode=5889 61 100 100 425982994622750
# scanned=339188
# found=10
# cleaned=10
# scan_time=7186
C:\Program Files (x86)\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll une variante probable de Win32/Delf cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Program Files (x86)\MAXON\CINEMA 4D R10\modules\Extension Kits\keygen.exe une variante probable de Win32/Spy.Agent cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\Public\crack\max8keygen.exe une variante probable de Win32/SdBot cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\nickson\FOUND.004\FILE0001.CHK INF/Autorun virus (supprimé - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\software\FL STUDIO\patch(fixed).exe une variante probable de Win32/Delf cheval de troie (supprimé - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\software\studio cinema 4d\MAXON.CINEMA.4D.Studio.Bundle.v10.111.Multilanguage\keygen.exe une variante probable de Win32/Spy.Agent cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Documents\software\studio cinema 4d\MAXON.CINEMA.4D.Studio.Bundle.v10.111.Multilanguage\CINEMA 4D R10\modules\Extension Kits\keygen.exe une variante probable de Win32/Spy.Agent cheval de troie (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000
C:\Users\ROLF\Music\vanessa\autorun.inf INF/Autorun virus (supprimé - mis en quarantaine) 00000000000000000000000000000000
D:\boot\BOOTSECT.EXE Win32/Sality.NAU virus (nettoyé - mis en quarantaine) 00000000000000000000000000000000
D:\HP\RECOVERY\RestoreWiz.exe Win32/Sality.NAU virus (nettoyé - mis en quarantaine) 00000000000000000000000000000000
wildwoolfy
le 28 mai 2009 à 06h07
au cas ou le copier coller ne donne pas tou le rapport voila un lien
http://cjoint.com/?fCgfblkObJ
http://cjoint.com/?fCgfblkObJ
dédétraqué
le 28 mai 2009 à 12h00
Salut wildwoolfy
Et bien, seulement des fichiers télécharger illégalement qui sont détecté.
Le téléchargement illégal est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..) Le danger des cracks !
Tu devrais arrêter tous ça, as-tu d'autre souci?
@++
Et bien, seulement des fichiers télécharger illégalement qui sont détecté.
Le téléchargement illégal est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..) Le danger des cracks !
Tu devrais arrêter tous ça, as-tu d'autre souci?
@++
wildwoolfy
le 28 mai 2009 à 18h28
salut dedetraque, je vous remercie du fond du coeur pour votre patience, mais bon, j'ai une remarque que a un certain moment du processus, ma machine etait devenu plus rapide et j'avais libere pres de 48 gig de memoire par contre je sais pas ce qui s'est passe car maintenant je vien de perdre pres de 30 gig, c'est bizarre, et ma machine redevient assez lente je vai t' envoyer deux photos du task manager
une c'est quand ca marchait bien [img]http://cjoint.com/?fCssdEA6bo[/img] et la c'est maintenant [img]http://cjoint.com/?fCsBgihDry[/img]
c'est le meme process mais en morceau car j'ai trouve que c'est trop long
une c'est quand ca marchait bien [img]http://cjoint.com/?fCssdEA6bo[/img] et la c'est maintenant [img]http://cjoint.com/?fCsBgihDry[/img]
c'est le meme process mais en morceau car j'ai trouve que c'est trop long
dédétraqué
le 28 mai 2009 à 23h39
Salut wildwoolfy
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
Supprime ce dossier C:\rsit
Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse
Les rapports sont dans le dossier ici C:\rsit
@++
wildwoolfy
le 29 mai 2009 à 00h55
salut dedetraque,
je voudrais pas croire que je suis reinfecte, que dois je faire alors pour eviter ca?
voila les resultats
http://cjoint.com/?fDa1BdbN2G
http://cjoint.com/?fDa1N1Hr4p
je voudrais pas croire que je suis reinfecte, que dois je faire alors pour eviter ca?
voila les resultats
http://cjoint.com/?fDa1BdbN2G
http://cjoint.com/?fDa1N1Hr4p
dédétraqué
le 29 mai 2009 à 01h22
Salut wildwoolfy
Refais un sacan avec UsbFix option 2 et poste le rapport.
@++
Refais un sacan avec UsbFix option 2 et poste le rapport.
@++
|
|
|
PRODUITS
- Portables |
- PC |
- Moniteurs |
- Photo / Vidéo |
- T.V. |
- Audio |
- GPS |
- Stockage |
- Téléphonie |
- autres catégories
TÉLÉCHARGER - LOGICIELS
- Windows & logiciels |
- Bureautique |
- Développement |
- Internet |
- Jeux |
- Loisirs |
- Multimédia |
- Personnaliser son pc |
- Sécurité |
- Utilitaires |
- Logiciels Linux |
- logiciels Mac
JEUX VIDÉOS
- jeux PC |
- Xbox |
- Playstation |
- Wii |
- PSP |
- DS |
- Action |
- Aventure |
- MMORPG |
- Sports |
- Simulation |
- Enfant |
- Soluces et astuces
LOISIRS
01NET PRO
- Réseaux et Internet |
- Programmation et développement |
- Logiciels d'entreprise |
- Systèmes d'exploitation en entreprise |
- Sécurité en entreprise |
- Entreprenariat |
- Emploi |
- Services PRO |
- Matériel PRO
AVIS ET COMMENTAIRES
- Les actualités de 01net. |
- Avis sur les jeux vidéos |
- Avis sur les produits |
- Avis sur les logiciels |
A PROPOS DE 01NET
publicité
Messages des modérateurs
A lire aussi
PRODUITS
- [RESOLU]Virus ou trojan? - > plutôt problème carte graphique
- Trojan Et problème driver
- gros problème virus ou pas trojan ou pas ...????
TÉLÉCHARGER - LOGICIELS
- Trojan : CSRSS.EXE
- csrss le retour
- Trojan csrss.exe[Résolu]
- Aide trojan csrss.exe
- probleme csrss.exe
JEUX VIDÉOS
LOISIRS
01NET PRO
AVIS ET COMMENTAIRES
A PROPOS DE 01NET
 |
 |
Photos
Brigitte Bardot : portraits d'un mythe.
|
 |
||
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Nous contacter
|
Charte de confiance
|
Voir notice légale
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
Tous droits réservés © 1999 - 2009 Internext - 01net.