| Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit ) | 2 YOB, le 21 fév 2009 à 01:43:36Merci lolo :)
Voici le premier txt
Euh... Bonne chance!
Logfile of random's system information tool 1.05 (written by random/random)
Run by Baudouin at 2009-02-21 01:32:07
Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
System drive C: has 42 GB (33%) free of 126 GB
Total RAM: 3062 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:32:21, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\F-Secure\FSGUI\fsavgui.exe
C:\Users\Baudouin\AppData\Local\Opera\Opera\profile\cache4\temporary_download\RSIT.exe
C:\Program Files\trend micro\Baudouin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: I.R.I.S. Desktop Search - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKCU\..\Run: [EarthDesk] "C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe" /silentstart
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer via Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Envoyer via message(&M)... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O8 - Extra context menu item: Ouvrir dans WordPerfect - c:\Program Files\Corel\WordPerfect Office X4\Programs\WPLauncher.hta
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure\FSPC\fspcmsie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_0_32.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\Program Files\Common Files\X10\Common\X10nets.exe
End of file - 14178 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1024267342-4029512542-3631629781-1001.job
C:\Windows\tasks\NatSpeak Periodic Acoustic Optimization.job
C:\Windows\tasks\NatSpeak Periodic Language Model Optimization.job
C:\Windows\tasks\Scheduled scanning task.job
C:\Windows\tasks\Uniblue SpeedUpMyPC Nag.job
C:\Windows\tasks\Uniblue SpeedUpMyPC.job
C:\Windows\tasks\Uniblue SpyEraser.job
C:\Windows\tasks\User_Feed_Synchronization-{8715CE55-EC90-49D4-B9B2-E9D46C468A81}.job
C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-09-24 756840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-03-10 370296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-15 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2004-12-02 1066968]
{577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - I.R.I.S. Desktop Search - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll [2006-01-11 1385768]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Barre d'outils - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-31 102400]
"PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-10-14 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-10-14 957024]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2007-09-06 188416]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2007-09-01 32768]
"LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2006-12-26 180224]
"OmniPass"=C:\Program Files\Softex\OmniPass\scureapp.exe [2007-09-04 2560000]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2007-09-07 86016]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-05-16 86960]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-12-23 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-12-23 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-12-23 154136]
"beid"=C:\Program Files\Belgium Identity Card\beid35gui.exe [2009-02-02 2035712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EarthDesk"=C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe [2007-11-12 1082664]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC 3\StartSUMP2.exe [2008-01-29 156952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-12-23 221184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-02-05 233888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Mobistar\IEWInternetBE\Connectivity\ConnectivityManager.exe"="C:\Program Files\Mobistar\IEWInternetBE\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37141033-0fb0-11dd-b8e9-001b77d9f943}]
shell\AutoRun\command - G:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3714104f-0fb0-11dd-b8e9-001b77d9f943}]
shell\AutoRun\command - F:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b825d843-ff09-11dc-9f91-0016d3c0e2c3}]
shell\AutoRun\command - G:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b825d846-ff09-11dc-9f91-0016d3c0e2c3}]
shell\AutoRun\command - G:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c01c8582-11f6-11dd-a167-001b77d9f943}]
shell\AutoRun\command - G:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c01c8584-11f6-11dd-a167-001b77d9f943}]
shell\AutoRun\command - G:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c322e5ed-80a2-11dd-966c-001b77d9f943}]
shell\AutoRun\command - F:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c322e5ee-80a2-11dd-966c-001b77d9f943}]
shell\AutoRun\command - F:\VMC_PBStarter.exe
======List of files/folders created in the last 1 months======
2009-02-21 01:32:07 ----D---- C:\rsit
2009-02-21 01:32:07 ----D---- C:\Program Files\trend micro
2009-02-20 13:42:19 ----D---- C:\divx
2009-02-20 10:17:09 ----D---- C:\Program Files\VirtualDub
2009-02-19 15:18:51 ----D---- C:\Windows\system32\beidpp
2009-02-19 15:18:48 ----D---- C:\Program Files\Belgium Identity Card
2009-02-19 15:06:25 ----A---- C:\Windows\system32\Usbr38.DLL
2009-02-19 14:45:01 ----D---- C:\Windows\system32\siscardplugins
2009-02-19 14:43:29 ----D---- C:\drivers
2009-02-11 04:31:15 ----A---- C:\Windows\system32\EncDec.dll
2009-02-11 04:31:12 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-11 01:52:39 ----A---- C:\Windows\system32\mshtml.dll
2009-02-11 01:52:36 ----A---- C:\Windows\system32\ieframe.dll
2009-02-11 01:52:35 ----A---- C:\Windows\system32\urlmon.dll
2009-02-11 01:52:33 ----A---- C:\Windows\system32\wininet.dll
2009-02-11 01:52:33 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-11 01:52:32 ----A---- C:\Windows\system32\mstime.dll
2009-02-11 01:52:31 ----A---- C:\Windows\system32\iertutil.dll
2009-02-11 01:52:29 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-08 16:00:21 ----A---- C:\Windows\system32\RtNicProp32.dll
2009-02-08 15:35:16 ----D---- C:\Users\Baudouin\AppData\Roaming\vlc
2009-02-05 09:40:52 ----D---- C:\Program Files\Common Files\Skype
2009-02-02 13:31:20 ----A---- C:\Windows\system32\beid35applayer.dll
2009-02-02 13:31:06 ----A---- C:\Windows\system32\Belgium Identity Card PKCS11.dll
2009-02-02 13:31:06 ----A---- C:\Windows\system32\beidpkcs11.dll
2009-02-02 13:31:00 ----A---- C:\Windows\system32\beidCSPlib.dll
2009-02-02 13:30:46 ----A---- C:\Windows\system32\beid35cardlayer.dll
2009-02-02 13:30:22 ----A---- C:\Windows\system32\beid35DlgsWin32.dll
2009-02-02 13:30:08 ----A---- C:\Windows\system32\beid35common.dll
2009-02-02 13:29:46 ----A---- C:\Windows\system32\eidlib.dll
2009-02-02 13:29:46 ----A---- C:\Windows\system32\beidlib.dll
2009-01-23 18:52:13 ----D---- C:\ProgramData\Yahoo! Companion
2009-01-22 16:37:19 ----D---- C:\ProgramData\BSD
2009-01-22 08:54:12 ----D---- C:\Program Files\QuickTime
======List of files/folders modified in the last 1 months======
2009-02-21 01:32:13 ----D---- C:\Windows\Temp
2009-02-21 01:32:07 ----RD---- C:\Program Files
2009-02-21 00:15:26 ----D---- C:\Windows\Prefetch
2009-02-21 00:14:20 ----A---- C:\Windows\system32\bscs.ini
2009-02-20 11:25:18 ----D---- C:\Program Files\DivX
2009-02-20 11:24:40 ----D---- C:\Windows\System32
2009-02-20 11:24:33 ----SHD---- C:\Windows\Installer
2009-02-20 09:16:25 ----D---- C:\ProgramData\Google Updater
2009-02-19 17:55:20 ----D---- C:\Program Files\Mozilla Firefox
2009-02-19 16:28:08 ----HD---- C:\Users\Baudouin\AppData\Roaming\XnView
2009-02-19 16:11:18 ----HD---- C:\ProgramData
2009-02-19 15:19:16 ----D---- C:\Windows\system32\drivers
2009-02-19 15:18:49 ----D---- C:\Windows
2009-02-19 15:06:24 ----D---- C:\Windows\system32\catroot
2009-02-19 15:06:24 ----D---- C:\Windows\inf
2009-02-19 14:41:43 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-19 14:21:15 ----D---- C:\Windows\winsxs
2009-02-19 14:01:40 ----D---- C:\Users\Baudouin\AppData\Roaming\F-Secure
2009-02-19 08:17:47 ----HD---- C:\Users\Baudouin\AppData\Roaming\Skype
2009-02-19 08:01:20 ----D---- C:\Users\Baudouin\AppData\Roaming\skypePM
2009-02-13 08:43:42 ----D---- C:\Program Files\Safari
2009-02-12 23:59:27 ----D---- C:\Program Files\F-Secure
2009-02-11 04:38:41 ----D---- C:\Windows\Microsoft.NET
2009-02-11 04:38:21 ----RSD---- C:\Windows\assembly
2009-02-11 04:31:48 ----D---- C:\Windows\ehome
2009-02-11 04:26:02 ----D---- C:\Windows\system32\catroot2
2009-02-11 03:00:22 ----D---- C:\Program Files\Windows Mail
2009-02-09 14:12:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-08 16:00:08 ----D---- C:\Program Files\Realtek
2009-02-08 15:50:10 ----D---- C:\Windows\system
2009-02-08 14:22:33 ----D---- C:\Windows\system32\Tasks
2009-02-08 14:22:32 ----D---- C:\Windows\Tasks
2009-02-08 14:07:59 ----D---- C:\ProgramData\F-Secure
2009-02-08 14:07:31 ----D---- C:\ProgramData\fssg
2009-02-05 09:40:53 ----RD---- C:\Program Files\Skype
2009-02-05 09:40:53 ----D---- C:\ProgramData\Skype
2009-02-05 09:40:52 ----D---- C:\Program Files\Common Files
2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-02-02 10:24:28 ----D---- C:\ProgramData\ma-config.com
2009-02-02 10:24:28 ----D---- C:\Program Files\ma-config.com
2009-02-02 03:22:46 ----D---- C:\Users\Baudouin\AppData\Roaming\LimeWire
2009-01-23 18:52:13 ----D---- C:\Users\Baudouin\AppData\Roaming\yahoo!
2009-01-23 18:52:10 ----D---- C:\Program Files\Yahoo!
2009-01-23 14:00:31 ----D---- C:\Program Files\Internet Explorer
2009-01-22 20:21:25 ----HD---- C:\Users\Baudouin\AppData\Roaming\Mozilla
2009-01-22 20:18:00 ----SHD---- C:\System Volume Information
2009-01-22 16:17:16 ----D---- C:\Users\Baudouin\AppData\Roaming\BSD Concept
2009-01-22 15:14:18 ----D---- C:\Program Files\Common Files\Corel
2009-01-22 14:52:04 ----D---- C:\Program Files\Mozilla Thunderbird
2009-01-22 08:58:12 ----D---- C:\ProgramData\Apple Computer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-19 350720]
R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2008-10-14 66720]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2008-10-14 35552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2008-10-14 70944]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2008-10-14 12384]
R1 Hotkey;Hotkey; C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 9867]
R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver; C:\Windows\system32\plcndis5.sys [2004-05-17 17280]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-01-24 14336]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2009-02-08 84096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-12-23 2476032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-09-25 3666432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-01-20 142848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-01-15 61440]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-22 1749760]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-31 192688]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2008-01-21 14856]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2008-07-02 29960]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 48904]
R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2007-01-12 35712]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2008-07-02 38920]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 GT72NDISIPXP;GT 72 IP NDIS; C:\Windows\system32\DRIVERS\Gt51Ip.sys [2008-03-06 95744]
S3 GT72UBUS;GT 72 U BUS; C:\Windows\system32\DRIVERS\gt72ubus.sys [2008-03-06 51968]
S3 GTPTSER;GT PT SER; C:\Windows\system32\DRIVERS\gtptser.sys [2008-03-06 8064]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-04-16 101120]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2008-03-13 2555392]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2008-03-06 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2008-03-06 27072]
S3 PhilCap;NXP service; C:\Windows\system32\DRIVERS\PhilCap.sys [2007-07-31 908896]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 28168]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 14728]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-10-14 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-10-14 25184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-08-04 772096]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-02 860160]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2008-10-14 215648]
R2 FSMA;FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [2008-10-14 117400]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-05-20 69632]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-15 168432]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-12-04 354840]
R2 ISPMonitorSrv;ISP Monitor; C:\Program Files\ISP Monitor\ISPMonitorSrv.exe [2008-06-09 36864]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 omniserv;Softex OmniPass Service; C:\Program Files\Softex\OmniPass\OmniServ.exe [2007-09-04 40960]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-02 466944]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 x10nets;X10 Device Network Service; C:\Program Files\Common Files\X10\Common\X10nets.exe [2001-11-12 20480]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-08-01 69735]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\F-Secure\FSAUA\program\fsaua.exe [2008-10-14 490080]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2008-10-14 510560]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2008-10-14 55904]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2007-09-11 118784]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-19 917504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF----------------- |
| 4 YOB, le 21 fév 2009 à 01:47:53... Et le second ... Toujours aussi indigeste!
info.txt logfile of random's system information tool 1.05 2009-02-21 01:32:27
======Uninstall list======
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gadget"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ISP News"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Web Filter"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"News Service"
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adibou V.3.10 (C:)-->"C:\coktel\Adibou3\Uninst.exe"
Adobe CMM-->C:\Program Files\Common Files\Adobe\Installers\b7572144686c889e4039b734b60fbbd\Setup.exe
Adobe CMM-->MsiExec.exe /I{42362C04-7187-4BB9-9B92-04216157E0EF}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Setup-->MsiExec.exe /I{098F8AD3-DAC4-4B37-B9F8-4F9E92B41BE7}
Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Agere Systems HDA Modem-->agrsmdel
AIM 6-->C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /I{64BDD01B-70CA-4844-9D2F-38C56FB31E03}
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /X{87079BC7-1A1E-4520-B5C3-9AF582FA26FD}
Belgium e-ID middleware 3.5.1 (build 5075)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F205075}
Bluesoleil 6.2.227.11-->MsiExec.exe /X{679068CA-C9E9-4C22-A90D-2C4F2881EF9C}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Browser MOUSE-->C:\Program Files\Browser MOUSE\uninst00.exe
Card Detector for Option Icon 225-->C:\Program Files\CardDetector\ICON225\CardDetectorSetup.exe -u
Cardiris 3.0 LE-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0143D544-04A4-11D8-944E-000475727249} /l1036
Carnet Mondain 2008 vers 2.10-->"C:\Program Files\Editions CLB\Carnet 2008\unins000.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Copernic Agent Basic-->"C:\Windows\CopernicAgentUninstall.exe" /ARGSFILE="C:\Program Files\Copernic Agent\unwise.dat"
Corel WordPerfect Office - iFilter-->MsiExec.exe /X{1DF03ECE-6AF4-414E-B118-C316F151A9A2}
CrazyTalk for Skype-->C:\Program Files\InstallShield Installation Information\{8865B208-4759-4308-8DB5-3C18D2F568E2}\setup.exe -runfromtemp -l0x040c -removeonly /remove
devolo dLAN - Assistant de configuration-->C:\Program Files\devolo\setup.exe /remove:dlanconf
devolo EasyClean-->C:\Program Files\devolo\setup.exe /remove:easyclean
devolo EasyShare-->C:\Program Files\devolo\setup.exe /remove:easyshare
devolo Informer-->C:\Program Files\devolo\setup.exe /remove:dslmon
DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dragon NaturallySpeaking 10-->MsiExec.exe /I{E7712E53-7A7F-46EB-AA13-70D5987D30F2}
EarthDesk-->C:\Program Files\XericDesign\EarthDesk\Uninstall.exe
eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FriendFinder Messenger v4.1-->MsiExec.exe /I{53B33DFC-C151-4536-87D6-A9405C1C5F36}
F-Secure Internet Security 2009-->"C:\Program Files\F-Secure\FSGUI\PostInstall.exe" /tUnInstall
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Talk Plugin-->MsiExec.exe /I{B279F2F1-3B2F-3A96-AC11-5743CD43DCCB}
Heredis v.10-->"C:\Program Files\BSD Concept\Heredis 10\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
I.R.I.S. Desktop Search-->C:\Program Files\IRIS Desktop Search\uninst.exe
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Inst5657-->MsiExec.exe /I{FEDE400D-3381-4087-ACCB-689DD8A56123}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Internet Everywhere désinstallation-->C:\Program Files\Mobistar\IEWInternetBE\installation\core\Installgui.exe -u
ISP Monitor-->C:\Windows\iun6002.exe "C:\Program Files\ISP Monitor\isp.ini"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kantaris Media Player 0.4.3-->"C:\Program Files\Kantaris\unins000.exe"
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Kit Runtime VB6.0-->C:\WINDOWS\st6unst.exe -n "C:\Windows\system32\ST6UNST.LOG"
Launch Manager V1.4.8-->C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\setup.exe -runfromtemp -l0x040c -removeonly
LimeWire PRO 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
Logitech Gaming Software 5.02-->MsiExec.exe /X{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
Lyad Messenger-->C:\USERS\BAUDOUIN\PROGRAMMES\Uninstal.exe
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
MakeDisc-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
Map24 Desktop-->"C:\Program Files\Map24\Map24 Desktop\unins000.exe"
MediaShow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft Calculatrice Plus-->MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Modèles de sons Windows-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\UltSound.inf,Uninstall
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Essentials-->MsiExec.exe /X{63B75E16-F290-4FCD-AF67-A9134CD01036}
Neuratron PhotoScore MIDI Lite-->C:\PROGRA~1\NEURAT~1\UNWISE.EXE C:\PROGRA~1\NEURAT~1\INSTALL.LOG
Nokia Connectivity Cable Driver-->MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia Multimedia Factory-->"C:\ProgramData\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe" /MAINTENANCE /SILENT="SWLPCER" /LANG="2057" /MSI_COMMON_OPTIONS="PCSLANG= MMFLANG=eng"
Nokia Multimedia Factory-->MsiExec.exe /I{4CFB3821-1582-4F3B-BF8D-30986923B36B}
Nokia PC Suite-->C:\ProgramData\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_fre_web.exe
Nokia PC Suite-->MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760}
Nokia Software Updater-->MsiExec.exe /X{3741689E-584D-40C9-B011-373A0371846D}
Nokia Video Manager-->"C:\ProgramData\Installations\{B1B4E612-9ACC-4fab-BD04-1721D9503266}\NokiaVideoManager1.6.exe" /MAINTENANCE /SILENT="SGWLRPFCE" /LANG="1036" /O=";EXTUNINSTALL=1"
Nokia Video Manager-->MsiExec.exe /I{B1B4E612-9ACC-4FAB-BD04-1721D9503266}
OmniPass 5.00.74-->C:\Program Files\InstallShield Installation Information\{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}\setup.exe -runfromtemp -l0x040c -removeonly
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Opera 9.25-->MsiExec.exe /X{C619B312-19F3-460A-9F7B-443248379F18}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_7dedec2f\nokbtmdm.inf
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PC Connectivity Solution-->MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Planète Généalogie-->"C:\Program Files\BSD Concept\Planète Généalogie\unins000.exe"
PowerDirector-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall
PowerDV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\Setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Python 2.5.1-->MsiExec.exe /I{31800004-6386-4999-A519-518F2D78D8F0}
Python 3.0-->MsiExec.exe /I{E0E56E21-55DE-4F77-A109-1BAA72348743}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rayman 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}\Setup.exe" -l0x40c
rayman2-->C:\Windows\UbiSoft\SetupUbi.exe -uninstall rayman2
RAYMANM-->C:\Windows\UbiSoft\SetupUbi.exe -uninstall RAYMANM
Readiris Pro 11-->MsiExec.exe /I{E9E9734C-2EE2-4381-ACCA-AC9B8D372DCC}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Ryanair Bargains! 1.0-->"C:\Program Files\Ryanair Bargains\1.0\unins000.exe"
Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Services Off-line de Home'Bank 4.04-->"C:\Program Files\ING\Off-line\unins000.exe"
SightSpeed-->C:\Program Files\SightSpeed\uninst.exe
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TV Player Pro v0.7-->C:\Program Files\TV Player Pro\uninstall.exe
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\setup.exe" -l0x40c
Ultimate Extras sounds from Microsoft® Tinker™-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\UltSound2.inf,Uninstall
Uniblue PowerSuite-->"C:\Program Files\Uniblue\unins000.exe"
Uniblue RegistryBooster 2-->"C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
Uniblue System Tweaker-->"C:\Program Files\Uniblue\System Tweaker\unins000.exe"
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoSMS-PC 1.36 (suppression seulement)-->"C:\Program Files\VideoSMS\uninstall.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Visual C++ Runtime for Dragon NaturallySpeaking-->MsiExec.exe /I{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vodafone Mobile Connect Lite Runtime Components-->MsiExec.exe /X{CFA76A76-03CF-43AC-AAB4-E2E3DACE4E02}
WengoPhone 2.1.2-->C:\Program Files\WengoPhone\uninstall.exe
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp Toolbar for Firefox-->"C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\unzge4gz.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Sign-in Assistant-->MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WordPerfect Office X4 - Common-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529010}
WordPerfect Office X4 - Content-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529014}
WordPerfect Office X4 - Filters-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529017}
WordPerfect Office X4 - FR-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529300}
WordPerfect Office X4 - Graphics FR-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529018}
WordPerfect Office X4 - ICA-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529005}
WordPerfect Office X4 - IPM FR-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529040}
WordPerfect Office X4 - IPM T FR-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529047}
WordPerfect Office X4 - Migration Manager-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529032}
WordPerfect Office X4 - PerfectExperts-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529054}
WordPerfect Office X4 - PR-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529013}
WordPerfect Office X4 - QP-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529012}
WordPerfect Office X4 - Skins FR-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529016}
WordPerfect Office X4 - System-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529023}
WordPerfect Office X4 - WP-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529011}
WordPerfect Office X4-->c:\Program Files\Corel\WordPerfect Office X4\Setup\SetupARP.exe /arp
WordPerfect Office X4-->MsiExec.exe /I{000AB2ED-5741-4C30-A1A4-0FCB8A529000}
X10 Hardware(TM)-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
XnView 1.94-->"C:\Program Files\XnView\unins000.exe"
X-OOM Movies On PSP désinstaller-->C:\Program Files\X-OOM\Movies On PSP\uninstall.exe
X-OOM Music on PSP-->"C:\Program Files\X-OOM\Music on PSP\unins000.exe"
X-OOM Photoshow on PSP-->MsiExec.exe /I{7346FBA5-EED7-4738-8B33-12D28A74AADD}
Yahoo! Barre d'outils-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Friend-->C:\PROGRA~1\YAHOOF~1\UNWISE.EXE C:\PROGRA~1\YAHOOF~1\INSTALL.LOG
Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
======Security center information======
AS: Windows Defender (disabled)
System event log
Computer Name: bd
Event Code: 7036
Message: Le service Ma-Config Service est entré dans l'état : en cours d'exécution.
Record Number: 309242
Source Name: Service Control Manager
Time Written: 20090221001104.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 10029
Message: DCOM a démarré le service TrustedInstaller avec les arguments « » de façon à exécuter le serveur :
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Record Number: 309243
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090221001111.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 7036
Message: Le service Programme d’installation de modules Windows est entré dans l'état : en cours d'exécution.
Record Number: 309244
Source Name: Service Control Manager
Time Written: 20090221001111.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 7036
Message: Le service Ma-Config Service est entré dans l'état : arrêté.
Record Number: 309245
Source Name: Service Control Manager
Time Written: 20090221001313.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 7036
Message: Le service Programme d’installation de modules Windows est entré dans l'état : arrêté.
Record Number: 309246
Source Name: Service Control Manager
Time Written: 20090221002111.000000-000
Event Type: Information
User:
Application event log
Computer Name: bd
Event Code: 221
Message: WinMail (2696) WindowsMail0: Fin de la sauvegarde du fichier C:\Users\Baudouin\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore.
Record Number: 48285
Source Name: ESENT
Time Written: 20090221002025.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 223
Message: WinMail (2696) WindowsMail0: Démarrage de la sauvegarde des fichiers journaux (étendue C:\Users\Baudouin\AppData\Local\Microsoft\Windows Mail\edb001A2.log - C:\Users\Baudouin\AppData\Local\Microsoft\Windows Mail\edb001A2.log).
Record Number: 48286
Source Name: ESENT
Time Written: 20090221002026.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 224
Message: WinMail (2696) WindowsMail0: Suppression des fichiers journaux C:\Users\Baudouin\AppData\Local\Microsoft\Windows Mail\edb001A1.log à C:\Users\Baudouin\AppData\Local\Microsoft\Windows Mail\edb001A1.log.
Record Number: 48287
Source Name: ESENT
Time Written: 20090221002026.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 213
Message: WinMail (2696) WindowsMail0: La procédure de sauvegarde s'est terminée correctement.
Record Number: 48288
Source Name: ESENT
Time Written: 20090221002026.000000-000
Event Type: Information
User:
Computer Name: bd
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 48289
Source Name: LightScribeService
Time Written: 20090221003226.000000-000
Event Type: Information
User:
Security event log
Computer Name: bd
Event Code: 5032
Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.
Code d’erreur : 2
Record Number: 101057
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081003115508.736012-000
Event Type: Échec de l'audit
User:
Computer Name: bd
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : BD$
Domaine du compte : B2C
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x2dc
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Adresse du réseau : -
Port : -
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 101058
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081003115508.970012-000
Event Type: Succès de l'audit
User:
Computer Name: bd
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : BD$
Domaine du compte : B2C
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 5
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x2dc
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -
Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 101059
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081003115508.970012-000
Event Type: Succès de l'audit
User:
Computer Name: bd
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 101060
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081003115508.970012-000
Event Type: Succès de l'audit
User:
Computer Name: bd
Event Code: 1100
Message: Le service d’enregistrement des événements a été arrêté.
Record Number: 101061
Source Name: Microsoft-Windows-Eventlog
Time Written: 20081003115511.574600-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Softex\OmniPass;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Belgium Identity Card
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"CLASSPATH"=C:\Program Files\Belgium Identity Card
-----------------EOF----------------- |
|
Calculatrice ti-89 telecharger les mise jour
