Hello!
Voila g le meme probleme de demarrage mais aucunenidéed ou celapeut provenir et je ne suis pas trop une tete en informatique... donc g fais le scan avec hij... voici ce que j btiens... merci d avance pour votre aide!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:05, on 04.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\msconfig.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnbc.com/id/19836768/site/14081545/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Microsoft Windows Express] websploit.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Express] websploit.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate1c985e639df6e00) (gupdate1c985e639df6e00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8762 bytes
Vista lent au démarrage [résolu]
-
bernard53
- Support
- Messages : 3516
- Enregistré le : 25 avr. 2008, 22:05
- Configuration matérielle : Processeur intel 2 duo CPU E6750 2.66GHz
3GO mémoire vive
disque dur samsung 160Go
Re: Vista très lent à démarrer [réglé]
Bonjour shiryu
Crée ton propre post et remets ton rapport.
tu as une infection que l'on vas régler.
Crée ton propre post et remets ton rapport.
tu as une infection que l'on vas régler.
Bonne visite sur: http://tuto-b.comli.com/
-
chantal11
- Modérateurs
- Messages : 12004
- Enregistré le : 14 mars 2008, 18:41
- Configuration matérielle : PC assemblé : Intel Dual Core2 Duo E8600 3.33 Ghz - Carte mère Asus P5K Premium Wifi - 4 Go mémoire Corsair DDR2 PC2-6400-CAS4 - Carte graphique Asus geforce 8800 GTS 512 Mo DDR3 - Vista Intégrale SP1 64 bits
PORTABLE ASUS M50SV : Mobile DualCore Intel Core 2 T9300 2.50 Ghz - 3Go mémoire DDR2-667 - Carte graphique Geforce 9500M 512 Mo - Vista Premium SP1 32 bits - Localisation : Aude
- Contact :
Re: Vista lent au démarrage
Bonjour,
Les sujets ont été séparés .... tu peux y aller bernard53 ...... sors la Kärcher
Les sujets ont été séparés .... tu peux y aller bernard53 ...... sors la Kärcher
La Connaissance s'accroît quand on la partage ! (Socrate)Re: Vista lent au démarrage
Yes merci d avance pour votre temps!
J attend avec impatience la solution
J attend avec impatience la solution
-
bernard53
- Support
- Messages : 3516
- Enregistré le : 25 avr. 2008, 22:05
- Configuration matérielle : Processeur intel 2 duo CPU E6750 2.66GHz
3GO mémoire vive
disque dur samsung 160Go
Re: Vista lent au démarrage
Merci chantal11
OK shiryu suis la.
ceci en plus.
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau:
Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer:
Pour VISTA :
Clic-droit et choisis "Exécuter en tant qu'administrateur".
Ensuite :
[:fml:8] Si l'outil [g]HijackThis[/g] (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Le rapport va se créer. Pour le mettre sur le forum.
Le rapport est sauvegardé à la racine du disque: C:\rsit\info.txt et C:\rsit\log.txt
OK shiryu suis la.
ceci en plus.
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau:
Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer:
Pour VISTA :
Clic-droit et choisis "Exécuter en tant qu'administrateur".
Ensuite :
[:fml:8] Si l'outil [g]HijackThis[/g] (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Le rapport va se créer. Pour le mettre sur le forum.
Vous pouvez, une fois posté, le fermer. Ce rapport s’appelle.log.txtTout sélectionner : CRTL+ A
Tout copier : CRTL+ C
Tout coller : CRTL+ V
Le rapport est sauvegardé à la racine du disque: C:\rsit\info.txt et C:\rsit\log.txt
Bonne visite sur: http://tuto-b.comli.com/
Re: Vista lent au démarrage
Ok bernard53 voici le rapport.
Mais avant...j'ai éteind et rallumé mon pc et ohhh grande surprise" erreur dexécution 75 " ......... ya vraiment un truc louche là
.. non?
rapport suit!
Merci pour tout!
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lars-Erik at 2009-04-04 17:27:19
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 2047 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:27:59, on 04.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lars-Erik\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lars-Erik.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnbc.com/id/19836768/site/14081545/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Microsoft Windows Express] websploit.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Express] websploit.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate1c985e639df6e00) (gupdate1c985e639df6e00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8837 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\User_Feed_Synchronization-{50D950E5-F450-47B2-9A00-575613A150FC}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
Mininova Toolbar - C:\Program Files\Mininova\tbMini.dll [2008-02-14 1555480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f592709f-ff4a-4862-b659-4afabda56312} - Mininova Toolbar - C:\Program Files\Mininova\tbMini.dll [2008-02-14 1555480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-09-03 630784]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2007-11-08 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2007-11-08 33136]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-06-26 778240]
"OneCareUI"=C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe [2009-03-22 63864]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"NWEReboot"= []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Microsoft Windows Express"=C:\Windows\system32\websploit.exe [2008-01-19 204812]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\OneCareMP]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\BitTorrent\bittorrent.exe"="D:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74a177b0-fa72-11dd-ac9c-001d60d23202}]
shell\AutoRun\command - F:\wdsync.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{abe76d79-f1c4-11dd-b500-001d60d23202}]
shell\AutoRun\command - WDSetup.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-04-04 17:27:19 ----D---- C:\rsit
2009-04-04 13:23:20 ----D---- C:\Program Files\Trend Micro
2009-04-01 13:33:48 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-04-01 13:33:48 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-01 13:26:44 ----D---- C:\Windows\pss
2009-03-31 16:38:13 ----HD---- C:\Config.Msi
2009-03-31 15:47:47 ----D---- C:\ProgramData\Vsk5
2009-03-28 14:05:25 ----D---- C:\Program Files\Vsk5
2009-03-26 18:45:05 ----D---- C:\Program Files\NVIDIA Corporation
2009-03-26 14:23:06 ----D---- C:\ProgramData\ATI
2009-03-26 14:18:49 ----D---- C:\Users\Lars-Erik\AppData\Roaming\ATI
2009-03-26 14:07:59 ----D---- C:\Program Files\MobilityDotNET
2009-03-26 14:06:13 ----D---- C:\ATI
2009-03-26 13:56:16 ----D---- C:\ProgramData\ma-config.com
2009-03-26 11:01:10 ----D---- C:\Program Files\VaudTax2008
2009-03-22 19:11:49 ----A---- C:\Windows\system32\mshtmled.dll
2009-03-22 19:11:48 ----A---- C:\Windows\system32\icardie.dll
2009-03-22 19:11:47 ----A---- C:\Windows\system32\mshtmler.dll
2009-03-22 19:11:47 ----A---- C:\Windows\system32\ieui.dll
2009-03-22 19:11:47 ----A---- C:\Windows\system32\admparse.dll
2009-03-22 19:11:46 ----A---- C:\Windows\system32\msls31.dll
2009-03-22 19:11:46 ----A---- C:\Windows\system32\jsproxy.dll
2009-03-22 19:11:46 ----A---- C:\Windows\system32\corpol.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\imgutil.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\iernonce.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\ieakeng.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-03-22 19:11:44 ----A---- C:\Windows\system32\iepeers.dll
2009-03-22 19:11:44 ----A---- C:\Windows\system32\dxtrans.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\occache.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\msrating.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\licmgr10.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\inseng.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\ieaksie.dll
2009-03-22 19:11:42 ----A---- C:\Windows\system32\wextract.exe
2009-03-22 19:11:42 ----A---- C:\Windows\system32\webcheck.dll
2009-03-22 19:11:42 ----A---- C:\Windows\system32\iesetup.dll
2009-03-22 19:11:42 ----A---- C:\Windows\system32\ieakui.dll
2009-03-22 19:11:41 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-03-22 19:11:41 ----A---- C:\Windows\system32\mstime.dll
2009-03-22 19:11:41 ----A---- C:\Windows\system32\msfeedssync.exe
2009-03-22 19:11:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-03-22 19:11:40 ----A---- C:\Windows\system32\msfeeds.dll
2009-03-22 19:11:40 ----A---- C:\Windows\system32\advpack.dll
2009-03-22 19:11:39 ----A---- C:\Windows\system32\ieapfltr.dll
2009-03-22 19:11:38 ----A---- C:\Windows\system32\vbscript.dll
2009-03-22 19:11:38 ----A---- C:\Windows\system32\url.dll
2009-03-22 19:11:38 ----A---- C:\Windows\system32\jscript.dll
2009-03-22 19:11:37 ----A---- C:\Windows\system32\iedkcs32.dll
2009-03-22 19:11:34 ----A---- C:\Windows\system32\mshta.exe
2009-03-22 19:11:34 ----A---- C:\Windows\system32\iexpress.exe
2009-03-22 19:11:33 ----A---- C:\Windows\system32\iesysprep.dll
2009-03-22 19:11:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-03-22 19:11:32 ----A---- C:\Windows\system32\SetDepNx.exe
2009-03-22 19:11:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-03-22 19:11:31 ----A---- C:\Windows\system32\PDMSetup.exe
2009-03-22 19:11:31 ----A---- C:\Windows\system32\ieUnatt.exe
2009-03-22 19:11:29 ----A---- C:\Windows\system32\iertutil.dll
2009-03-22 19:11:29 ----A---- C:\Windows\system32\ie4uinit.exe
2009-03-22 19:11:25 ----A---- C:\Windows\system32\wininet.dll
2009-03-22 19:11:24 ----A---- C:\Windows\system32\urlmon.dll
2009-03-22 19:11:20 ----A---- C:\Windows\system32\ieframe.dll
2009-03-22 19:11:19 ----A---- C:\Windows\system32\mshtml.dll
2009-03-19 00:27:48 ----D---- C:\Program Files\Vsk5Online
2009-03-13 12:42:13 ----A---- C:\Windows\system32\GEARAspi.dll
2009-03-13 12:41:50 ----D---- C:\Program Files\iPod
2009-03-13 12:41:44 ----D---- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-13 12:41:44 ----D---- C:\Program Files\iTunes
2009-03-13 12:39:30 ----D---- C:\Program Files\QuickTime
2009-03-12 13:13:57 ----A---- C:\Windows\~DF3403.tmp
2009-03-12 13:13:54 ----D---- C:\Windows\__SkypeIEToolbar_Cache
2009-03-12 13:00:37 ----D---- C:\Program Files\Western Digital
2009-03-11 11:56:05 ----A---- C:\Windows\system32\wmp.dll
2009-03-11 11:56:03 ----A---- C:\Windows\system32\wmploc.DLL
2009-03-11 11:56:03 ----A---- C:\Windows\system32\spwmp.dll
2009-03-11 11:56:03 ----A---- C:\Windows\system32\dxmasf.dll
2009-03-11 11:44:01 ----A---- C:\Windows\system32\schannel.dll
2009-03-06 20:44:49 ----D---- C:\Users\Lars-Erik\AppData\Roaming\Mozilla
2009-03-06 00:59:00 ----A---- C:\Windows\system32\usbaaplrc.dll
======List of files/folders modified in the last 1 months======
2009-04-04 17:27:34 ----D---- C:\Windows\Prefetch
2009-04-04 17:27:17 ----D---- C:\Windows\Temp
2009-04-04 17:23:36 ----A---- C:\Windows\system32\acovcnt.exe
2009-04-04 17:23:25 ----D---- C:\Windows\system32\drivers
2009-04-04 17:16:00 ----D---- C:\Windows\System32
2009-04-04 17:16:00 ----D---- C:\Windows\inf
2009-04-04 17:16:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-04-04 17:04:50 ----D---- C:\Users\Lars-Erik\AppData\Roaming\BitTorrent
2009-04-04 14:47:08 ----SD---- C:\Windows\Downloaded Program Files
2009-04-04 13:30:18 ----RD---- C:\Program Files
2009-04-03 18:20:20 ----D---- C:\Program Files\Microsoft Windows OneCare Live
2009-04-02 10:36:14 ----SD---- C:\ProgramData\Microsoft
2009-04-01 14:37:00 ----D---- C:\Windows
2009-04-01 14:35:36 ----D---- C:\Users\Lars-Erik\AppData\Roaming\DNA
2009-04-01 13:33:48 ----HD---- C:\ProgramData
2009-04-01 13:18:01 ----D---- C:\Windows\Minidump
2009-04-01 13:18:01 ----D---- C:\Windows\Debug
2009-04-01 13:16:11 ----D---- C:\Windows\Tasks
2009-04-01 13:16:11 ----D---- C:\Program Files\Google
2009-04-01 11:39:15 ----SHD---- C:\System Volume Information
2009-03-31 16:38:52 ----SHD---- C:\Windows\Installer
2009-03-31 16:29:29 ----D---- C:\Windows\system32\Msdtc
2009-03-31 16:29:26 ----D---- C:\Windows\system32\wbem
2009-03-31 15:41:57 ----RSD---- C:\Windows\assembly
2009-03-31 15:28:41 ----D---- C:\Windows\system32\config
2009-03-31 15:28:03 ----D---- C:\Windows\system32\Tasks
2009-03-31 15:28:03 ----D---- C:\Windows\system32\spool
2009-03-31 15:28:03 ----D---- C:\Windows\system32\CodeIntegrity
2009-03-31 15:28:03 ----D---- C:\Windows\system32\catroot2
2009-03-31 15:27:31 ----D---- C:\ProgramData\P4G
2009-03-31 15:27:31 ----D---- C:\Program Files\PowerForPhone
2009-03-31 15:27:30 ----D---- C:\Program Files\DNA
2009-03-31 15:27:18 ----D---- C:\Windows\registration
2009-03-29 15:20:38 ----D---- C:\Program Files\ATI
2009-03-28 19:19:44 ----SD---- C:\Users\Lars-Erik\AppData\Roaming\Microsoft
2009-03-28 14:19:00 ----D---- C:\Users\Lars-Erik\AppData\Roaming\Adobe
2009-03-28 14:18:17 ----D---- C:\Program Files\Common Files\Adobe
2009-03-28 14:16:33 ----D---- C:\Program Files\Common Files
2009-03-26 18:45:05 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-26 18:07:11 ----D---- C:\ProgramData\Adobe
2009-03-26 17:52:29 ----RSD---- C:\Windows\Fonts
2009-03-26 17:48:49 ----D---- C:\Program Files\Adobe
2009-03-26 14:22:32 ----D---- C:\Program Files\ATI Technologies
2009-03-25 15:12:11 ----D---- C:\Users\Lars-Erik\AppData\Roaming\LimeWire
2009-03-22 19:46:17 ----D---- C:\Windows\rescache
2009-03-22 19:27:21 ----D---- C:\Program Files\Internet Explorer
2009-03-22 19:27:20 ----D---- C:\Windows\system32\fr-FR
2009-03-22 19:27:19 ----D---- C:\Windows\system32\migration
2009-03-22 19:27:19 ----D---- C:\Windows\system32\en-US
2009-03-22 19:27:19 ----D---- C:\Windows\PolicyDefinitions
2009-03-22 19:16:45 ----D---- C:\Windows\winsxs
2009-03-22 19:16:41 ----D---- C:\Windows\system32\catroot
2009-03-22 19:11:55 ----D---- C:\Program Files\Software by Design
2009-03-19 00:33:09 ----D---- C:\Users\Lars-Erik\AppData\Roaming\GetRightToGo
2009-03-18 22:56:41 ----D---- C:\ProgramData\TrackMania
2009-03-13 12:42:12 ----DC---- C:\Windows\system32\DRVSTORE
2009-03-13 12:41:45 ----D---- C:\Program Files\Common Files\Apple
2009-03-12 13:13:18 ----D---- C:\ProgramData\Google
2009-03-11 15:05:29 ----D---- C:\Program Files\Windows Media Player
2009-03-11 14:30:06 ----D---- C:\ProgramData\Microsoft Help
2009-03-08 21:39:53 ----D---- C:\Users\Lars-Erik\AppData\Roaming\Skype
2009-03-08 17:04:11 ----D---- C:\Users\Lars-Erik\AppData\Roaming\skypePM
2009-03-06 20:42:48 ----D---- C:\Program Files\LimeWire
2009-03-05 09:06:30 ----D---- C:\Program Files\Common Files\microsoft shared
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 MSFWHLPR;MSFWHLPR; C:\Windows\system32\DRIVERS\msfwhlpr.sys [2007-11-27 37440]
R2 MSFWDrv;MSFWDrv; C:\Windows\system32\DRIVERS\msfwdrv.sys [2007-11-27 91200]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-07 767488]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-06 2411520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-01-15 23848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2008-05-15 53168]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-01-23 50176]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 35328]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-03-30 12033024]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 Asushwio;Asushwio; \??\C:\Windows\system32\drivers\Asushwio.sys [2006-10-10 10288]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 lvupdtio;lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [2007-05-09 15216]
S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2008-02-18 96256]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06 36864]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-03-06 565248]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 msfwsvc;@C:\Program Files\Microsoft Windows OneCare Live\Firewall\\MSFWSVCResource.dll,-10000; C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe [2007-11-27 869952]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 OcHealthMon;Windows Live OneCare Health Monitor; C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe [2009-03-22 24936]
R2 OneCareMP;OneCare AntiSpyware and AntiVirus; C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe [2008-07-09 18704]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 winss;Windows Live OneCare; C:\Program Files\Microsoft Windows OneCare Live\winss.exe [2009-03-22 1131896]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 gupdate1c985e639df6e00;Google Update Service (gupdate1c985e639df6e00); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-11 656168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Info:
info.txt logfile of random's system information tool 1.06 2009-04-04 17:28:02
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo Burning Studio 7.21-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 7\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe" -l0x9 -removeonly
ATI Uninstaller-->C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
ccc-Branding-->MsiExec.exe /I{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
GMATPrep(TM)-->"C:\Program Files\InstallShield Installation Information\{BFE903DE-4845-4387-9C6C-98B21B8445A3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
GTOneCare-->MsiExec.exe /X{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
iTunes-->MsiExec.exe /I{E5145D2D-793B-4A16-BA42-3F13EEAA7D5E}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
LimeWire 5.1.1-->"C:\Program Files\LimeWire\uninstall.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Protection Service-->MsiExec.exe /I{A9E5D235-52F9-49E5-98F0-CD79940FB0CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Live OneCare Resources v2.5.2900.24-->MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus-->MsiExec.exe /I{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}
Microsoft Windows OneCare Live v2.5.2900.20 Idcrl Install-->MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
Microsoft Windows OneCare Live v2.5.2900.24-->MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Mininova Toolbar-->C:\PROGRA~1\Mininova\UNWISE.EXE C:\PROGRA~1\Mininova\INSTALL.LOG
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Premium-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OrmaVskAC32-->C:\Users\Lars-Erik\Documents\Uninstal.exe
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_48f6f624\pccs_bluetooth.inf
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_51d2d3e1\pccs_bluetooth.inf
PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
PowerForPhone-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
PX Engine-->MsiExec.exe /I{6513E869-647F-40FD-A55D-CFC92579B9BA}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Core Media Player 4.0-->"C:\Program Files\CoreCodec\The Core Media Player\uninstall-tcmp4.exe"
TmUnitedForever-->"C:\Program Files\TmUnitedForever\unins000.exe"
TrackMania United DVD Patch 2006-12-15-->"C:\Program Files\TrackMania United\unins000.exe"
Ulead DVD MovieFactory 6 TBYB-->C:\Program Files\InstallShield Installation Information\{CCC4E428-411E-4605-B515-317D50ABD477}\setup.exe -runfromtemp -l0x040c
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
USB2.0 1.3M WebCam-->C:\Windows\Uninst.bat
VaudTax2007-->"C:\Program Files\VaudTax2007\UninstallerData\Uninstall VaudTax2007.exe"
VaudTax2008-->"C:\Program Files\VaudTax2008\UninstallerData\Uninstall VaudTax2008.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Vsk5 - patch1-->"C:\Program Files\Vsk5\unins000.exe"
Vsk5Online-->"C:\Program Files\Vsk5Online\unins000.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare-->"C:\Program Files\Microsoft Windows OneCare Live\OCSetup.exe" /u
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
======Security center information======
AV: Windows Live OneCare
AV: Norton Internet Security (outdated)
FW: Norton Internet Security (disabled)
FW: Pare-feu Windows Live OneCare
AS: Windows Defender (disabled) (outdated)
AS: Norton Internet Security (outdated)
AS: Windows Live OneCare
======System event log======
Computer Name: PC-de-Lars-Erik
Event Code: 15021
Message: Une erreur s’est produite avec l’utilisation de la configuration SSL pour l’adresse de socket 192.168.2.106:63331. Le code du statut de l’erreur est renvoyé avec les données.
Record Number: 58395623
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152310.350379-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15021
Message: Une erreur s’est produite avec l’utilisation de la configuration SSL pour l’adresse de socket 192.33.227.224:6331. Le code du statut de l’erreur est renvoyé avec les données.
Record Number: 58395624
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152310.350379-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 58395625
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152310.351356-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15300
Message: Paramètres de certificat SSL supprimés pour le port : 192.168.1.40:63331.
Record Number: 58395714
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152336.882466-000
Event Type: Avertissement
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15301
Message: Paramètres de certificat SSL créés par un processus administrateur pour le port : 192.168.1.40:63331.
Record Number: 58395715
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152337.257466-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000:
Process 976 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000
Process 2828 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\winss.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000\Software\Microsoft\Internet Explorer\PhishingFilter
Record Number: 47685
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404151615.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000_Classes:
Process 976 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000_CLASSES
Record Number: 47686
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404151616.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Lars-Erik
Event Code: 4621
Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.
Record Number: 47718
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090404152152.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000:
Process 948 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000
Process 2684 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\winss.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000\Software\Microsoft\Internet Explorer\PhishingFilter
Record Number: 47721
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404152154.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000_Classes:
Process 948 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000_CLASSES
Record Number: 47722
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404152155.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
=====Security event log=====
Computer Name: PC-de-Lars-Erik
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0
Type d’ouverture de session : 0
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x4
Nom du processus :
Informations sur le réseau :
Nom de la station de travail : -
Adresse du réseau source : -
Port source : -
Informations détaillées sur l’authentification :
Processus d’ouverture de session : -
Package d’authentification : -
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 245380
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113100.683593-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4902
Message: La table de stratégie d’audit par utilisateur a été créée.
Nombre d’éléments : 0
ID de la stratégie : 0xeab6
Record Number: 245381
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113100.871093-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-LARS-ERIK$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x29c
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Adresse du réseau : -
Port : -
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 245382
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113101.605468-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-LARS-ERIK$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 5
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x29c
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -
Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 245383
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113101.605468-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 245384
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113101.605468-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ImageConverter Plus;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel
"PROCESSOR_REVISION"=0e0c
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Mais avant...j'ai éteind et rallumé mon pc et ohhh grande surprise" erreur dexécution 75 " ......... ya vraiment un truc louche là
.. non?rapport suit!
Merci pour tout!
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lars-Erik at 2009-04-04 17:27:19
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 2047 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:27:59, on 04.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lars-Erik\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lars-Erik.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnbc.com/id/19836768/site/14081545/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Microsoft Windows Express] websploit.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Express] websploit.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate1c985e639df6e00) (gupdate1c985e639df6e00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8837 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\User_Feed_Synchronization-{50D950E5-F450-47B2-9A00-575613A150FC}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
Mininova Toolbar - C:\Program Files\Mininova\tbMini.dll [2008-02-14 1555480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f592709f-ff4a-4862-b659-4afabda56312} - Mininova Toolbar - C:\Program Files\Mininova\tbMini.dll [2008-02-14 1555480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-09-03 630784]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2007-11-08 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2007-11-08 33136]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-06-26 778240]
"OneCareUI"=C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe [2009-03-22 63864]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"NWEReboot"= []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Microsoft Windows Express"=C:\Windows\system32\websploit.exe [2008-01-19 204812]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\OneCareMP]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\BitTorrent\bittorrent.exe"="D:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74a177b0-fa72-11dd-ac9c-001d60d23202}]
shell\AutoRun\command - F:\wdsync.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{abe76d79-f1c4-11dd-b500-001d60d23202}]
shell\AutoRun\command - WDSetup.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-04-04 17:27:19 ----D---- C:\rsit
2009-04-04 13:23:20 ----D---- C:\Program Files\Trend Micro
2009-04-01 13:33:48 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-04-01 13:33:48 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-01 13:26:44 ----D---- C:\Windows\pss
2009-03-31 16:38:13 ----HD---- C:\Config.Msi
2009-03-31 15:47:47 ----D---- C:\ProgramData\Vsk5
2009-03-28 14:05:25 ----D---- C:\Program Files\Vsk5
2009-03-26 18:45:05 ----D---- C:\Program Files\NVIDIA Corporation
2009-03-26 14:23:06 ----D---- C:\ProgramData\ATI
2009-03-26 14:18:49 ----D---- C:\Users\Lars-Erik\AppData\Roaming\ATI
2009-03-26 14:07:59 ----D---- C:\Program Files\MobilityDotNET
2009-03-26 14:06:13 ----D---- C:\ATI
2009-03-26 13:56:16 ----D---- C:\ProgramData\ma-config.com
2009-03-26 11:01:10 ----D---- C:\Program Files\VaudTax2008
2009-03-22 19:11:49 ----A---- C:\Windows\system32\mshtmled.dll
2009-03-22 19:11:48 ----A---- C:\Windows\system32\icardie.dll
2009-03-22 19:11:47 ----A---- C:\Windows\system32\mshtmler.dll
2009-03-22 19:11:47 ----A---- C:\Windows\system32\ieui.dll
2009-03-22 19:11:47 ----A---- C:\Windows\system32\admparse.dll
2009-03-22 19:11:46 ----A---- C:\Windows\system32\msls31.dll
2009-03-22 19:11:46 ----A---- C:\Windows\system32\jsproxy.dll
2009-03-22 19:11:46 ----A---- C:\Windows\system32\corpol.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\imgutil.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\iernonce.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\ieakeng.dll
2009-03-22 19:11:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-03-22 19:11:44 ----A---- C:\Windows\system32\iepeers.dll
2009-03-22 19:11:44 ----A---- C:\Windows\system32\dxtrans.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\occache.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\msrating.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\licmgr10.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\inseng.dll
2009-03-22 19:11:43 ----A---- C:\Windows\system32\ieaksie.dll
2009-03-22 19:11:42 ----A---- C:\Windows\system32\wextract.exe
2009-03-22 19:11:42 ----A---- C:\Windows\system32\webcheck.dll
2009-03-22 19:11:42 ----A---- C:\Windows\system32\iesetup.dll
2009-03-22 19:11:42 ----A---- C:\Windows\system32\ieakui.dll
2009-03-22 19:11:41 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-03-22 19:11:41 ----A---- C:\Windows\system32\mstime.dll
2009-03-22 19:11:41 ----A---- C:\Windows\system32\msfeedssync.exe
2009-03-22 19:11:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-03-22 19:11:40 ----A---- C:\Windows\system32\msfeeds.dll
2009-03-22 19:11:40 ----A---- C:\Windows\system32\advpack.dll
2009-03-22 19:11:39 ----A---- C:\Windows\system32\ieapfltr.dll
2009-03-22 19:11:38 ----A---- C:\Windows\system32\vbscript.dll
2009-03-22 19:11:38 ----A---- C:\Windows\system32\url.dll
2009-03-22 19:11:38 ----A---- C:\Windows\system32\jscript.dll
2009-03-22 19:11:37 ----A---- C:\Windows\system32\iedkcs32.dll
2009-03-22 19:11:34 ----A---- C:\Windows\system32\mshta.exe
2009-03-22 19:11:34 ----A---- C:\Windows\system32\iexpress.exe
2009-03-22 19:11:33 ----A---- C:\Windows\system32\iesysprep.dll
2009-03-22 19:11:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-03-22 19:11:32 ----A---- C:\Windows\system32\SetDepNx.exe
2009-03-22 19:11:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-03-22 19:11:31 ----A---- C:\Windows\system32\PDMSetup.exe
2009-03-22 19:11:31 ----A---- C:\Windows\system32\ieUnatt.exe
2009-03-22 19:11:29 ----A---- C:\Windows\system32\iertutil.dll
2009-03-22 19:11:29 ----A---- C:\Windows\system32\ie4uinit.exe
2009-03-22 19:11:25 ----A---- C:\Windows\system32\wininet.dll
2009-03-22 19:11:24 ----A---- C:\Windows\system32\urlmon.dll
2009-03-22 19:11:20 ----A---- C:\Windows\system32\ieframe.dll
2009-03-22 19:11:19 ----A---- C:\Windows\system32\mshtml.dll
2009-03-19 00:27:48 ----D---- C:\Program Files\Vsk5Online
2009-03-13 12:42:13 ----A---- C:\Windows\system32\GEARAspi.dll
2009-03-13 12:41:50 ----D---- C:\Program Files\iPod
2009-03-13 12:41:44 ----D---- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-13 12:41:44 ----D---- C:\Program Files\iTunes
2009-03-13 12:39:30 ----D---- C:\Program Files\QuickTime
2009-03-12 13:13:57 ----A---- C:\Windows\~DF3403.tmp
2009-03-12 13:13:54 ----D---- C:\Windows\__SkypeIEToolbar_Cache
2009-03-12 13:00:37 ----D---- C:\Program Files\Western Digital
2009-03-11 11:56:05 ----A---- C:\Windows\system32\wmp.dll
2009-03-11 11:56:03 ----A---- C:\Windows\system32\wmploc.DLL
2009-03-11 11:56:03 ----A---- C:\Windows\system32\spwmp.dll
2009-03-11 11:56:03 ----A---- C:\Windows\system32\dxmasf.dll
2009-03-11 11:44:01 ----A---- C:\Windows\system32\schannel.dll
2009-03-06 20:44:49 ----D---- C:\Users\Lars-Erik\AppData\Roaming\Mozilla
2009-03-06 00:59:00 ----A---- C:\Windows\system32\usbaaplrc.dll
======List of files/folders modified in the last 1 months======
2009-04-04 17:27:34 ----D---- C:\Windows\Prefetch
2009-04-04 17:27:17 ----D---- C:\Windows\Temp
2009-04-04 17:23:36 ----A---- C:\Windows\system32\acovcnt.exe
2009-04-04 17:23:25 ----D---- C:\Windows\system32\drivers
2009-04-04 17:16:00 ----D---- C:\Windows\System32
2009-04-04 17:16:00 ----D---- C:\Windows\inf
2009-04-04 17:16:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-04-04 17:04:50 ----D---- C:\Users\Lars-Erik\AppData\Roaming\BitTorrent
2009-04-04 14:47:08 ----SD---- C:\Windows\Downloaded Program Files
2009-04-04 13:30:18 ----RD---- C:\Program Files
2009-04-03 18:20:20 ----D---- C:\Program Files\Microsoft Windows OneCare Live
2009-04-02 10:36:14 ----SD---- C:\ProgramData\Microsoft
2009-04-01 14:37:00 ----D---- C:\Windows
2009-04-01 14:35:36 ----D---- C:\Users\Lars-Erik\AppData\Roaming\DNA
2009-04-01 13:33:48 ----HD---- C:\ProgramData
2009-04-01 13:18:01 ----D---- C:\Windows\Minidump
2009-04-01 13:18:01 ----D---- C:\Windows\Debug
2009-04-01 13:16:11 ----D---- C:\Windows\Tasks
2009-04-01 13:16:11 ----D---- C:\Program Files\Google
2009-04-01 11:39:15 ----SHD---- C:\System Volume Information
2009-03-31 16:38:52 ----SHD---- C:\Windows\Installer
2009-03-31 16:29:29 ----D---- C:\Windows\system32\Msdtc
2009-03-31 16:29:26 ----D---- C:\Windows\system32\wbem
2009-03-31 15:41:57 ----RSD---- C:\Windows\assembly
2009-03-31 15:28:41 ----D---- C:\Windows\system32\config
2009-03-31 15:28:03 ----D---- C:\Windows\system32\Tasks
2009-03-31 15:28:03 ----D---- C:\Windows\system32\spool
2009-03-31 15:28:03 ----D---- C:\Windows\system32\CodeIntegrity
2009-03-31 15:28:03 ----D---- C:\Windows\system32\catroot2
2009-03-31 15:27:31 ----D---- C:\ProgramData\P4G
2009-03-31 15:27:31 ----D---- C:\Program Files\PowerForPhone
2009-03-31 15:27:30 ----D---- C:\Program Files\DNA
2009-03-31 15:27:18 ----D---- C:\Windows\registration
2009-03-29 15:20:38 ----D---- C:\Program Files\ATI
2009-03-28 19:19:44 ----SD---- C:\Users\Lars-Erik\AppData\Roaming\Microsoft
2009-03-28 14:19:00 ----D---- C:\Users\Lars-Erik\AppData\Roaming\Adobe
2009-03-28 14:18:17 ----D---- C:\Program Files\Common Files\Adobe
2009-03-28 14:16:33 ----D---- C:\Program Files\Common Files
2009-03-26 18:45:05 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-26 18:07:11 ----D---- C:\ProgramData\Adobe
2009-03-26 17:52:29 ----RSD---- C:\Windows\Fonts
2009-03-26 17:48:49 ----D---- C:\Program Files\Adobe
2009-03-26 14:22:32 ----D---- C:\Program Files\ATI Technologies
2009-03-25 15:12:11 ----D---- C:\Users\Lars-Erik\AppData\Roaming\LimeWire
2009-03-22 19:46:17 ----D---- C:\Windows\rescache
2009-03-22 19:27:21 ----D---- C:\Program Files\Internet Explorer
2009-03-22 19:27:20 ----D---- C:\Windows\system32\fr-FR
2009-03-22 19:27:19 ----D---- C:\Windows\system32\migration
2009-03-22 19:27:19 ----D---- C:\Windows\system32\en-US
2009-03-22 19:27:19 ----D---- C:\Windows\PolicyDefinitions
2009-03-22 19:16:45 ----D---- C:\Windows\winsxs
2009-03-22 19:16:41 ----D---- C:\Windows\system32\catroot
2009-03-22 19:11:55 ----D---- C:\Program Files\Software by Design
2009-03-19 00:33:09 ----D---- C:\Users\Lars-Erik\AppData\Roaming\GetRightToGo
2009-03-18 22:56:41 ----D---- C:\ProgramData\TrackMania
2009-03-13 12:42:12 ----DC---- C:\Windows\system32\DRVSTORE
2009-03-13 12:41:45 ----D---- C:\Program Files\Common Files\Apple
2009-03-12 13:13:18 ----D---- C:\ProgramData\Google
2009-03-11 15:05:29 ----D---- C:\Program Files\Windows Media Player
2009-03-11 14:30:06 ----D---- C:\ProgramData\Microsoft Help
2009-03-08 21:39:53 ----D---- C:\Users\Lars-Erik\AppData\Roaming\Skype
2009-03-08 17:04:11 ----D---- C:\Users\Lars-Erik\AppData\Roaming\skypePM
2009-03-06 20:42:48 ----D---- C:\Program Files\LimeWire
2009-03-05 09:06:30 ----D---- C:\Program Files\Common Files\microsoft shared
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 MSFWHLPR;MSFWHLPR; C:\Windows\system32\DRIVERS\msfwhlpr.sys [2007-11-27 37440]
R2 MSFWDrv;MSFWDrv; C:\Windows\system32\DRIVERS\msfwdrv.sys [2007-11-27 91200]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-07 767488]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-06 2411520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-01-15 23848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2008-05-15 53168]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-01-23 50176]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 35328]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-03-30 12033024]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 Asushwio;Asushwio; \??\C:\Windows\system32\drivers\Asushwio.sys [2006-10-10 10288]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 lvupdtio;lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [2007-05-09 15216]
S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2008-02-18 96256]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06 36864]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-03-06 565248]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 msfwsvc;@C:\Program Files\Microsoft Windows OneCare Live\Firewall\\MSFWSVCResource.dll,-10000; C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe [2007-11-27 869952]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 OcHealthMon;Windows Live OneCare Health Monitor; C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe [2009-03-22 24936]
R2 OneCareMP;OneCare AntiSpyware and AntiVirus; C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe [2008-07-09 18704]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 winss;Windows Live OneCare; C:\Program Files\Microsoft Windows OneCare Live\winss.exe [2009-03-22 1131896]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 gupdate1c985e639df6e00;Google Update Service (gupdate1c985e639df6e00); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-11 656168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Info:
info.txt logfile of random's system information tool 1.06 2009-04-04 17:28:02
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo Burning Studio 7.21-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 7\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe" -l0x9 -removeonly
ATI Uninstaller-->C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
ccc-Branding-->MsiExec.exe /I{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
GMATPrep(TM)-->"C:\Program Files\InstallShield Installation Information\{BFE903DE-4845-4387-9C6C-98B21B8445A3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
GTOneCare-->MsiExec.exe /X{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
iTunes-->MsiExec.exe /I{E5145D2D-793B-4A16-BA42-3F13EEAA7D5E}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
LimeWire 5.1.1-->"C:\Program Files\LimeWire\uninstall.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Protection Service-->MsiExec.exe /I{A9E5D235-52F9-49E5-98F0-CD79940FB0CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Live OneCare Resources v2.5.2900.24-->MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus-->MsiExec.exe /I{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}
Microsoft Windows OneCare Live v2.5.2900.20 Idcrl Install-->MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
Microsoft Windows OneCare Live v2.5.2900.24-->MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Mininova Toolbar-->C:\PROGRA~1\Mininova\UNWISE.EXE C:\PROGRA~1\Mininova\INSTALL.LOG
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Premium-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OrmaVskAC32-->C:\Users\Lars-Erik\Documents\Uninstal.exe
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_48f6f624\pccs_bluetooth.inf
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_51d2d3e1\pccs_bluetooth.inf
PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
PowerForPhone-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
PX Engine-->MsiExec.exe /I{6513E869-647F-40FD-A55D-CFC92579B9BA}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Core Media Player 4.0-->"C:\Program Files\CoreCodec\The Core Media Player\uninstall-tcmp4.exe"
TmUnitedForever-->"C:\Program Files\TmUnitedForever\unins000.exe"
TrackMania United DVD Patch 2006-12-15-->"C:\Program Files\TrackMania United\unins000.exe"
Ulead DVD MovieFactory 6 TBYB-->C:\Program Files\InstallShield Installation Information\{CCC4E428-411E-4605-B515-317D50ABD477}\setup.exe -runfromtemp -l0x040c
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
USB2.0 1.3M WebCam-->C:\Windows\Uninst.bat
VaudTax2007-->"C:\Program Files\VaudTax2007\UninstallerData\Uninstall VaudTax2007.exe"
VaudTax2008-->"C:\Program Files\VaudTax2008\UninstallerData\Uninstall VaudTax2008.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Vsk5 - patch1-->"C:\Program Files\Vsk5\unins000.exe"
Vsk5Online-->"C:\Program Files\Vsk5Online\unins000.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare-->"C:\Program Files\Microsoft Windows OneCare Live\OCSetup.exe" /u
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
======Security center information======
AV: Windows Live OneCare
AV: Norton Internet Security (outdated)
FW: Norton Internet Security (disabled)
FW: Pare-feu Windows Live OneCare
AS: Windows Defender (disabled) (outdated)
AS: Norton Internet Security (outdated)
AS: Windows Live OneCare
======System event log======
Computer Name: PC-de-Lars-Erik
Event Code: 15021
Message: Une erreur s’est produite avec l’utilisation de la configuration SSL pour l’adresse de socket 192.168.2.106:63331. Le code du statut de l’erreur est renvoyé avec les données.
Record Number: 58395623
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152310.350379-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15021
Message: Une erreur s’est produite avec l’utilisation de la configuration SSL pour l’adresse de socket 192.33.227.224:6331. Le code du statut de l’erreur est renvoyé avec les données.
Record Number: 58395624
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152310.350379-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 58395625
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152310.351356-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15300
Message: Paramètres de certificat SSL supprimés pour le port : 192.168.1.40:63331.
Record Number: 58395714
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152336.882466-000
Event Type: Avertissement
User:
Computer Name: PC-de-Lars-Erik
Event Code: 15301
Message: Paramètres de certificat SSL créés par un processus administrateur pour le port : 192.168.1.40:63331.
Record Number: 58395715
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090404152337.257466-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000:
Process 976 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000
Process 2828 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\winss.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000\Software\Microsoft\Internet Explorer\PhishingFilter
Record Number: 47685
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404151615.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000_Classes:
Process 976 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000_CLASSES
Record Number: 47686
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404151616.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Lars-Erik
Event Code: 4621
Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.
Record Number: 47718
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090404152152.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000:
Process 948 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000
Process 2684 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\winss.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000\Software\Microsoft\Internet Explorer\PhishingFilter
Record Number: 47721
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404152154.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Lars-Erik
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3227293759-939298665-670299529-1000_Classes:
Process 948 (\Device\HarddiskVolume2\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3227293759-939298665-670299529-1000_CLASSES
Record Number: 47722
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090404152155.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
=====Security event log=====
Computer Name: PC-de-Lars-Erik
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0
Type d’ouverture de session : 0
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x4
Nom du processus :
Informations sur le réseau :
Nom de la station de travail : -
Adresse du réseau source : -
Port source : -
Informations détaillées sur l’authentification :
Processus d’ouverture de session : -
Package d’authentification : -
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 245380
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113100.683593-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4902
Message: La table de stratégie d’audit par utilisateur a été créée.
Nombre d’éléments : 0
ID de la stratégie : 0xeab6
Record Number: 245381
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113100.871093-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-LARS-ERIK$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x29c
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Adresse du réseau : -
Port : -
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 245382
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113101.605468-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-LARS-ERIK$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 5
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x29c
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -
Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 245383
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113101.605468-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Lars-Erik
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 245384
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329113101.605468-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ImageConverter Plus;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel
"PROCESSOR_REVISION"=0e0c
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
-
bernard53
- Support
- Messages : 3516
- Enregistré le : 25 avr. 2008, 22:05
- Configuration matérielle : Processeur intel 2 duo CPU E6750 2.66GHz
3GO mémoire vive
disque dur samsung 160Go
Re: Vista lent au démarrage
Ok fait ceci.
Télécharge >>OTMoveIt3<< (de Old_Timer) sur ton Bureau.
Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".
AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.
Double-clique sur OTMoveIt3.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous:
Clique sur
pour lancer la suppression.
attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles\*******_******.log
NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.
Ensuite tu fais ceci.
Télécharge CCLEANER
TUTO
Fait un nettoyage comme cela :
**Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 48 Heures
Recocher cette case une fois le premier nettoyage effectué
1-Élimine les fichiers temporaires et les traces ( onglet nettoyeur )
que vous laissez en naviguant sur Internet ou bien en ouvrant simplement des fichiers avec n'importe quel logiciel sous Windows : le Lecteur Windows Media, Emule, Office, Nero, Adobe Reader, etc.
Ensuite ceci:!
Installe Malewarebytes' Antimalware,
Téléchargement et tuto
Met-le à jour puis passe en mode sans échec :
http://www.pcloisirs.eu/mode_sans_echec.htm
Choisi, Exécuter un examen complet (environ 1 à 2 heures)
Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection
Poste le rapport final.
il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.
Télécharge >>OTMoveIt3<< (de Old_Timer) sur ton Bureau.
Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".
AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.
Double-clique sur OTMoveIt3.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous:
et colle-la dans le cadre de gauche de OTMoveIt3:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Windows Express"=-
:Files
C:\Windows\system32\websploit.exe
C:\Windows\~DF3403.tmp
:Commands
[purity]
[emptytemp]
[Reboot]
Clique sur
pour lancer la suppression.attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles\*******_******.log
NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.
Ensuite tu fais ceci.
Télécharge CCLEANER
TUTO
Fait un nettoyage comme cela :
**Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 48 Heures
Recocher cette case une fois le premier nettoyage effectué
1-Élimine les fichiers temporaires et les traces ( onglet nettoyeur )
que vous laissez en naviguant sur Internet ou bien en ouvrant simplement des fichiers avec n'importe quel logiciel sous Windows : le Lecteur Windows Media, Emule, Office, Nero, Adobe Reader, etc.Ensuite ceci:!
Installe Malewarebytes' Antimalware,
Téléchargement et tuto
Met-le à jour puis passe en mode sans échec :
http://www.pcloisirs.eu/mode_sans_echec.htm
Choisi, Exécuter un examen complet (environ 1 à 2 heures)
Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection
Poste le rapport final.
il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.
Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui ? choisissez Outils dans la barre de navigation sur la gauche ? Résident et là vous pouvez décocher les cases situées devant les deux outils.
Bonne visite sur: http://tuto-b.comli.com/
Re: Vista lent au démarrage
Voila j y suis arrivé!
ci dessous lesdifferent logs. Merci pour encore pour tout j ai l impression de demander une montagne d ke ca touchea l informatique
quelle est la suite patron?
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Windows Express deleted successfully.
========== FILES ==========
C:\Windows\system32\websploit.exe moved successfully.
C:\Windows\~DF3403.tmp moved successfully.
========== COMMANDS ==========
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF1137.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF2A0D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF3370.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF513D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF5143.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04042009_201619
Files moved on Reboot...
File C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF1137.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF2A0D.tmp not found!
C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF3370.tmp moved successfully.
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F3.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F8.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF513D.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF5143.tmp not found!
Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1940
Windows 6.0.6001 Service Pack 1
04.04.2009 21:32:12
mbam-log-2009-04-04 (21-32-12).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 218236
Temps écoulé: 41 minute(s), 52 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Microsoft Windows Express (Backdoor.Bot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\Lars-Erik\AppData\Roaming\G A Y L A N D.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
ci dessous lesdifferent logs. Merci pour encore pour tout j ai l impression de demander une montagne d ke ca touchea l informatique
quelle est la suite patron?
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Windows Express deleted successfully.
========== FILES ==========
C:\Windows\system32\websploit.exe moved successfully.
C:\Windows\~DF3403.tmp moved successfully.
========== COMMANDS ==========
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF1137.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF2A0D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF3370.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF513D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\LARS-E~1\AppData\Local\Temp\~DF5143.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04042009_201619
Files moved on Reboot...
File C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF1137.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF2A0D.tmp not found!
C:\Users\LARS-E~1\AppData\Local\Temp\Low\~DF3370.tmp moved successfully.
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F3.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF50F8.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF513D.tmp not found!
File C:\Users\LARS-E~1\AppData\Local\Temp\~DF5143.tmp not found!
Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1940
Windows 6.0.6001 Service Pack 1
04.04.2009 21:32:12
mbam-log-2009-04-04 (21-32-12).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 218236
Temps écoulé: 41 minute(s), 52 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Microsoft Windows Express (Backdoor.Bot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\Lars-Erik\AppData\Roaming\G A Y L A N D.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
-
bernard53
- Support
- Messages : 3516
- Enregistré le : 25 avr. 2008, 22:05
- Configuration matérielle : Processeur intel 2 duo CPU E6750 2.66GHz
3GO mémoire vive
disque dur samsung 160Go
Re: Vista lent au démarrage
bonjour
OK très bien; mets moi un nouveau rapport HijackThis pour contrôle.
Ensuite dis moi comment ce comporte ton pc maintenant.
PS: ceci en plus s.t.p
Télécharger LopS&D.exe sur ton Bureau
Tuto
• Double-clique dessus pour lancer l'installation
• Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
• Sélectionne la langue souhaitée, puis choisis l'Option 1 (Recherche)
• Patiente jusqu'à la fin du scan
• Poste le rapport généré (C:\lopR.txt)
OK très bien; mets moi un nouveau rapport HijackThis pour contrôle.
Ensuite dis moi comment ce comporte ton pc maintenant.
PS: ceci en plus s.t.p
Télécharger LopS&D.exe sur ton Bureau
Tuto
• Double-clique dessus pour lancer l'installation
• Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
• Sélectionne la langue souhaitée, puis choisis l'Option 1 (Recherche)
• Patiente jusqu'à la fin du scan
• Poste le rapport généré (C:\lopR.txt)
Bonne visite sur: http://tuto-b.comli.com/
Re: Vista lent au démarrage
Alors au niveau du comportement de l ordi ca va mieux mais demarre lentement encore 1 foi sur 5....
Voici le log de hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:11, on 05.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnbc.com/id/19836768/site/14081545/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate1c985e639df6e00) (gupdate1c985e639df6e00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7991 bytes
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2130 @ 1.86GHz )
BIOS : Default System BIOS
USER : Lars-Erik ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Pare-feu Windows Live OneCare 1.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:9 Go)
D:\ (Local Disk) - NTFS - Total:67 Go (Free:29 Go)
E:\ (CD or DVD)
G:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05.04.2009|12:31 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[27.03.2009|20:25] C:\Users\LARS-E~1\AppData\Local\Adobe
[15.04.2008|09:09] C:\Users\LARS-E~1\AppData\Local\Ahead
[08.01.2008|09:47] C:\Users\LARS-E~1\AppData\Local\Apple
[16.07.2008|07:27] C:\Users\LARS-E~1\AppData\Local\Apple Computer
[25.12.2007|19:29] C:\Users\LARS-E~1\AppData\Local\Application Data
[24.04.2008|17:38] C:\Users\LARS-E~1\AppData\Local\Apps
[18.05.2008|18:00] C:\Users\LARS-E~1\AppData\Local\ashampoo
[26.03.2009|14:18] C:\Users\LARS-E~1\AppData\Local\ATI
[04.04.2009|20:53] C:\Users\LARS-E~1\AppData\Local\d3d9caps.dat
[04.04.2009|22:00] C:\Users\LARS-E~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[03.05.2008|23:56] C:\Users\LARS-E~1\AppData\Local\Deployment
[16.03.2008|12:27] C:\Users\LARS-E~1\AppData\Local\DNA
[05.10.2008|22:18] C:\Users\LARS-E~1\AppData\Local\Downloaded Installations
[04.04.2009|21:51] C:\Users\LARS-E~1\AppData\Local\GDIPFONTCACHEV1.DAT
[12.03.2009|13:13] C:\Users\LARS-E~1\AppData\Local\Google
[25.12.2007|19:29] C:\Users\LARS-E~1\AppData\Local\Historique
[04.04.2009|22:01] C:\Users\LARS-E~1\AppData\Local\IconCache.db
[28.08.2008|14:56] C:\Users\LARS-E~1\AppData\Local\Microsoft
[17.02.2008|15:59] C:\Users\LARS-E~1\AppData\Local\Microsoft Games
[02.10.2008|13:14] C:\Users\LARS-E~1\AppData\Local\Microsoft Help
[14.02.2008|20:42] C:\Users\LARS-E~1\AppData\Local\Mininova
[07.10.2008|18:23] C:\Users\LARS-E~1\AppData\Local\PokerStars
[05.04.2009|12:30] C:\Users\LARS-E~1\AppData\Local\Temp
[25.12.2007|19:29] C:\Users\LARS-E~1\AppData\Local\Temporary Internet Files
[26.12.2007|02:22] C:\Users\LARS-E~1\AppData\Local\VirtualStore
[23.03.2008|21:48] C:\Users\LARS-E~1\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[05.04.2009 10:12][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[05.04.2009 10:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{50D950E5-F450-47B2-9A00-575613A150FC}.job
[05.04.2009 10:12][--ah-----] C:\Windows\tasks\SA.DAT
[05.04.2009 08:14][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[05.10.2008|22:22] C:\ProgramData\__wdump.txt
[13.03.2009|12:42] C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[08.11.2007|18:51] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[26.03.2009|18:07] C:\ProgramData\Adobe
[19.12.2008|17:21] C:\ProgramData\Ahead
[08.01.2008|09:45] C:\ProgramData\Apple
[26.02.2008|11:48] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[18.05.2008|18:00] C:\ProgramData\ashampoo
[26.12.2007|00:27] C:\ProgramData\ASUS
[08.11.2007|19:34] C:\ProgramData\Atheros
[26.03.2009|14:23] C:\ProgramData\ATI
[26.08.2008|17:42] C:\ProgramData\Babylon
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[03.09.2008|21:02] C:\ProgramData\Electronic Arts
[15.12.2008|10:11] C:\ProgramData\ezsidmv.dat
[02.11.2006|15:02] C:\ProgramData\Favorites
[12.03.2009|13:13] C:\ProgramData\Google
[24.01.2008|21:29] C:\ProgramData\HP
[06.11.2008|21:57] C:\ProgramData\HP Product Assistant
[24.01.2008|21:27] C:\ProgramData\HPSSUPPLY
[27.03.2008|14:17] C:\ProgramData\hpzinstall.log
[24.04.2008|17:03] C:\ProgramData\Installations
[01.05.2008|15:31] C:\ProgramData\InstallShield
[05.10.2008|16:59] C:\ProgramData\InterVideo
[26.12.2007|20:41] C:\ProgramData\LightScribe
[26.03.2009|13:56] C:\ProgramData\ma-config.com
[04.04.2009|20:34] C:\ProgramData\Malwarebytes
[02.04.2009|10:36] C:\ProgramData\Microsoft
[11.03.2009|14:30] C:\ProgramData\Microsoft Help
[19.12.2008|17:13] C:\ProgramData\Nero
[31.03.2009|15:27] C:\ProgramData\P4G
[24.04.2008|17:11] C:\ProgramData\PC Suite
[25.10.2008|16:31] C:\ProgramData\Pinnacle
[05.10.2008|22:18] C:\ProgramData\Pinnacle Studio Ultimate
[02.03.2009|19:15] C:\ProgramData\Skype
[04.04.2009|20:35] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[25.12.2007|22:29] C:\ProgramData\Symantec
[06.12.2008|16:37] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[18.03.2009|22:56] C:\ProgramData\TrackMania
[03.01.2008|16:52] C:\ProgramData\TrackMania United
[05.10.2008|16:54] C:\ProgramData\Ulead Systems
[02.04.2009|17:54] C:\ProgramData\Vsk5
[24.01.2008|21:28] C:\ProgramData\WEBREG
[04.01.2008|21:13] C:\ProgramData\WLInstaller
[26.02.2008|00:56] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[08.11.2007|18:51] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[26.03.2009|17:48] C:\Program Files\Adobe
[10.09.2008|10:30] C:\Program Files\Alcohol Soft
[05.08.2008|18:51] C:\Program Files\Apple Software Update
[18.05.2008|18:00] C:\Program Files\Ashampoo
[18.11.2008|13:25] C:\Program Files\ASUS
[08.11.2007|19:34] C:\Program Files\Atheros
[29.03.2009|15:20] C:\Program Files\ATI
[26.03.2009|14:22] C:\Program Files\ATI Technologies
[08.11.2007|19:23] C:\Program Files\ATK Hotkey
[08.11.2007|19:24] C:\Program Files\ATKOSD2
[13.02.2009|11:09] C:\Program Files\Bonjour
[04.04.2009|20:27] C:\Program Files\CCleaner
[06.10.2008|09:53] C:\Program Files\Combined Community Codec Pack
[28.03.2009|14:16] C:\Program Files\Common Files
[14.02.2008|20:42] C:\Program Files\Conduit
[01.10.2008|16:15] C:\Program Files\CopyTracker
[23.07.2008|11:12] C:\Program Files\CoreCodec
[24.04.2008|17:07] C:\Program Files\DIFX
[31.03.2009|15:27] C:\Program Files\DNA
[10.12.2008|18:56] C:\Program Files\GMATPrep
[01.04.2009|13:16] C:\Program Files\Google
[06.10.2008|09:42] C:\Program Files\Haali
[24.01.2008|21:24] C:\Program Files\Hewlett-Packard
[24.01.2008|21:27] C:\Program Files\HP
[26.03.2009|18:45] C:\Program Files\InstallShield Installation Information
[22.03.2009|19:27] C:\Program Files\Internet Explorer
[13.03.2009|12:41] C:\Program Files\iPod
[13.03.2009|12:42] C:\Program Files\iTunes
[18.12.2008|15:07] C:\Program Files\Java
[06.03.2009|20:42] C:\Program Files\LimeWire
[25.10.2008|16:33] C:\Program Files\MagicISO
[04.04.2009|20:34] C:\Program Files\Malwarebytes' Anti-Malware
[26.12.2007|01:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[08.11.2007|18:49] C:\Program Files\Microsoft Office
[26.02.2009|15:03] C:\Program Files\Microsoft Silverlight
[08.11.2007|18:49] C:\Program Files\Microsoft Visual Studio
[26.12.2007|00:51] C:\Program Files\Microsoft Visual Studio 8
[04.04.2009|19:19] C:\Program Files\Microsoft Windows OneCare Live
[08.11.2007|18:49] C:\Program Files\Microsoft Works
[08.11.2007|18:48] C:\Program Files\Microsoft.NET
[14.02.2008|20:42] C:\Program Files\Mininova
[26.03.2009|14:13] C:\Program Files\MobilityDotNET
[08.11.2007|19:33] C:\Program Files\Motorola
[24.03.2008|16:16] C:\Program Files\Movie Maker
[26.12.2007|00:54] C:\Program Files\MSBuild
[19.04.2008|11:07] C:\Program Files\MSECache
[18.04.2007|10:43] C:\Program Files\MSXML 4.0
[04.10.2008|20:59] C:\Program Files\Nero
[26.03.2009|18:45] C:\Program Files\NVIDIA Corporation
[08.11.2007|19:45] C:\Program Files\P4G
[24.04.2008|17:06] C:\Program Files\PC Connectivity Solution
[08.11.2007|19:45] C:\Program Files\Power4Gear eXtreme
[31.03.2009|15:27] C:\Program Files\PowerForPhone
[05.10.2008|22:31] C:\Program Files\proDAD
[13.03.2009|12:40] C:\Program Files\QuickTime
[31.12.2008|12:12] C:\Program Files\RADVideo
[08.11.2007|19:37] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[02.03.2009|19:15] C:\Program Files\Skype
[22.03.2009|19:11] C:\Program Files\Software by Design
[04.04.2009|13:44] C:\Program Files\Spybot - Search & Destroy
[08.11.2007|19:43] C:\Program Files\Synaptics
[06.12.2008|19:35] C:\Program Files\TmUnitedForever
[03.01.2008|16:49] C:\Program Files\TrackMania United
[04.04.2009|13:23] C:\Program Files\Trend Micro
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[13.07.2008|22:35] C:\Program Files\VaudTax2007
[26.03.2009|11:01] C:\Program Files\VaudTax2008
[31.08.2008|21:51] C:\Program Files\VideoLAN
[31.03.2009|15:47] C:\Program Files\Vsk5
[31.03.2009|15:27] C:\Program Files\Vsk5Online
[23.07.2008|11:16] C:\Program Files\Webteh
[12.03.2009|13:00] C:\Program Files\Western Digital
[24.03.2008|16:16] C:\Program Files\Windows Calendar
[24.03.2008|16:16] C:\Program Files\Windows Collaboration
[24.03.2008|16:16] C:\Program Files\Windows Defender
[24.03.2008|16:16] C:\Program Files\Windows Journal
[04.01.2008|21:19] C:\Program Files\Windows Live
[04.01.2008|21:22] C:\Program Files\Windows Live Favorites
[04.01.2008|21:21] C:\Program Files\Windows Live Toolbar
[25.10.2008|15:47] C:\Program Files\Windows Mail
[04.10.2008|15:28] C:\Program Files\Windows Media Components
[11.03.2009|15:05] C:\Program Files\Windows Media Player
[02.11.2006|14:37] C:\Program Files\Windows NT
[24.03.2008|16:16] C:\Program Files\Windows Photo Gallery
[24.03.2008|16:16] C:\Program Files\Windows Sidebar
[09.06.2008|08:07] C:\Program Files\WinRAR
[08.11.2007|19:33] C:\Program Files\Wireless Console 2
[13.07.2008|22:35] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[28.03.2009|14:18] C:\Program Files\Common Files\Adobe
[19.12.2008|17:19] C:\Program Files\Common Files\Ahead
[13.03.2009|12:41] C:\Program Files\Common Files\Apple
[08.11.2007|18:49] C:\Program Files\Common Files\DESIGNER
[24.01.2008|21:24] C:\Program Files\Common Files\Hewlett-Packard
[24.01.2008|21:26] C:\Program Files\Common Files\HP
[03.09.2008|21:01] C:\Program Files\Common Files\InstallShield
[04.10.2008|15:29] C:\Program Files\Common Files\InterVideo
[03.01.2008|21:35] C:\Program Files\Common Files\Java
[08.11.2007|18:54] C:\Program Files\Common Files\LightScribe
[05.03.2009|09:06] C:\Program Files\Common Files\microsoft shared
[06.01.2009|09:28] C:\Program Files\Common Files\PX Storage Engine
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[02.03.2009|19:15] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25.12.2007|22:27] C:\Program Files\Common Files\Symantec Shared
[24.03.2008|16:16] C:\Program Files\Common Files\System
[05.10.2008|16:56] C:\Program Files\Common Files\Ulead Systems
[04.01.2008|21:19] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 80 Processes )
iexplore.exe ~ [PID:3920]
iexplore.exe ~ [PID:5288]
iexplore.exe ~ [PID:1380]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-05 12:31:41
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ahead Nero v8.1.1.0 Ultra Edition with Keygen.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ashampoo Burning Studio v7.21 + Keygen included.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\MagicISO Maker v5.5 (Build 265) [BRAiGHTLiNG Crack][h33t][matt14].torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Microsoft Office 2007 + Crack.rar.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Nero 7 Ultra Edition Enhanced XP & Vista + Keygen.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle Studio Plus v10.7.0 Titanium Edition Multilang.Manual.Keygen.Bonus DVD.MenuPatch.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle Studio Ultimate v11.1 MULTiLANGUAGE + Crack.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle.11.KeyGen.exe.1.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle.11.KeyGen.exe.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Spore RELOADED - crack only.1.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Spore RELOADED - crack only.torrent
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Ashampoo.MultiKeygen.exe
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\ashampoo_burningstudio721.exe
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Declaration of Use!!!.txt
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Keygen.exe
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS 14.0 Crack - RECOiL.rar
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS 14.0 patch.exe
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS14Evaluation.exe
[F:371][D:21]-> C:\Users\LARS-E~1\AppData\Local\Temp
[F:39][D:1]-> C:\Users\LARS-E~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:12][D:4]-> C:\Users\LARS-E~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:18][D:2]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 05.04.2009|12:33 - Option : [1]
--------------------\\ Fin du rapport a 12:33:18
[ UAC => 1 ]
Voici le log de hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:11, on 05.04.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnbc.com/id/19836768/site/14081545/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate1c985e639df6e00) (gupdate1c985e639df6e00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7991 bytes
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2130 @ 1.86GHz )
BIOS : Default System BIOS
USER : Lars-Erik ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Pare-feu Windows Live OneCare 1.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:9 Go)
D:\ (Local Disk) - NTFS - Total:67 Go (Free:29 Go)
E:\ (CD or DVD)
G:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05.04.2009|12:31 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[27.03.2009|20:25] C:\Users\LARS-E~1\AppData\Local\Adobe
[15.04.2008|09:09] C:\Users\LARS-E~1\AppData\Local\Ahead
[08.01.2008|09:47] C:\Users\LARS-E~1\AppData\Local\Apple
[16.07.2008|07:27] C:\Users\LARS-E~1\AppData\Local\Apple Computer
[25.12.2007|19:29] C:\Users\LARS-E~1\AppData\Local\Application Data
[24.04.2008|17:38] C:\Users\LARS-E~1\AppData\Local\Apps
[18.05.2008|18:00] C:\Users\LARS-E~1\AppData\Local\ashampoo
[26.03.2009|14:18] C:\Users\LARS-E~1\AppData\Local\ATI
[04.04.2009|20:53] C:\Users\LARS-E~1\AppData\Local\d3d9caps.dat
[04.04.2009|22:00] C:\Users\LARS-E~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[03.05.2008|23:56] C:\Users\LARS-E~1\AppData\Local\Deployment
[16.03.2008|12:27] C:\Users\LARS-E~1\AppData\Local\DNA
[05.10.2008|22:18] C:\Users\LARS-E~1\AppData\Local\Downloaded Installations
[04.04.2009|21:51] C:\Users\LARS-E~1\AppData\Local\GDIPFONTCACHEV1.DAT
[12.03.2009|13:13] C:\Users\LARS-E~1\AppData\Local\Google
[25.12.2007|19:29] C:\Users\LARS-E~1\AppData\Local\Historique
[04.04.2009|22:01] C:\Users\LARS-E~1\AppData\Local\IconCache.db
[28.08.2008|14:56] C:\Users\LARS-E~1\AppData\Local\Microsoft
[17.02.2008|15:59] C:\Users\LARS-E~1\AppData\Local\Microsoft Games
[02.10.2008|13:14] C:\Users\LARS-E~1\AppData\Local\Microsoft Help
[14.02.2008|20:42] C:\Users\LARS-E~1\AppData\Local\Mininova
[07.10.2008|18:23] C:\Users\LARS-E~1\AppData\Local\PokerStars
[05.04.2009|12:30] C:\Users\LARS-E~1\AppData\Local\Temp
[25.12.2007|19:29] C:\Users\LARS-E~1\AppData\Local\Temporary Internet Files
[26.12.2007|02:22] C:\Users\LARS-E~1\AppData\Local\VirtualStore
[23.03.2008|21:48] C:\Users\LARS-E~1\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[05.04.2009 10:12][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[05.04.2009 10:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{50D950E5-F450-47B2-9A00-575613A150FC}.job
[05.04.2009 10:12][--ah-----] C:\Windows\tasks\SA.DAT
[05.04.2009 08:14][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[05.10.2008|22:22] C:\ProgramData\__wdump.txt
[13.03.2009|12:42] C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[08.11.2007|18:51] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[26.03.2009|18:07] C:\ProgramData\Adobe
[19.12.2008|17:21] C:\ProgramData\Ahead
[08.01.2008|09:45] C:\ProgramData\Apple
[26.02.2008|11:48] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[18.05.2008|18:00] C:\ProgramData\ashampoo
[26.12.2007|00:27] C:\ProgramData\ASUS
[08.11.2007|19:34] C:\ProgramData\Atheros
[26.03.2009|14:23] C:\ProgramData\ATI
[26.08.2008|17:42] C:\ProgramData\Babylon
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[03.09.2008|21:02] C:\ProgramData\Electronic Arts
[15.12.2008|10:11] C:\ProgramData\ezsidmv.dat
[02.11.2006|15:02] C:\ProgramData\Favorites
[12.03.2009|13:13] C:\ProgramData\Google
[24.01.2008|21:29] C:\ProgramData\HP
[06.11.2008|21:57] C:\ProgramData\HP Product Assistant
[24.01.2008|21:27] C:\ProgramData\HPSSUPPLY
[27.03.2008|14:17] C:\ProgramData\hpzinstall.log
[24.04.2008|17:03] C:\ProgramData\Installations
[01.05.2008|15:31] C:\ProgramData\InstallShield
[05.10.2008|16:59] C:\ProgramData\InterVideo
[26.12.2007|20:41] C:\ProgramData\LightScribe
[26.03.2009|13:56] C:\ProgramData\ma-config.com
[04.04.2009|20:34] C:\ProgramData\Malwarebytes
[02.04.2009|10:36] C:\ProgramData\Microsoft
[11.03.2009|14:30] C:\ProgramData\Microsoft Help
[19.12.2008|17:13] C:\ProgramData\Nero
[31.03.2009|15:27] C:\ProgramData\P4G
[24.04.2008|17:11] C:\ProgramData\PC Suite
[25.10.2008|16:31] C:\ProgramData\Pinnacle
[05.10.2008|22:18] C:\ProgramData\Pinnacle Studio Ultimate
[02.03.2009|19:15] C:\ProgramData\Skype
[04.04.2009|20:35] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[25.12.2007|22:29] C:\ProgramData\Symantec
[06.12.2008|16:37] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[18.03.2009|22:56] C:\ProgramData\TrackMania
[03.01.2008|16:52] C:\ProgramData\TrackMania United
[05.10.2008|16:54] C:\ProgramData\Ulead Systems
[02.04.2009|17:54] C:\ProgramData\Vsk5
[24.01.2008|21:28] C:\ProgramData\WEBREG
[04.01.2008|21:13] C:\ProgramData\WLInstaller
[26.02.2008|00:56] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[08.11.2007|18:51] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[26.03.2009|17:48] C:\Program Files\Adobe
[10.09.2008|10:30] C:\Program Files\Alcohol Soft
[05.08.2008|18:51] C:\Program Files\Apple Software Update
[18.05.2008|18:00] C:\Program Files\Ashampoo
[18.11.2008|13:25] C:\Program Files\ASUS
[08.11.2007|19:34] C:\Program Files\Atheros
[29.03.2009|15:20] C:\Program Files\ATI
[26.03.2009|14:22] C:\Program Files\ATI Technologies
[08.11.2007|19:23] C:\Program Files\ATK Hotkey
[08.11.2007|19:24] C:\Program Files\ATKOSD2
[13.02.2009|11:09] C:\Program Files\Bonjour
[04.04.2009|20:27] C:\Program Files\CCleaner
[06.10.2008|09:53] C:\Program Files\Combined Community Codec Pack
[28.03.2009|14:16] C:\Program Files\Common Files
[14.02.2008|20:42] C:\Program Files\Conduit
[01.10.2008|16:15] C:\Program Files\CopyTracker
[23.07.2008|11:12] C:\Program Files\CoreCodec
[24.04.2008|17:07] C:\Program Files\DIFX
[31.03.2009|15:27] C:\Program Files\DNA
[10.12.2008|18:56] C:\Program Files\GMATPrep
[01.04.2009|13:16] C:\Program Files\Google
[06.10.2008|09:42] C:\Program Files\Haali
[24.01.2008|21:24] C:\Program Files\Hewlett-Packard
[24.01.2008|21:27] C:\Program Files\HP
[26.03.2009|18:45] C:\Program Files\InstallShield Installation Information
[22.03.2009|19:27] C:\Program Files\Internet Explorer
[13.03.2009|12:41] C:\Program Files\iPod
[13.03.2009|12:42] C:\Program Files\iTunes
[18.12.2008|15:07] C:\Program Files\Java
[06.03.2009|20:42] C:\Program Files\LimeWire
[25.10.2008|16:33] C:\Program Files\MagicISO
[04.04.2009|20:34] C:\Program Files\Malwarebytes' Anti-Malware
[26.12.2007|01:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[08.11.2007|18:49] C:\Program Files\Microsoft Office
[26.02.2009|15:03] C:\Program Files\Microsoft Silverlight
[08.11.2007|18:49] C:\Program Files\Microsoft Visual Studio
[26.12.2007|00:51] C:\Program Files\Microsoft Visual Studio 8
[04.04.2009|19:19] C:\Program Files\Microsoft Windows OneCare Live
[08.11.2007|18:49] C:\Program Files\Microsoft Works
[08.11.2007|18:48] C:\Program Files\Microsoft.NET
[14.02.2008|20:42] C:\Program Files\Mininova
[26.03.2009|14:13] C:\Program Files\MobilityDotNET
[08.11.2007|19:33] C:\Program Files\Motorola
[24.03.2008|16:16] C:\Program Files\Movie Maker
[26.12.2007|00:54] C:\Program Files\MSBuild
[19.04.2008|11:07] C:\Program Files\MSECache
[18.04.2007|10:43] C:\Program Files\MSXML 4.0
[04.10.2008|20:59] C:\Program Files\Nero
[26.03.2009|18:45] C:\Program Files\NVIDIA Corporation
[08.11.2007|19:45] C:\Program Files\P4G
[24.04.2008|17:06] C:\Program Files\PC Connectivity Solution
[08.11.2007|19:45] C:\Program Files\Power4Gear eXtreme
[31.03.2009|15:27] C:\Program Files\PowerForPhone
[05.10.2008|22:31] C:\Program Files\proDAD
[13.03.2009|12:40] C:\Program Files\QuickTime
[31.12.2008|12:12] C:\Program Files\RADVideo
[08.11.2007|19:37] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[02.03.2009|19:15] C:\Program Files\Skype
[22.03.2009|19:11] C:\Program Files\Software by Design
[04.04.2009|13:44] C:\Program Files\Spybot - Search & Destroy
[08.11.2007|19:43] C:\Program Files\Synaptics
[06.12.2008|19:35] C:\Program Files\TmUnitedForever
[03.01.2008|16:49] C:\Program Files\TrackMania United
[04.04.2009|13:23] C:\Program Files\Trend Micro
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[13.07.2008|22:35] C:\Program Files\VaudTax2007
[26.03.2009|11:01] C:\Program Files\VaudTax2008
[31.08.2008|21:51] C:\Program Files\VideoLAN
[31.03.2009|15:47] C:\Program Files\Vsk5
[31.03.2009|15:27] C:\Program Files\Vsk5Online
[23.07.2008|11:16] C:\Program Files\Webteh
[12.03.2009|13:00] C:\Program Files\Western Digital
[24.03.2008|16:16] C:\Program Files\Windows Calendar
[24.03.2008|16:16] C:\Program Files\Windows Collaboration
[24.03.2008|16:16] C:\Program Files\Windows Defender
[24.03.2008|16:16] C:\Program Files\Windows Journal
[04.01.2008|21:19] C:\Program Files\Windows Live
[04.01.2008|21:22] C:\Program Files\Windows Live Favorites
[04.01.2008|21:21] C:\Program Files\Windows Live Toolbar
[25.10.2008|15:47] C:\Program Files\Windows Mail
[04.10.2008|15:28] C:\Program Files\Windows Media Components
[11.03.2009|15:05] C:\Program Files\Windows Media Player
[02.11.2006|14:37] C:\Program Files\Windows NT
[24.03.2008|16:16] C:\Program Files\Windows Photo Gallery
[24.03.2008|16:16] C:\Program Files\Windows Sidebar
[09.06.2008|08:07] C:\Program Files\WinRAR
[08.11.2007|19:33] C:\Program Files\Wireless Console 2
[13.07.2008|22:35] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[28.03.2009|14:18] C:\Program Files\Common Files\Adobe
[19.12.2008|17:19] C:\Program Files\Common Files\Ahead
[13.03.2009|12:41] C:\Program Files\Common Files\Apple
[08.11.2007|18:49] C:\Program Files\Common Files\DESIGNER
[24.01.2008|21:24] C:\Program Files\Common Files\Hewlett-Packard
[24.01.2008|21:26] C:\Program Files\Common Files\HP
[03.09.2008|21:01] C:\Program Files\Common Files\InstallShield
[04.10.2008|15:29] C:\Program Files\Common Files\InterVideo
[03.01.2008|21:35] C:\Program Files\Common Files\Java
[08.11.2007|18:54] C:\Program Files\Common Files\LightScribe
[05.03.2009|09:06] C:\Program Files\Common Files\microsoft shared
[06.01.2009|09:28] C:\Program Files\Common Files\PX Storage Engine
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[02.03.2009|19:15] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25.12.2007|22:27] C:\Program Files\Common Files\Symantec Shared
[24.03.2008|16:16] C:\Program Files\Common Files\System
[05.10.2008|16:56] C:\Program Files\Common Files\Ulead Systems
[04.01.2008|21:19] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 80 Processes )
iexplore.exe ~ [PID:3920]
iexplore.exe ~ [PID:5288]
iexplore.exe ~ [PID:1380]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-05 12:31:41
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ahead Nero v8.1.1.0 Ultra Edition with Keygen.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ashampoo Burning Studio v7.21 + Keygen included.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\MagicISO Maker v5.5 (Build 265) [BRAiGHTLiNG Crack][h33t][matt14].torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Microsoft Office 2007 + Crack.rar.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Nero 7 Ultra Edition Enhanced XP & Vista + Keygen.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle Studio Plus v10.7.0 Titanium Edition Multilang.Manual.Keygen.Bonus DVD.MenuPatch.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle Studio Ultimate v11.1 MULTiLANGUAGE + Crack.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle.11.KeyGen.exe.1.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle.11.KeyGen.exe.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Spore RELOADED - crack only.1.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Spore RELOADED - crack only.torrent
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Ashampoo.MultiKeygen.exe
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\ashampoo_burningstudio721.exe
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Declaration of Use!!!.txt
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Keygen.exe
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS 14.0 Crack - RECOiL.rar
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS 14.0 patch.exe
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS14Evaluation.exe
[F:371][D:21]-> C:\Users\LARS-E~1\AppData\Local\Temp
[F:39][D:1]-> C:\Users\LARS-E~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:12][D:4]-> C:\Users\LARS-E~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:18][D:2]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 05.04.2009|12:33 - Option : [1]
--------------------\\ Fin du rapport a 12:33:18
[ UAC => 1 ]
Re: Vista lent au démarrage
Ok au niveau du démarrage ca semble fonctionner sans problemes!!! merci bcp!
Sinon dans le reste des rapport vois tu qqch d inormale?
Merci!
Sinon dans le reste des rapport vois tu qqch d inormale?
Merci!
-
bernard53
- Support
- Messages : 3516
- Enregistré le : 25 avr. 2008, 22:05
- Configuration matérielle : Processeur intel 2 duo CPU E6750 2.66GHz
3GO mémoire vive
disque dur samsung 160Go
Re: Vista lent au démarrage
OK tu vois d'ou viennent tes soucis.
Ne garde pas tout cela qui vas automatiquement réinfecter ton pc.
Ensuite relance "OTMoveIt" et mets ceci a supprimer.
Ensuite ::
Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
Ensuite tu as beaucoup de chose au démarrage que tu peux gérer comme ceci.
Tu peux contrôler le démarrage de tous ces processus avec un logiciel comme Starter de Code Stuff.
Télécharge et installe Code Stuff Starter :
http://www.clubic.com/telecharger-fiche ... arter.html
Tu l'ouvres et tu cliques sur AllSection dans la colonne de gauche.
Si tu n'es pas en français, clique sur Configurations, Options, Language et choisis French.
Ensuite vas dans l’onglet démarrage et décoches les lignes voulues.
Ne t'inquiète pas si a l'usage tu veux réactiver l'une d'elles, il suffit de la. recocher
Elles sont lancées inutilement au démarrage du système et cela ne comporte aucun danger.
Installe le logiciel comme ceci, si tu es sous Vista.
Tu le dé zippes puis fais un Clic-droit sur le .exe et choisis "Exécuter en tant qu'administrateur".
Et tu peux décocher tout ceci.
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ahead Nero v8.1.1.0 Ultra Edition with Keygen.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ashampoo Burning Studio v7.21 + Keygen included.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\MagicISO Maker v5.5 (Build 265) [BRAiGHTLiNG Crack][h33t][matt14].torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Microsoft Office 2007 + Crack.rar.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Nero 7 Ultra Edition Enhanced XP & Vista + Keygen.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle Studio Plus v10.7.0 Titanium Edition Multilang.Manual.Keygen.Bonus DVD.MenuPatch.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle Studio Ultimate v11.1 MULTiLANGUAGE + Crack.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle.11.KeyGen.exe.1.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Pinnacle.11.KeyGen.exe.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Spore RELOADED - crack only.1.torrent
C:\Users\LARS-E~1\AppData\Roaming\BitTorrent\Spore RELOADED - crack only.torrent
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Ashampoo.MultiKeygen.exe
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\ashampoo_burningstudio721.exe
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Declaration of Use!!!.txt
C:\Users\LARS-E~1\Documents\Downloads\Ashampoo.Burning.Studio.7.21-Keygen-HeartBug\Keygen.exe
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS 14.0 Crack - RECOiL.rar
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS 14.0 patch.exe
C:\Users\LARS-E~1\Documents\HEG\EES1\Etude de march‚\SPSS 14.0 + Crack\SPSS14Evaluation.exe
Ne garde pas tout cela qui vas automatiquement réinfecter ton pc.Ensuite relance "OTMoveIt" et mets ceci a supprimer.
C:\ProgramData\ezsidmv.dat
Ensuite ::
Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
Ensuite tu as beaucoup de chose au démarrage que tu peux gérer comme ceci.
Tu peux contrôler le démarrage de tous ces processus avec un logiciel comme Starter de Code Stuff.
Télécharge et installe Code Stuff Starter :
http://www.clubic.com/telecharger-fiche ... arter.html
Tu l'ouvres et tu cliques sur AllSection dans la colonne de gauche.
Si tu n'es pas en français, clique sur Configurations, Options, Language et choisis French.
Ensuite vas dans l’onglet démarrage et décoches les lignes voulues.
Ne t'inquiète pas si a l'usage tu veux réactiver l'une d'elles, il suffit de la. recocher
Elles sont lancées inutilement au démarrage du système et cela ne comporte aucun danger.
Installe le logiciel comme ceci, si tu es sous Vista.Tu le dé zippes puis fais un Clic-droit sur le .exe et choisis "Exécuter en tant qu'administrateur".
Et tu peux décocher tout ceci.
Dis moi après cela si c'est mieux cette fois.O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
Bonne visite sur: http://tuto-b.comli.com/
Re: Vista lent au démarrage
Hello!
Alors voila je crois que tout est entré dans l ordre! magnifique et encore merci pour ton temps c'est vraiment très sympa!
Sinon que puis je faire pour éviter que cela se reproduise?
Alors voila je crois que tout est entré dans l ordre! magnifique et encore merci pour ton temps c'est vraiment très sympa!
Sinon que puis je faire pour éviter que cela se reproduise?
-
bernard53
- Support
- Messages : 3516
- Enregistré le : 25 avr. 2008, 22:05
- Configuration matérielle : Processeur intel 2 duo CPU E6750 2.66GHz
3GO mémoire vive
disque dur samsung 160Go
Re: Vista lent au démarrage
bon très bien si tout vas bien.
Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.
Bon maintenant on va mettre la restauration du système propre.
Pour cela:
1- Valides les touches Windows et Pause en même temps.
Puis cela:
Sur cette fenêtre décoche cette case et Valides :
Toujours sur cette même fenêtre :
Il te faut donc maintenant recrée un nouveau point de restauration.
Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »
Puis ceci :
Ensuite création de ce point de restauration.
Et Confirmation.
Vous pouvez maintenant fermer toutes les fenêtres.
Voici un lien très intéressant sur des Logiciels nuisibles et pour eviter justement ce genre de soucis.
Bien sur une grande partie d'infection viens du téléchargement P2P
<<n'installez plus ces programmes >>
Ce << LIEN>> aussi à lire.
Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.
Ensuite ceci.télécharge ToolsCleaner (de A.Rothstein & dj QUIOU) http://pc-system.fr/TC/ToolsCleaner2.exe
double-clique dessus pour lancer le programme
Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).
une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.
Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail
Clique sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options facultatives.
Poste-moi le rapport qui apparait
Bon maintenant on va mettre la restauration du système propre.
Pour cela:
1- Valides les touches Windows et Pause en même temps.
Puis cela:
Sur cette fenêtre décoche cette case et Valides :
Toujours sur cette même fenêtre :
Il te faut donc maintenant recrée un nouveau point de restauration.
Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »
Puis ceci :
Ensuite création de ce point de restauration.
Et Confirmation.
Vous pouvez maintenant fermer toutes les fenêtres.
Voici un lien très intéressant sur des Logiciels nuisibles et pour eviter justement ce genre de soucis.
Bien sur une grande partie d'infection viens du téléchargement P2P
<<n'installez plus ces programmes >>
Ce << LIEN>> aussi à lire.
Bonne visite sur: http://tuto-b.comli.com/
Re: Vista lent au démarrage
Hello bernard!
Alors premièrement merci pour tout! mon ordi demarre sans souci!
par contre, la roulotte de ma souris (ayant un portable le touche qui permet de descendre et monter), ne marche plus...aurais tu un suggestion?
Alors premièrement merci pour tout! mon ordi demarre sans souci!
par contre, la roulotte de ma souris (ayant un portable le touche qui permet de descendre et monter), ne marche plus...aurais tu un suggestion?