Voila, j’ai tout bien fait étape par étape:
Il y a donc 4 rapports si j’ai bien tout compris! Je les poste l’un parès l’autre ça sera plus clair non?
- Rapport Malwarebytes:
Malwarebytes’ Anti-Malware 1.40
Version de la base de données: 2770
Windows 5.1.2600 Service Pack 2 (Safe Mode)
10/09/2009 17:35:27
mbam-log-2009-09-10 (17-35-11).txt
Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 230623
Temps écoulé: 1 hour(s), 6 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\LOGICIELS téléchargés\Adobe Audition v1.0 Retail Full\64kMusics.exe (Malware.Packer.Krunchy) -> No action taken.
2) rapport genproc
GenProc n’a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c’est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:47:31, on 10/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\sistray.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\V0230Mon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Nath\Bureau\GenProc\GenProc\outil\Nath_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM…\Run: [Adobe Version Cue CS2] “C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe”
O4 - HKLM…\Run: [Acrobat Assistant 7.0] “C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe”
O4 - HKLM…\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM…\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM…\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [Creative Live! Cam Manager] “C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe”
O4 - HKCU…\Run: [FileHippo.com] “C:\Program Files\FileHippo.com\UpdateChecker.exe” /background
O4 - HKUS\S-1-5-19…\RunOnce: [nltide1] cmd.exe /C move /Y “%SystemRoot%\System32\syssetub.dll” “%SystemRoot%\System32\syssetup.dll” (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,4,N (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\RunOnce: [nltide1] cmd.exe /C move /Y “%SystemRoot%\System32\syssetub.dll” “%SystemRoot%\System32\syssetup.dll” (User ‘SERVICE RÉSEAU’)
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d’Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr…
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE…
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: *.line6.net
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Creative VF0230 RunApp Service (VF0230Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0230Srv.exe
–
End of file - 8670 bytes
3) contenu de log.txt
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Nath at 2009-09-10 17:59:53
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 31 GB (62%) free of 50 GB
Total RAM: 447 MB (12% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:00:25, on 10/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\sistray.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\V0230Mon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Documents and Settings\Nath\Bureau\RSIT.exe
C:\Program Files\trend micro\Nath.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM…\Run: [Adobe Version Cue CS2] “C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe”
O4 - HKLM…\Run: [Acrobat Assistant 7.0] “C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe”
O4 - HKLM…\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM…\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM…\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM…\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [Creative Live! Cam Manager] “C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe”
O4 - HKCU…\Run: [FileHippo.com] “C:\Program Files\FileHippo.com\UpdateChecker.exe” /background
O4 - HKUS\S-1-5-19…\RunOnce: [nltide1] cmd.exe /C move /Y “%SystemRoot%\System32\syssetub.dll” “%SystemRoot%\System32\syssetup.dll” (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,4,N (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\RunOnce: [nltide1] cmd.exe /C move /Y “%SystemRoot%\System32\syssetub.dll” “%SystemRoot%\System32\syssetup.dll” (User ‘SERVICE RÉSEAU’)
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d’Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr…
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program… Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE…
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: *.line6.net
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Creative VF0230 RunApp Service (VF0230Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0230Srv.exe
–
End of file - 8949 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-08-29 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-10 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Adobe Version Cue CS2”=C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [2005-04-06 856064]
“Acrobat Assistant 7.0”=C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
“SiS Tray”=C:\WINDOWS\system32\sistray.EXE [2003-10-30 667648]
“SiS Windows KeyHook”=C:\WINDOWS\system32\keyhook.exe [2003-10-30 249856]
“Cmaudio”=RunDll32 cmicnfg.cpl,CMICtrlWnd []
“AVG8_TRAY”=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-08-29 2007832]
“AVFX Engine”=C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe [2006-06-09 24576]
“V0230Mon.exe”=C:\WINDOWS\system32\V0230Mon.exe [2006-07-19 36961]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
“Creative Live! Cam Manager”=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2006-05-31 143360]
“FileHippo.com”=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-07-27 155648]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Lancement rapide d’Adobe Acrobat.lnk - C:\WINDOWS\Installer{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-29 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE::Enabled:Microsoft Office Outlook"
“C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe”="C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe::Enabled:Adobe Version Cue CS2”
“C:\Program Files\Outlook Express\msimn.exe”=“C:\Program Files\Outlook Express\msimn.exe::Enabled:Outlook Express"
“C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe::Enabled:eMule”
“C:\Program Files\AVG\AVG8\avgemc.exe”=“C:\Program Files\AVG\AVG8\avgemc.exe::Enabled:avgemc.exe"
“C:\Program Files\AVG\AVG8\avgupd.exe”="C:\Program Files\AVG\AVG8\avgupd.exe::Enabled:avgupd.exe”
“C:\Program Files\SightSpeed\SightSpeed.exe”=“C:\Program Files\SightSpeed\SightSpeed.exe::Enabled:SightSpeed"
“C:\Program Files\Mozilla Firefox\firefox.exe”="C:\Program Files\Mozilla Firefox\firefox.exe::Enabled:Firefox”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live Sync”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“C:\Program Files\Intuisphere\Cariboost 2.0\cariboost.exe”="C:\Program Files\Intuisphere\Cariboost 2.0\cariboost.exe::Enabled:Cariboost 2.0”
“H:\ThunderbirdPortable\App\thunderbird\thunderbird.exe”=“H:\ThunderbirdPortable\App\thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live Sync”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger”
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{7f045602-c539-11dd-ac2b-000b6ab28347}]
shell\AutoRun\command - u0riu2.exe
shell\open\command - u0riu2.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{97944382-c447-11dd-a013-000b6ab28347}]
shell\AutoRun\command - G:\AutoTransfer.exe
======List of files/folders created in the last 3 months======
2009-09-10 17:59:58 ----D---- C:\Program Files\trend micro
2009-09-10 17:59:53 ----D---- C:\rsit
2009-09-10 12:40:39 ----A---- C:\WINDOWS\ntbtlog.txt
2009-09-10 12:25:46 ----D---- C:\Documents and Settings\Nath\Application Data\Malwarebytes
2009-09-10 12:25:37 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-09-10 12:25:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-10 12:19:24 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-10 12:19:24 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-10 12:19:24 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-09-10 12:19:23 ----A---- C:\WINDOWS\system32\java.exe
2009-09-10 12:11:03 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2009-09-10 12:05:37 ----D---- C:\Program Files\FileHippo.com
2009-09-02 20:52:57 ----D---- C:\Program Files\OpenXML-ODF Translator
2009-08-09 01:43:37 ----D---- C:\Program Files\IMAPSize
======List of files/folders modified in the last 3 months======
2009-09-10 17:59:58 ----RD---- C:\Program Files
2009-09-10 17:48:02 ----D---- C:\Program Files\Mozilla Firefox
2009-09-10 17:45:22 ----D---- C:\WINDOWS\Prefetch
2009-09-10 17:41:37 ----D---- C:\Documents and Settings\Nath\Application Data\WinRAR
2009-09-10 17:40:18 ----D---- C:\WINDOWS\Temp
2009-09-10 17:36:55 ----D---- C:\WINDOWS\system32\drivers
2009-09-10 12:40:39 ----D---- C:\WINDOWS
2009-09-10 12:39:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-10 12:23:16 ----D---- C:\Program Files\WinRAR
2009-09-10 12:19:39 ----SHD---- C:\WINDOWS\Installer
2009-09-10 12:19:25 ----D---- C:\WINDOWS\system32
2009-09-10 12:18:47 ----D---- C:\Program Files\Java
2009-09-10 12:10:53 ----D---- C:\Program Files\CDBurnerXP
2009-09-10 00:42:55 ----D---- C:\Program Files\eMule
2009-09-06 17:07:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-09-06 00:35:41 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-04 20:03:32 ----HD---- C:$AVG8.VAULT$
2009-09-02 21:41:09 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-02 20:58:51 ----RSD---- C:\WINDOWS\assembly
2009-09-02 20:53:32 ----SD---- C:\Documents and Settings\Nath\Application Data\Microsoft
2009-08-29 16:15:45 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-08-02 10:32:27 ----D---- C:\WINDOWS\inf
2009-07-15 10:33:22 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-10 19:05:07 ----A---- C:\WINDOWS\cdplayer.ini
2009-06-15 17:48:54 ----D---- C:\audiograbber
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2006-12-13 41600]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-29 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-29 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-09 108552]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2003-10-30 11264]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-10-17 754560]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2002-09-06 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-12-13 12288]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2003-10-30 427776]
R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-04 32768]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-05-11 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-05-11 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-05-11 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-05-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-05-11 77072]
S3 L6UX2;Service - Line 6 UX2; C:\WINDOWS\System32\Drivers\L6UX2.sys [2008-10-25 530560]
S3 mbr;mbr; ??\C:\DOCUME~1\Nath\LOCALS~1\Temp\mbr.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 V0230Vfx;V0230Vfx; C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys [2006-03-23 6272]
S3 V0230VID;Live! Cam Video IM Pro; C:\WINDOWS\system32\DRIVERS\V0230VID.sys [2006-07-24 498464]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Adobe Version Cue CS2;Adobe Version Cue CS2; C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [2005-04-06 163840]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-29 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-29 297752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-10 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-23 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 VF0230Srv;Creative VF0230 RunApp Service; C:\WINDOWS\system32\V0230Srv.exe [2006-03-15 8192]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
4) contenu de info.txt
info.txt logfile of random’s system information tool 1.06 2009-09-10 18:00:30
======Uninstall list======
–>msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
–>msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
–>msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe” -l0x40c -uninst
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe” -l0x40c
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Adobe Bridge 1.0–>MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer–>MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Creative Suite 2–>C:\PROGRA~1\INSTAL~1{0134A~1\setup.exe /relaunched/rootloc=d:\adobe creative suite 2.0/lang=040c
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0–>MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Shockwave Player–>MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
Adobe Stock Photos 1.0–>MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Adobe SVG Viewer 3.0–>C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Advanced Video FX Engine–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe” -l0x40c /remove
AoA Audio Extractor 1.0–>“C:\Program Files\AoA Audio Extractor\unins000.exe”
Assistant de connexion Windows Live–>MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AVG Free 8.5–>C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Cariboost 2.0–>“C:\Program Files\Intuisphere\Cariboost 2.0\unins000.exe”
CDBurnerXP–>“C:\Program Files\CDBurnerXP\unins000.exe”
Choice Guard–>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Client Windows Rights Management avec Service Pack 2–>MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
C-Media 3D Audio–>C:\WINDOWS\CMIUnInstall.exe
Correctif pour Lecteur Windows Media 11 (KB939683)–>“C:\WINDOWS$NtUninstallKB939683$\spuninst\spuninst.exe”
Correctif pour Windows XP (KB896256)–>“C:\WINDOWS$NtUninstallKB896256$\spuninst\spuninst.exe”
Correctif pour Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
Creative Live! Cam Center–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe” -l0x40c /remove
Creative Live! Cam Manager–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe” -l0x40c /remove
Creative Live! Cam Video IM Pro Driver (1.00.07.0725)–>C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0230.uns -unsext NT -plugin V0230Pin.dll -pluginres CtCamPin.crl
Creative Photo Calendar–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe” -l0x40c /remove
Creative Photo Manager–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe” -l0x40c /remove
Creative System Information–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe” -l0x40c /remove
CS881X & MTM80X Driver(Auto Installation, Safely Remove Feature, Icon Utility)–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8BD7D8D6-5E89-42B5-A313-5E75128BC144}\Setup.exe” -l0x9 -removeonly
Déclic–>“c:\program files\declic\uninstall.exe”
eMule–>“C:\Program Files\eMule\Uninstall.exe”
FileHippo.com Update Checker–>“C:\Program Files\FileHippo.com\uninstall.exe”
Galerie de photos Windows Live–>MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
HijackThis 2.0.2–>“C:\Documents and Settings\Nath\Bureau\GenProc\GenProc\outil\HijackThis.exe” /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)–>“C:\WINDOWS$NtUninstallKB929399$\spuninst\spuninst.exe”
IMAPSize 0.3.6–>“C:\Program Files\IMAPSize\unins000.exe”
INDEX EDUCATION - Client PRONOTE 2008–>C:\Program Files\InstallShield Installation Information{CC5D63D4-BE70-432F-A9C8-2106B7AA72F0}\setup.exe -runfromtemp -l0x040c -uninst -removeonly
INDEX EDUCATION - ProfNOTE 2008–>C:\Program Files\InstallShield Installation Information{5DD31E03-4843-4352-9F8B-919430E80C98}\setup.exe -runfromtemp -l0x040c -uninst -removeonly
Installation Windows Live–>C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live–>MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Java™ SE Runtime Environment 6–>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update–>MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Lecteur Windows Media 11–>“C:\Program Files\Windows Media Player\Setup_wm.exe” /Uninstall
Line 6 Uninstaller–>C:\Program Files\Line6\Tools\Line 6 Uninstaller.exe
Live 7.0.10–>C:\PROGRA~1\Ableton\LIVE70~1.10\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE70~1.10\Install\INSTALL.LOG
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Manuel d’utilisation de Creative Live! Cam Video IM Pro (Français)–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative Live! Cam Video IM Pro\Manuel d’utilisation de Creative Live! Cam Video IM Pro\French\CTManual.isu"
MathType 6–>“C:\Program Files\MathType\Setup.exe” -R
Messenger Plus! Live–>“C:\Program Files\Messenger Plus! Live\Uninstall.exe”
Microsoft .NET Framework 1.1 French Language Pack–>MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0–>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft Office Access MUI (French) 2007–>MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007–>MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007–>MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)–>msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3–>MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector–>MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007–>MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007–>MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003–>MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007–>“C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007–>MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007–>MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007–>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007–>MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007–>MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007–>MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007–>MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM–>RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)–>“C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)–>“C:\WINDOWS$NtUninstallKB911565$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)–>“C:\WINDOWS$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)–>“C:\WINDOWS$NtUninstallKB954154_WM11$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)–>“C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)–>“C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)–>“C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB920213)–>“C:\WINDOWS$NtUninstallKB920213$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB938464)–>“C:\WINDOWS$NtUninstallKB938464$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB941569)–>“C:\WINDOWS$NtUninstallKB941569$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951698)–>“C:\WINDOWS$NtUninstallKB951698$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954211)–>“C:\WINDOWS$NtUninstallKB954211$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956391)–>“C:\WINDOWS$NtUninstallKB956391$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956841)–>“C:\WINDOWS$NtUninstallKB956841$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB957095)–>“C:\WINDOWS$NtUninstallKB957095$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB951072-v2)–>“C:\WINDOWS$NtUninstallKB951072-v2$\spuninst\spuninst.exe”
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA–>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.13)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)–>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)–>MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
muvee autoProducer 4.1–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{76B78008-3832-42FD-AE55-C8F946ED3C7E}\Setup.exe” -l0x40c
ODF Add-in for Microsoft Office–>MsiExec.exe /I{8133D88C-C6F0-4D1A-962E-C3F57D0AB117}
Outil de téléchargement Windows Live–>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picasa 3–>“C:\Program Files\Google\Picasa3\Uninstall.exe”
Quartz Studio Free–>C:\WINDOWS\unin040c.exe -f"C:\Program Files\DigitalSoundPlanet\Quartz Studio Free 370F\DeIsL1.isu" -c"C:\Program Files\DigitalSoundPlanet\Quartz Studio Free 370F_ISREG32.DLL"
Security Update for 2007 Microsoft Office System (KB951550)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for CAPICOM (KB931906)–>MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)–>MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 2.0 (KB917283)–>C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Microsoft Office Excel 2007 (KB955470)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update pour Microsoft .NET Framework 2.0 (KB922770)–>C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Segoe UI–>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SightSpeed–>C:\Program Files\SightSpeed\uninst.exe
SiS 661FX_760_741_M661FX_M760_M741–>Rundll32 SiSInst.dll,Uninstall VGA,r,0
Sony Ericsson PC Suite–>MsiExec.exe /I{50F90522-2ACE-434E-9987-F42A5F06208F}
StuffPlug 3–>C:\Program Files\StuffPlug3\Uninstall.exe
Suite Specific–>MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
Update for Microsoft Office Outlook 2007 (KB952142)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb957829)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
VLC media player 0.9.2–>C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Live Call–>MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform–>MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail–>MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger–>MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync–>MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Writer–>MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime–>“C:\Program Files\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Media Player 11–>“C:\WINDOWS$NtUninstallwmp11$\spuninst\spuninst.exe”
Windows PowerShell™ 1.0–>“C:\WINDOWS$NtUninstallKB926140$\spuninst\spuninst.exe”
WinRAR archiver–>C:\Program Files\WinRAR\uninstall.exe
Securitycenter WMI appears to be broken
======System event log======
Computer Name: NATHALIE
Event Code: 17
Message:
Record Number: 12279
Source Name: avgntflt
Time Written: 20090719210548.000000+120
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 26
Message: Application popup : : Machine Check: Regs
Record Number: 12278
Source Name: Application Popup
Time Written: 20090719210548.000000+120
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 26
Message: Application popup : : Machine Check:
Record Number: 12277
Source Name: Application Popup
Time Written: 20090719210548.000000+120
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 26
Message: Application popup : : Machine Check: Regs
Record Number: 12276
Source Name: Application Popup
Time Written: 20090719210548.000000+120
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 26
Message: Application popup : : Machine Check:
Record Number: 12275
Source Name: Application Popup
Time Written: 20090719210548.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: NATHALIE
Event Code: 301
Message: msnmsgr (3416) \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\fsr00886.log.
Record Number: 2188
Source Name: ESENT
Time Written: 20090317075118.000000+060
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 301
Message: msnmsgr (3416) \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\fsr00885.log.
Record Number: 2187
Source Name: ESENT
Time Written: 20090317075118.000000+060
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 301
Message: msnmsgr (3416) \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\fsr00884.log.
Record Number: 2186
Source Name: ESENT
Time Written: 20090317075118.000000+060
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 301
Message: msnmsgr (3416) \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\fsr00883.log.
Record Number: 2185
Source Name: ESENT
Time Written: 20090317075117.000000+060
Event Type: Informations
User:
Computer Name: NATHALIE
Event Code: 301
Message: msnmsgr (3416) \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \.\C:\Documents and Settings\Nath\Local Settings\Application Data\Microsoft\Messenger\naaath@hotmail.com\SharingMetadata\Working\database_E664_D9DA_64D9_AD95\fsr00882.log.
Record Number: 2184
Source Name: ESENT
Time Written: 20090317075117.000000+060
Event Type: Informations
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\Fichiers communs\Adobe\AGL
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
“PROCESSOR_REVISION”=0801
“NUMBER_OF_PROCESSORS”=1
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
-----------------EOF-----------------