Malwarebytes’ Anti-Malware 1.41
Version de la base de données: 3196
Windows 5.1.2600 Service Pack 2
19/11/2009 20:46:18
mbam-log-2009-11-19 (20-46-18).txt
Type de recherche: Examen complet (C:|D:|E:|F:|)
Eléments examinés: 227369
Temps écoulé: 1 hour(s), 13 minute(s), 20 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Navilog1\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Adeline at 2009-11-20 14:01:23
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 34 GB (44%) free of 76 GB
Total RAM: 447 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:01:46, on 20/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Adeline\Local Settings\Temporary Internet Files\Content.IE5\J2LGTYOE\RSIT[1].exe
C:\Program Files\trend micro\Adeline.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = recherche.neuf.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = recherche.neuf.fr…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKLM…\Run: [lxdxmon.exe] “C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe”
O4 - HKLM…\Run: [EzPrint] “C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe”
O4 - HKLM…\RunOnce: [Uninstall Adobe Download Manager] “C:\WINDOWS\system32\rundll32.exe” “C:\Program Files\NOS\bin\getPlus_Helper.dll”,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.zebulon.fr…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - platformdl.adobe.com…
O17 - HKLM\System\CCS\Services\Tcpip…{F10550A6-BDEC-4542-BCDA-9B6DD6B84E3F}: NameServer = 192.168.1.1
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdxserv.exe
O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe
–
End of file - 7972 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Nettoyage de disque.job
C:\WINDOWS\tasks\Rappel d’enregistrement 1.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{805899AE-9A0B-457F-8C8B-DEF65D28AE79}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
“Malwarebytes Anti-Malware (reboot)”=C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe /runcleanupscript []
“lxdxmon.exe”=C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe [2008-06-13 668328]
“EzPrint”=C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe [2008-06-13 107176]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“Uninstall Adobe Download Manager”=C:\Program Files\NOS\bin\getPlus_Helper.dll [2009-11-06 51168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-02-20 88363]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-03-09 335872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe]
CFSServ.exe -NoClient []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
C:\Program Files\ltmoh\Ltmoh.exe [2003-09-26 184320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch]
C:\Program Files\TOSHIBA\PadTouch\PadExe.exe [2004-02-12 1019904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2004-04-30 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-09-20 132624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-04-22 507904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-04-22 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFncKy]
TFncKy.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THotkey]
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [2004-08-16 430080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2003-09-15 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
C:\WINDOWS\system32\TPSMain.exe [2004-08-12 266240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adeline^Menu Démarrer^Programmes^Démarrage^Lancement rapide de Microsoft Office OneNote 2003.lnk]
C:\PROGRA~1\MICROS~2\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adeline^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk]
C:\DOCUME~1\Adeline\APPLIC~1\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2009-01-06 143360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d’Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2005-09-23 29696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-03-09 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{88485281-8b4b-4f8d-9ede-82e29a064277}”=C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 192512]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=95000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Azureus\Azureus.exe”="C:\Program Files\Azureus\Azureus.exe::Disabled:Azureus"
“C:\Program Files\uTorrent\uTorrent.exe”=“C:\Program Files\uTorrent\uTorrent.exe::Enabled:µTorrent"
“C:\Program Files\MSN Messenger\livecall.exe”="C:\Program Files\MSN Messenger\livecall.exe::Disabled:Windows Live Call”
“C:\Program Files\Internet Explorer\iexplore.exe”=“C:\Program Files\Internet Explorer\iexplore.exe::Enabled:Internet Explorer"
“C:\Program Files\Veoh Networks\Veoh\VeohClient.exe”="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe::Disabled:Veoh Client”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live Sync”
“C:\Program Files\Real\RealPlayer\realplay.exe”=“C:\Program Files\Real\RealPlayer\realplay.exe::Disabled:RealPlayer"
“C:\Program Files\Messenger\msmsgs.exe”="C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger”
“C:\WINDOWS\system32\lxdxcoms.exe”=“C:\WINDOWS\system32\lxdxcoms.exe::Enabled:Lexmark Communications System"
“C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe”="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe::Enabled:Printer Status Window Interface”
“C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe”=“C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe::Enabled:Lexmark Connect Time Executable"
“C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe”="C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe::Enabled:Printer Device Monitor”
“C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe”=“C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe:*:Enabled:Job Status Window Interface”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”=“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync”
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe “%1”
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2009-11-20 14:01:26 ----D---- C:\Program Files\trend micro
2009-11-20 14:01:23 ----DC---- C:\rsit
2009-11-20 13:31:15 ----D---- C:\Program Files\NOS
2009-11-20 13:31:15 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-11-20 10:54:56 ----A---- C:\WINDOWS\system32\lxdxvs.dll
2009-11-20 10:54:52 ----A---- C:\WINDOWS\system32\lxdxcoin.dll
2009-11-20 10:53:24 ----D---- C:\WINDOWS\LastGood
2009-11-20 10:52:47 ----A---- C:\WINDOWS\system32\lxdxcaps.dll
2009-11-20 10:52:46 ----A---- C:\WINDOWS\system32\lxdxdrs.dll
2009-11-20 10:52:46 ----A---- C:\WINDOWS\system32\lxdxcnv4.dll
2009-11-20 10:51:49 ----A---- C:\WINDOWS\system32\lxdxrwrd.ini
2009-11-20 10:51:40 ----A---- C:\WINDOWS\system32\lxdxwupd.exe
2009-11-20 10:51:40 ----A---- C:\WINDOWS\system32\lxdxwupd.dll
2009-11-20 10:50:43 ----A---- C:\WINDOWS\system32\LXDXinst.dll
2009-11-20 10:50:43 ----A---- C:\WINDOWS\system32\lxdxinpa.dll
2009-11-20 10:50:43 ----A---- C:\WINDOWS\system32\lxdxiesc.dll
2009-11-20 10:50:43 ----A---- C:\WINDOWS\system32\LXDXhcp.dll
2009-11-20 10:50:42 ----A---- C:\WINDOWS\system32\lxdxutil.dll
2009-11-20 10:50:42 ----A---- C:\WINDOWS\system32\lxdxusb1.dll
2009-11-20 10:50:41 ----A---- C:\WINDOWS\system32\lxdxserv.dll
2009-11-20 10:50:41 ----A---- C:\WINDOWS\system32\lxdxprox.dll
2009-11-20 10:50:41 ----A---- C:\WINDOWS\system32\lxdxpmui.dll
2009-11-20 10:50:40 ----A---- C:\WINDOWS\system32\lxdxlmpm.dll
2009-11-20 10:50:40 ----A---- C:\WINDOWS\system32\lxdxjswr.dll
2009-11-20 10:50:40 ----A---- C:\WINDOWS\system32\lxdxinsr.dll
2009-11-20 10:50:40 ----A---- C:\WINDOWS\system32\lxdxinsb.dll
2009-11-20 10:50:40 ----A---- C:\WINDOWS\system32\lxdxins.dll
2009-11-20 10:50:39 ----A---- C:\WINDOWS\system32\lxdxih.exe
2009-11-20 10:50:39 ----A---- C:\WINDOWS\system32\lxdxhbn3.dll
2009-11-20 10:50:39 ----A---- C:\WINDOWS\system32\lxdxgrd.dll
2009-11-20 10:50:38 ----A---- C:\WINDOWS\system32\lxdxgf.dll
2009-11-20 10:50:38 ----A---- C:\WINDOWS\system32\lxdxcur.dll
2009-11-20 10:50:38 ----A---- C:\WINDOWS\system32\lxdxcub.dll
2009-11-20 10:50:37 ----A---- C:\WINDOWS\system32\lxdxcu.dll
2009-11-20 10:50:37 ----A---- C:\WINDOWS\system32\lxdxcoms.exe
2009-11-20 10:50:37 ----A---- C:\WINDOWS\system32\lxdxcomm.dll
2009-11-20 10:50:36 ----A---- C:\WINDOWS\system32\lxdxcomc.dll
2009-11-20 10:50:36 ----A---- C:\WINDOWS\system32\lxdxcfg.exe
2009-11-20 10:50:35 ----A---- C:\WINDOWS\system32\LXDXcfg.dll
2009-11-20 10:50:06 ----D---- C:\Program Files\Lexmark 3600-4600 Series
2009-11-19 19:26:04 ----DC---- C:\Documents and Settings\Adeline\Application Data\Malwarebytes
2009-11-19 19:25:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-19 10:47:05 ----D---- C:\WINDOWS\BDOSCAN8
2009-11-18 17:10:51 ----DC---- C:\logs
2009-11-18 17:09:35 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2009-11-18 17:08:58 ----D---- C:\Program Files\Lexmark Toolbar
======List of files/folders modified in the last 1 months======
2009-11-20 14:01:35 ----D---- C:\WINDOWS\Prefetch
2009-11-20 14:01:26 ----RD---- C:\Program Files
2009-11-20 13:56:22 ----D---- C:\WINDOWS\Temp
2009-11-20 13:31:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-20 10:55:16 ----D---- C:\WINDOWS\system32
2009-11-20 10:55:06 ----HD---- C:\WINDOWS\inf
2009-11-20 10:55:06 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-20 10:55:02 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-20 10:53:24 ----D---- C:\WINDOWS
2009-11-20 10:44:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-20 09:09:47 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-20 09:08:30 ----D---- C:\Program Files\Samsung
2009-11-20 09:07:53 ----SHD---- C:\WINDOWS\Installer
2009-11-20 09:06:39 ----D---- C:\Program Files\QuickTime
2009-11-20 09:06:11 ----D---- C:\Program Files\Fichiers communs\Nikon
2009-11-20 09:04:01 ----D---- C:\WINDOWS\system32\drivers
2009-11-20 09:01:19 ----D---- C:\Program Files\Audacity
2009-11-20 08:59:48 ----D---- C:\WINDOWS\system32\Macromed
2009-11-20 08:59:43 ----DC---- C:\Documents and Settings\Adeline\Application Data\Macromedia
2009-11-20 08:59:16 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-11-20 08:58:55 ----D---- C:\Program Files\Fichiers communs
2009-11-20 08:58:49 ----D---- C:\Program Files\Lavasoft
2009-11-20 08:57:30 ----D---- C:\Program Files\ACD Systems
2009-11-20 08:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2009-11-19 20:46:18 ----SHD---- C:\RECYCLER
2009-11-18 17:09:47 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-18 17:09:42 ----D---- C:\WINDOWS\twain_32
2009-11-16 11:13:11 ----RASHC---- C:\boot.ini
2009-11-16 11:13:11 ----A---- C:\WINDOWS\win.ini
2009-11-16 11:13:11 ----A---- C:\WINDOWS\system.ini
2009-11-16 11:10:02 ----D---- C:\WINDOWS\pss
2009-11-15 14:43:45 ----D---- C:\WINDOWS\Help
2009-11-12 22:04:10 ----D---- C:\WINDOWS\network diagnostic
2009-10-25 13:17:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-13 5632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.10; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-01-12 15890]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-26 611820]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2004-05-28 390944]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-03-09 680448]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-10-07 9856]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-05 68352]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2002-11-05 39424]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-04-22 182688]
R3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2004-07-26 4352]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-02-20 1265388]
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 catchme;catchme; ??\C:\DOCUME~1\Adeline\LOCALS~1\Temp\catchme.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; ??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; ??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-10-20 42752]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-11-18 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\ACS.exe [2004-07-07 36864]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-03-09 397312]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2004-06-16 36864]
R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R2 lxdx_device;lxdx_device; C:\WINDOWS\system32\lxdxcoms.exe [2008-02-28 594600]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe []
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdxserv.exe [2008-02-28 98984]
S3 aspnet_state;Service d’état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-04-16 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-11-20 14:01:53
======Uninstall list======
–>C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.isu"
–>C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Download Manager–>“C:\WINDOWS\system32\rundll32.exe” “C:\Program Files\NOS\bin\getPlus_Helper.dll”,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.8 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
Assistant de connexion Windows Live–>MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atheros Client Utility–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}\setup.exe” -l0x40c
Atheros Wireless LAN MiniPCI card Driver–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}\Setup.exe” -l0x40c
ATI - Utilitaire de désinstallation du logiciel–>C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe”
ATI Display Driver–>rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AutoCAD 2009 - Français–>C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-040C-0002-0060B0CE6BBA} /M ACAD
avast! Antivirus–>C:\Program Files\Alwil Software\Avast4\aswRunDll.exe “C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
Barre d’outils Outlook de Windows Live (Windows Live Toolbar)–>MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)–>MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
BUM–>MsiExec.exe /I{55937F00-A69B-4049-8D3A-1C7729742B6F}
Camera RAW Plug-In for EPSON Creativity Suite–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{42EDF895-158C-484E-A7F2-42B90759F281}\SETUP.EXE” -l0x40c UNINST
CCleaner (remove only)–>“C:\Program Files\CCleaner\uninst.exe”
Choice Guard–>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Client Windows Rights Management–>MsiExec.exe /X{6FDC80E2-C818-4EDA-93DB-453490DE2907}
Closure Cadet–>C:\WINDOWS\unin040c.exe -f"C:\Closure Cadet\DeIsL1.isu" -c"C:\Closure Cadet_ISREG32.DLL"
Code de la Route - 10 Examens Blancs–>C:\Program Files\InstallShield Installation Information{4E91E503-7370-4EC3-AEAC-948A46B8B50A}\SETUP.EXE -runfromtemp -l0x040c
Commandes TOSHIBA–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe” -l0x40c UNINSTALL
Console TOSHIBA–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\Setup.exe” -l0x40c
CutePDF Writer 2.8–>C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)–>MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
Easy-WebPrint–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
EPSON Attach To Email–>C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Easy Photo Print–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\SETUP.EXE” -l0x40c UNINST
EPSON File Manager–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{46CBBDF8-55B5-40DB-B459-7B848394309C}\Setup.exe” -l0x40c UNINST
EPSON Scan Assistant–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe” -l0x40c -u
EPSON Scan–>C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus SX200_SX400_TX200_TX400 Manuel–>C:\Program Files\EPSON\TPMANUAL\ES_SX_TX\FRA\USE_G\DOCUNINS.EXE
EPSON Stylus SX400 Series Printer Uninstall–>C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSEGE.EXE /R /APD /P:“EPSON Stylus SX400 Series”
EPSON Web-To-Page–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE” -l0x40c -anything
Extension de Windows Live Toolbar (Windows Live Toolbar)–>MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Galerie de photos Windows Live–>MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Gestion d’énergie TOSHIBA–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
HijackThis 2.0.2–>“C:\Program Files\trend micro\HijackThis.exe” /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)–>C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)–>C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live–>C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live–>MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
InterVideo WinDVD for Toshiba–>“C:\Program Files\InstallShield Installation Information{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe” REMOVEALL
IZArc 3.6–>“C:\Program Files\IZArc\unins000.exe”
Java 2 Runtime Environment, SE v1.4.2_05–>MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Junk Mail filter update–>MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Lecteur Windows Media 11–>“C:\Program Files\Windows Media Player\Setup_wm.exe” /Uninstall
Lexmark 3600-4600 Series–>C:\Program Files\Lexmark 3600-4600 Series\Install\x86\Uninst.exe
Macromedia Flash Player–>MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Manuels TOSHIBA–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}\Setup.exe” -l0x40c
Menus intelligents (Windows Live Toolbar)–>MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 1.1 French Language Pack–>MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2–>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack–>MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2–>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1–>C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1–>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft Internationalized Domain Names Mitigation APIs–>“C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
Microsoft National Language Support Downlevel APIs–>“C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe”
Microsoft Office Excel Viewer 2003–>MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Live Add-in 1.3–>MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote 2003–>MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook Connector–>MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003–>MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack–>MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)–>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)–>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0–>“C:\WINDOWS$NtUninstallWudf01000$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works 7.0–>MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)–>“C:\WINDOWS$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)–>“C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)–>“C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)–>“C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)–>“C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)–>“C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)–>“C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)–>“C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)–>“C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)–>“C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)–>“C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)–>“C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958470)–>“C:\WINDOWS$NtUninstallKB958470$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960859)–>“C:\WINDOWS$NtUninstallKB960859$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB961371-v2)–>“C:\WINDOWS$NtUninstallKB961371-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB961501)–>“C:\WINDOWS$NtUninstallKB961501$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB968537)–>“C:\WINDOWS$NtUninstallKB968537$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB970238)–>“C:\WINDOWS$NtUninstallKB970238$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971557)–>“C:\WINDOWS$NtUninstallKB971557$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971633)–>“C:\WINDOWS$NtUninstallKB971633$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971657)–>“C:\WINDOWS$NtUninstallKB971657$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973346)–>“C:\WINDOWS$NtUninstallKB973346$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973354)–>“C:\WINDOWS$NtUninstallKB973354$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973507)–>“C:\WINDOWS$NtUninstallKB973507$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973869)–>“C:\WINDOWS$NtUninstallKB973869$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB925720)–>“C:\WINDOWS$NtUninstallKB925720$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB961503)–>“C:\WINDOWS$NtUninstallKB961503$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB968389)–>“C:\WINDOWS$NtUninstallKB968389$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB973815)–>“C:\WINDOWS$NtUninstallKB973815$\spuninst\spuninst.exe”
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA–>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0–>c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)–>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)–>MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Neuf - Kit de connexion–>C:\Program Files\Neuf\Kit\uninstall.exe
OmniPage SE 2.0–>MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
OneCare Advisor (Windows Live Toolbar)–>MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
Outil de diagnostic PC TOSHIBA–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
Outil de téléchargement Windows Live–>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PCI 1620 Cardbus Controller and Software–>C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{AE2310DC-B261-4D84-BE03-BD318EB41B78} /l1036
RealPlayer–>C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC’97 Audio–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe” REMOVE
REALTEK Gigabit and Fast Ethernet NIC Driver–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{94FB906A-CF42-4128-A509-D353026A607E}\SETUP.EXE” -l0x40c REMOVE
Réducteur de bruit lect. CD/DVD–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe” -l0x40c
Sagem XG703 USB 802.11g–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{7421E270-0140-4F62-AE39-ECB9F1C81B35}\Setup.exe” -l0x40c
SAMSUNG Mobile Modem Driver Set–>C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software–>C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Segoe UI–>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SMSC IrCC V5.1.3600.3 SP1–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}\setup.exe” -l0x40c UNINSTALL
SRS WOW XT Plug-In for Windows Media Player for Toshiba version 1.0.2–>C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{68D368EE-F5AC-4402-BD45-B454B5453FE1}
Synaptics Pointing Device Driver–>rundll32.exe “C:\Program Files\Synaptics\SynTP\SynISDLL.dll”,standAloneUninstall
TOSHIBA ConfigFree–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe” -l0x40c UNINSTALL
TOSHIBA Hotkey Utility for Display Devices–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Toshiba\Toshiba Applet\TFNF5.isu" -c"C:\Program Files\Toshiba\Toshiba Applet\TF5Unist.dll"
TOSHIBA Software Modem–>Tosmreg -U
TOSHIBA Utilities–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Toshiba\TOSHIBA Applet\TSBUTIL.isu"
Touch and Launch–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{3470FBE6-B743-420F-B5CE-0D27FA749C16}\Setup.exe” -l0x40c
Utilitaire de zoom TOSHIBA–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe”
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Internet Explorer 7–>“C:\WINDOWS\ie7\spuninst\spuninst.exe”
Windows Live Call–>MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform–>MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental–>MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Favorites pour Windows Live Toolbar–>MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail–>MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger–>MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner–>RunDll32.exe “C:\Program Files\Windows Live Safety Center\wlscCore.dll”,UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync–>MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar–>MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer–>MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime–>“C:\Program Files\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Media Player 11–>“C:\WINDOWS$NtUninstallwmp11$\spuninst\spuninst.exe”
Windows Presentation Foundation Language Pack (FRA)–>MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation–>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Rights Management Client Backwards Compatibility–>MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Workflow Foundation FR Language Pack–>MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
XML Paper Specification Shared Components Language Pack 1.0–>“C:\WINDOWS$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe”
======Security center information======
AV: avast! antivirus 4.8.1351 [VPS 091120-0]
FW: Kerio Personal Firewall (disabled)
======System event log======
Computer Name: ALOUHETTE
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{CEAF1485-7CAA-4F60-AD38-30046241F27C} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 131293
Source Name: Tcpip
Time Written: 20091111213759.000000+060
Event Type: Informations
User:
Computer Name: ALOUHETTE
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{CEAF1485-7CAA-4F60-AD38-30046241F27C} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 131292
Source Name: Tcpip
Time Written: 20091111213749.000000+060
Event Type: Informations
User:
Computer Name: ALOUHETTE
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{CEAF1485-7CAA-4F60-AD38-30046241F27C} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 131291
Source Name: Tcpip
Time Written: 20091111213744.000000+060
Event Type: Informations
User:
Computer Name: ALOUHETTE
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{CEAF1485-7CAA-4F60-AD38-30046241F27C} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 131290
Source Name: Tcpip
Time Written: 20091111213734.000000+060
Event Type: Informations
User:
Computer Name: ALOUHETTE
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{CEAF1485-7CAA-4F60-AD38-30046241F27C} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 131289
Source Name: Tcpip
Time Written: 20091111213724.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: ALOUHETTE
Event Code: 1001
Message: Échec de détection du produit ‘{9011040C-6000-11D3-8CFE-0150048383C9}’, fonctionnalité ‘EXCELFiles’ lors de la demande du composant ‘{A2B280D4-20FB-4720-99F7-40C09FBCE10A}’
Record Number: 896
Source Name: MsiInstaller
Time Written: 20090329151036.000000+120
Event Type: Avertissement
User: ALOUHETTE\HAMIDOU
Computer Name: ALOUHETTE
Event Code: 1004
Message: Échec de détection du produit ‘{9011040C-6000-11D3-8CFE-0150048383C9}’, fonctionnalité ‘EXCELFiles’, composant '{43A46B81-37A6-11D2-AA89-00A0C90F57B0}. La ressource ‘C:\Program Files\Microsoft Office\OFFICE11\XLSTART’ n’existe pas
Record Number: 895
Source Name: MsiInstaller
Time Written: 20090329151036.000000+120
Event Type: Avertissement
User: ALOUHETTE\HAMIDOU
Computer Name: ALOUHETTE
Event Code: 11729
Message: Produit : Microsoft Office Professional Edition 2003 – La configuration a échoué.
Record Number: 894
Source Name: MsiInstaller
Time Written: 20090329151036.000000+120
Event Type: Informations
User: ALOUHETTE\HAMIDOU
Computer Name: ALOUHETTE
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés.
Les données d’enregistrement contiennent les nouvelles valeurs d’index
assignées à ce service.
Record Number: 893
Source Name: LoadPerf
Time Written: 20090329150925.000000+120
Event Type: Informations
User:
Computer Name: ALOUHETTE
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés.
Les données d’enregistrement contiennent les nouvelles valeurs du dernier compteur système
et les dernières entrées du registre d’aide.
Record Number: 892
Source Name: LoadPerf
Time Written: 20090329150925.000000+120
Event Type: Informations
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322;C:\Program Files\Samsung\Samsung PC Studio 3
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=15
“PROCESSOR_IDENTIFIER”=x86 Family 15 Model 4 Stepping 1, GenuineIntel
“PROCESSOR_REVISION”=0401
“NUMBER_OF_PROCESSORS”=2
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
-----------------EOF-----------------