Log.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by admin at 2009-02-04 15:16:47
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 16 GB (22%) free of 72 GB
Total RAM: 479 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:59, on 04/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CAPRPCSK.EXE
C:\Documents and Settings\tazebama.dl_
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\CTFMON.EXE
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\admin.exe
C:\WINDOWS\system32\taskmgr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKLM\..\Policies\Explorer\Run: [ENS-079256693B7] .vbe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Fenêtre d'état Canon LBP-810.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: 255A80CF - Unknown owner - C:\WINDOWS\system32\BE988083.EXE (file missing)
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
End of file - 3898 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\At1.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-14 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2009-02-02 223599]
"RoxioEngineUtility"=C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe [2009-02-02 226159]
"RavAV"=C:\WINDOWS\RavMonE.exe []
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CAPON"=C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAPONN.EXE [2001-02-14 22528]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-04 160768]
"FrameWorkService"= []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"ENS-079256693B7"=C:\WINDOWS\system32\.vbe [2008-09-16 10000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-09-03 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FrameWorkService]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printer Spooler]
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe [2008-05-17 31744]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
Fenêtre d'état Canon LBP-810.LNK - C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{571091a0-ee79-11db-9dd9-806d6172696f}]
shell\AutoRun\command - C:\zPharaoh.exe
shell\explore\command - C:\zPharaoh.exe
shell\open\command - C:\zPharaoh.exe
======List of files/folders created in the last 2 months======
2009-02-04 14:59:27 ----DC---- C:\rsit
2009-02-04 14:59:27 ----D---- C:\Program Files\trend micro
2009-02-04 14:38:56 ----D---- C:\WINDOWS\LastGood
2009-02-04 14:36:51 ----D---- C:\Documents and Settings\admin\Application Data\Identities
2009-02-04 14:36:37 ----SD---- C:\Documents and Settings\admin\Application Data\Microsoft
2009-02-04 14:36:37 ----ASH---- C:\Documents and Settings\admin\Application Data\desktop.ini
2009-02-04 13:25:22 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-04 13:25:21 ----D---- C:\Program Files\Symantec
2009-02-04 11:09:25 ----D---- C:\WINDOWS\pss
2009-02-02 11:50:16 ----RSHC---- C:\zPharaoh.exe
2009-02-01 11:14:38 ----D---- C:\Program Files\JGsoft
2009-02-01 11:14:38 ----A---- C:\WINDOWS\UnDeploy.exe
2009-01-29 12:03:31 ----DC---- C:\liste des éudiants 2008-2009
======List of files/folders modified in the last 2 months======
2009-02-04 15:15:02 ----SD---- C:\WINDOWS\Tasks
2009-02-04 14:59:27 ----D---- C:\Program Files
2009-02-04 14:39:04 ----SHD---- C:\WINDOWS\Installer
2009-02-04 14:39:02 ----HD---- C:\WINDOWS\system32\drivers
2009-02-04 14:39:02 ----HD---- C:\WINDOWS\inf
2009-02-04 14:38:56 ----D---- C:\WINDOWS
2009-02-04 14:37:11 ----D---- C:\WINDOWS\Temp
2009-02-04 14:36:53 ----A---- C:\WINDOWS\OEWABLog.txt
2009-02-04 14:36:36 ----D---- C:\Documents and Settings
2009-02-04 14:33:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-04 14:33:40 ----D---- C:\WINDOWS\system32
2009-02-04 14:33:33 ----D---- C:\WINDOWS\system32\Restore
2009-02-04 14:33:27 ----D---- C:\Program Files\Movie Maker
2009-02-04 14:33:19 ----D---- C:\Program Files\Outlook Express
2009-02-04 14:33:09 ----D---- C:\Program Files\Windows NT
2009-02-04 14:33:07 ----D---- C:\Program Files\NetMeeting
2009-02-04 14:32:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-04 13:32:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-04 13:25:56 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-02-04 13:00:00 ----SHC---- C:\boot.ini
2009-02-04 13:00:00 ----A---- C:\WINDOWS\win.ini
2009-02-04 13:00:00 ----A---- C:\WINDOWS\system.ini
2009-02-04 12:41:40 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-02-04 10:52:49 ----A---- C:\WINDOWS\DUMP448a.tmp
2009-02-03 16:11:12 ----D---- C:\Program Files\Windows Media Player
2009-02-03 15:42:03 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-03 10:56:45 ----A---- C:\WINDOWS\system32\osk.exe
2009-02-03 10:56:45 ----A---- C:\WINDOWS\system32\mobsync.exe
2009-02-03 10:56:45 ----A---- C:\WINDOWS\system32\magnify.exe
2009-02-03 10:56:45 ----A---- C:\WINDOWS\system32\cmd.exe
2009-02-03 10:56:44 ----A---- C:\WINDOWS\system32\notepad.exe
2009-02-03 10:03:13 ----D---- C:\WINDOWS\Prefetch
2009-02-03 09:05:19 ----D---- C:\Program Files\Internet Explorer
2009-02-02 17:28:35 ----A---- C:\WINDOWS\x2.64.exe
2009-02-02 17:28:35 ----A---- C:\WINDOWS\uninst.exe
2009-02-02 17:28:34 ----A---- C:\WINDOWS\meta4.exe
2009-02-02 17:28:33 ----A---- C:\WINDOWS\alcupd.exe
2009-02-02 17:28:33 ----A---- C:\WINDOWS\alcrmv.exe
2009-02-02 11:50:19 ----A---- C:\WINDOWS\soundman.exe
2009-01-29 13:56:52 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-01-26 14:32:26 ----D---- C:\ADMINISTRATIVE
2009-01-26 09:17:02 ----D---- C:\ACADEMIQUE
2009-01-21 08:09:11 ----D---- C:\WINDOWS\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R2 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2007-10-10 27924]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-09-28 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-09-28 55936]
R2 RapidPort;RapidPort; \??\C:\WINDOWS\system32\Drivers\CAPLPTN.SYS []
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
R3 STAC97NA;SigmaTel 3D Environmental Audio; C:\WINDOWS\system32\drivers\stac97na.sys [2002-09-20 296179]
R3 STAC97NH;STAC97NH; C:\WINDOWS\system32\drivers\stac97nh.sys [2002-09-20 231983]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R4 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-05-14 622172]
S3 allegro;Pilote audio ESS Allegro (WDM); C:\WINDOWS\system32\drivers\es198x.sys [2001-08-17 174464]
S3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
S3 NetWlan5;Pilote de carte réseau sans fil 802.11b à base Symbol; C:\WINDOWS\system32\DRIVERS\NetWlan5.sys [2004-08-03 132695]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
S3 OEMFVNETusb(AR)(R);OEM FVNETusb(AR)(R) Service for 802.11b Wireless USB Adapter; C:\WINDOWS\system32\DRIVERS\vnetusbr.sys [2003-04-17 100096]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S4 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-04 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-08-04 73796]
S2 255A80CF;255A80CF; C:\WINDOWS\system32\BE988083.EXE -k []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-02-02 245663]
-----------------EOF-----------------
info.txt
info.txt logfile of random's system information tool 1.05 2009-02-04 15:16:52
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 6.0 Professional-->MsiExec.exe /I{AC76BA86-1033-0000-7760-000000000001}
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Imprimantes Canon CAPT-->C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAP1UNIK.EXE
jetAudio Plus VX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x9 -removeonly
Just Great Software EditPad Lite 6.4.3-->C:\WINDOWS\UnDeploy.exe "C:\Program Files\JGsoft\EditPadLite\Deploy.log"
LiveUpdate 2.0 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Nero 7 Premium-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
SigmaTel C-Major Audio-->stunwdm.exe
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
WinEdt-->"C:\Program Files\WinEdt Team\WinEdt\WinEdt.exe" -V "[Exe('%B\WinShell\Uninstall.edt');]"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
System event log
Computer Name: ENS-079256693B7
Event Code: 7001
Message: Le service Configuration automatique sans fil dépend du service NDIS mode utilisateur E/S Protocole qui n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 2566
Source Name: Service Control Manager
Time Written: 20090129080841.000000+060
Event Type: erreur
User:
Computer Name: ENS-079256693B7
Event Code: 5000
Message: Carte réseau PC Card sans fil 802.11b : a rencontré un conflit de ressources et n'a pas pu être chargé.
Record Number: 2565
Source Name: NetWlan5
Time Written: 20090129080724.000000+060
Event Type: erreur
User:
Computer Name: ENS-079256693B7
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.
Record Number: 2564
Source Name: EventLog
Time Written: 20090129080656.000000+060
Event Type: Informations
User:
Computer Name: ENS-079256693B7
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.
Record Number: 2563
Source Name: EventLog
Time Written: 20090129080656.000000+060
Event Type: Informations
User:
Computer Name: ENS-079256693B7
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.
Record Number: 2562
Source Name: EventLog
Time Written: 20090128160413.000000+060
Event Type: Informations
User:
Application event log
Computer Name: ENS-079256693B7
Event Code: 102
Message: wuaueng.dll (1204) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 497
Source Name: ESENT
Time Written: 20071207073455.000000+060
Event Type: Informations
User:
Computer Name: ENS-079256693B7
Event Code: 100
Message: wuauclt (1204) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 496
Source Name: ESENT
Time Written: 20071207073455.000000+060
Event Type: Informations
User:
Computer Name: ENS-079256693B7
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 495
Source Name: SecurityCenter
Time Written: 20071207073410.000000+060
Event Type: Informations
User:
Computer Name: ENS-079256693B7
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur ENS-079256693B7\DEENS alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.
Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.
Record Number: 494
Source Name: Userenv
Time Written: 20071206152428.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: ENS-079256693B7
Event Code: 1002
Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré.
Record Number: 493
Source Name: Winlogon
Time Written: 20071206101420.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"PS5ROOT"=C:\Program Files\Roxio\Easy CD Creator 6\PhotoSuite\
-----------------EOF-----------------
"incomplete installation of left 4 dead 2 (53)"
