Bonjour,
J'ai un probleme avec une vacherie de TR.Redol.C que je n'arrive pas à éliùiner !
Qqun pourrais-t'il m'aider car je suis dessus depuis plusieurs jours et rien a faire
Je met les deux rapports RSIT pour les specialistes
Merci de votre aide !
Logfile of random's system information tool 1.06 (written by random/random)
Run by Olje at 2009-07-21 17:00:25
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 130 GB (22%) free of 598 GB
Total RAM: 3326 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:00:28, on 21/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\Aston\aston.exe
C:\PROGRA~1\Aston\XP\internat.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Windows\vVX1000.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\!Goodies\PowerMenu\PowerMenu.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\!Goodies\winroll.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Users\Olje\AppData\Local\Temp\{5EADC379-44D0-45E5-ADCA-9984DDFBAF5F}\Drive-Meter.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\!Goodies\xplorer2\xplorer2_UC.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\K-Meleon\k-meleon.exe
C:\Users\Olje\Desktop\RSIT.exe
C:\Users\Olje\Downloads\!malwares\Olje.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=C:\PROGRA~1\Aston\aston.exe
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\!Goodies\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: Drive-Meter.lnk = C:\Program Files\!Goodies\Drive-Meter.exe
O4 - Global Startup: PowerMenu.lnk = C:\Program Files\!Goodies\PowerMenu\PowerMenu.exe
O4 - Global Startup: RocketDock.lnk = C:\Program Files\RocketDock\RocketDock.exe
O4 - Global Startup: winroll.lnk = C:\Program Files\!Goodies\winroll.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Linkman - file://C:\Program Files\!Portables\Linkman\iescript_add.htm
O8 - Extra context menu item: Add to Linkman (all tabs) - file://C:\Program Files\!Portables\Linkman\iescript_addall.htm
O8 - Extra context menu item: Add to Linkman and Edit - file://C:\Program Files\!Portables\Linkman\iescript_edit.htm
O8 - Extra context menu item: Ajouter cette page à la file d'attente de Bulk Image Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm
O8 - Extra context menu item: Ajouter à la file d'attente le lien ciblé - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
O8 - Extra context menu item: Ouvrir cette page avec Bulk Image Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm
O8 - Extra context menu item: Ouvrir le lien ciblé avec Bulk Image Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm
O8 - Extra context menu item: Show Linkman - file://C:\Program Files\!Portables\Linkman\iescript_show.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://kb.bitdefender.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/...
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://www.innerpass.com/innerpass_prod/DocManagement/XUpload.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: AutorunsDisabled - C:\Windows\
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Atomic Alarm Clock Time (AtomicAlarmClock) - Unknown owner - C:\Program Files\Atomic Alarm Clock\timeserv.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
End of file - 9113 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Extension de garantie-Olje.job
C:\Windows\tasks\User_Feed_Synchronization-{3B6294E5-A486-450E-A2A2-3604A1A3D115}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2007-10-08 72240]
"VMware hqtray"=C:\Program Files\VMware\VMware Workstation\hqtray.exe [2007-10-08 55856]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"VX1000"=C:\Windows\vVX1000.exe [2007-04-10 709992]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-13 6814240]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-02-13 1833504]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"USB Safely Remove"=C:\Program Files\!Goodies\USBSafelyRemove.exe [2008-10-11 799744]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper]
C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Drive-Meter.lnk - C:\Program Files\!Goodies\Drive-Meter.exe
PowerMenu.lnk - C:\Program Files\!Goodies\PowerMenu\PowerMenu.exe
RocketDock.lnk - C:\Program Files\RocketDock\RocketDock.exe
winroll.lnk - C:\Program Files\!Goodies\winroll.exe
C:\Users\Olje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-07-16 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f79b287-8d9e-11dd-aba6-002197175e48}]
shell\AutoRun\command - D:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f79b28d-8d9e-11dd-aba6-002197175e48}]
shell\AutoRun\command - I:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dd79af7-8bf3-11dd-85f5-002197175e48}]
shell\AutoRun\command - M:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dd79b90-8bf3-11dd-85f5-002197175e48}]
shell\AutoRun\command - L:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dd79b96-8bf3-11dd-85f5-002197175e48}]
shell\AutoRun\command - N:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4a86c87-a5cb-11dd-8d28-000f3debefa1}]
shell\AutoRun\command - I:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e11f740e-8f08-11dd-bcfa-806e6f6e6963}]
shell\AutoRun\command - I:\
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd20296a-9174-11dd-ace9-806e6f6e6963}]
shell\AutoRun\command - H:\hbcd\wintools\autorun.exe
shell\Option1\command - H:\hbcd\wintools\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2009-07-21 06:24:00 ----D---- C:\rsit
2009-07-20 14:50:45 ----D---- C:\Users\Olje\AppData\Roaming\Avira
2009-07-20 14:34:08 ----SHD---- C:\Windows\system32\%APPDATA%
2009-07-20 14:27:17 ----D---- C:\ProgramData\Avira
2009-07-20 14:27:17 ----D---- C:\Program Files\Avira
2009-07-20 02:54:12 ----D---- C:\Windows\ERDNT
2009-07-20 02:54:10 ----SD---- C:\ComboFix
2009-07-20 02:54:07 ----A---- C:\Windows\system32\CF24646.exe
2009-07-20 02:54:04 ----A---- C:\Windows\system32\swsc.exe
2009-07-20 02:53:49 ----D---- C:\Qoobox
2009-07-20 01:00:05 ----D---- C:\ProgramData\NortonInstaller
2009-07-17 14:57:12 ----D---- C:\Windows\system32\logs
2009-07-17 14:56:42 ----D---- C:\Program Files\Common Files\MSSoap
2009-07-17 14:53:16 ----D---- C:\Windows\system32\URTTEMP
2009-07-16 15:27:49 ----HDC---- C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}
2009-07-16 15:27:46 ----D---- C:\ProgramData\Lavasoft
2009-07-16 15:27:46 ----D---- C:\Program Files\Lavasoft
2009-07-16 08:37:39 ----D---- C:\a8e8234397ec7c9628
2009-07-16 08:37:22 ----A---- C:\Windows\system32\t2embed.dll
2009-07-16 08:37:22 ----A---- C:\Windows\system32\lpk.dll
2009-07-16 08:37:22 ----A---- C:\Windows\system32\fontsub.dll
2009-07-16 08:37:22 ----A---- C:\Windows\system32\dciman32.dll
2009-07-16 08:37:22 ----A---- C:\Windows\system32\atmfd.dll
2009-07-08 02:34:39 ----D---- C:\Users\Olje\AppData\Roaming\Jasc
2009-07-03 12:38:50 ----D---- C:\Program Files\LizardTech
2009-07-03 02:26:54 ----AH---- C:\Windows\mulch200.ini
2009-07-03 02:26:50 ----D---- C:\Program Files\AudioMulch 2.0.1
2009-07-02 14:39:35 ----D---- C:\Users\Olje\AppData\Roaming\Alien Skin
2009-07-02 14:32:11 ----D---- C:\Program Files\Alien Skin
2009-07-02 05:37:31 ----A---- C:\Windows\system32\vncmirror.dll
2009-07-01 14:07:06 ----A---- C:\Windows\BBW_INFO.INI
2009-07-01 14:07:02 ----D---- C:\Users\Olje\AppData\Roaming\Plogue
2009-07-01 04:58:10 ----D---- C:\Program Files\Songsmith
2009-06-28 16:51:42 ----D---- C:\ProgramData\ma-config.com
2009-06-28 16:51:42 ----D---- C:\Program Files\ma-config.com
2009-06-25 09:36:50 ----A---- C:\Windows\oodcnt.INI
2009-06-25 09:36:44 ----D---- C:\Windows\system32\oodag
2009-06-24 07:20:54 ----A---- C:\Windows\ntbtlog.txt
======List of files/folders modified in the last 1 months======
2009-07-21 17:00:25 ----D---- C:\Windows\prefetch
2009-07-21 17:00:17 ----D---- C:\Windows\Temp
2009-07-21 15:49:29 ----RD---- C:\!CD_IMAGES
2009-07-21 15:17:31 ----D---- C:\Windows\System32
2009-07-21 15:17:31 ----D---- C:\Windows\inf
2009-07-21 15:17:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-21 15:13:14 ----D---- C:\ProgramData\VMware
2009-07-21 06:55:49 ----D---- C:\Users\Olje\AppData\Roaming\Azureus
2009-07-21 02:41:25 ----D---- C:\Program Files\foobar2000
2009-07-21 02:11:46 ----D---- C:\Users\Olje\AppData\Roaming\Skype
2009-07-21 02:08:11 ----D---- C:\Users\Olje\AppData\Roaming\skypePM
2009-07-21 02:07:33 ----D---- C:\Windows\system32\drivers
2009-07-21 01:58:46 ----SHD---- C:\$Recycle.Bin
2009-07-21 01:33:08 ----ASD---- C:\ProgramData\Microsoft
2009-07-20 14:34:35 ----D---- C:\Windows
2009-07-20 14:27:33 ----D---- C:\Windows\system32\catroot
2009-07-20 14:27:17 ----RD---- C:\Program Files
2009-07-20 14:27:17 ----HD---- C:\ProgramData
2009-07-20 14:25:10 ----SHD---- C:\Config.Msi
2009-07-20 14:25:09 ----SHD---- C:\Windows\Installer
2009-07-20 04:33:55 ----D---- C:\Users\Olje\AppData\Roaming\dvdcss
2009-07-20 02:54:06 ----D---- C:\Windows\system32\fr-FR
2009-07-20 02:34:41 ----D---- C:\Windows\winsxs
2009-07-20 02:32:08 ----D---- C:\Users\Olje\AppData\Roaming\Mozilla
2009-07-20 01:23:53 ----D---- C:\Users\Olje\AppData\Roaming\FileZilla
2009-07-20 01:08:49 ----RD---- C:\!TEMP
2009-07-20 01:03:30 ----D---- C:\Program Files\Common Files
2009-07-20 01:03:30 ----D---- C:\Program Files\BitDefender
2009-07-19 21:57:12 ----D---- C:\Program Files\Notepad++
2009-07-19 18:50:57 ----D---- C:\Program Files\Common Files\microsoft shared
2009-07-19 18:50:26 ----D---- C:\Program Files\Microsoft IntelliType Pro
2009-07-18 06:13:57 ----A---- C:\Windows\system32\un2065.txt
2009-07-18 06:01:46 ----A---- C:\Windows\system32\txmlutil.dll
2009-07-18 05:33:52 ----A---- C:\Windows\system32\2065.txt
2009-07-17 21:04:46 ----D---- C:\Windows\Registration
2009-07-17 21:04:06 ----D---- C:\Program Files\Internet Explorer
2009-07-17 15:00:33 ----D---- C:\Windows\system32\catroot2
2009-07-17 14:53:45 ----RSD---- C:\Windows\assembly
2009-07-17 11:18:19 ----D---- C:\Program Files\Windows Mail
2009-07-17 08:48:00 ----D---- C:\Users\Olje\AppData\Roaming\VMware
2009-07-16 18:22:06 ----RD---- C:\Program Files\!Goodies
2009-07-16 13:14:22 ----D---- C:\Program Files\SUPERAntiSpyware
2009-07-16 08:41:16 ----D---- C:\Windows\Minidump
2009-07-15 11:09:46 ----AD---- C:\ProgramData\TEMP
2009-07-15 11:09:45 ----D---- C:\Program Files\Troubleshooter
2009-07-15 05:57:19 ----D---- C:\Windows\system
2009-07-13 02:25:25 ----SHD---- C:\System Volume Information
2009-07-11 21:54:44 ----D---- C:\Program Files\REAPER
2009-07-11 02:57:21 ----RD---- C:\Users
2009-07-11 00:11:25 ----D---- C:\!!DATAFILES
2009-07-09 17:45:45 ----A---- C:\Windows\NeroDigital.ini
2009-07-09 17:44:51 ----D---- C:\Users\Olje\AppData\Roaming\REAPER
2009-07-09 17:23:54 ----RD---- C:\Program Files\VstPlugins
2009-07-08 23:52:44 ----D---- C:\!!SOFTS!!
2009-07-08 02:30:19 ----D---- C:\Program Files\Jasc Software Inc
2009-07-07 17:10:56 ----A---- C:\Windows\system32\mrt.exe
2009-07-03 12:38:50 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-02 23:56:00 ----D---- C:\Program Files\Mozilla Thunderbird
2009-06-28 13:40:11 ----D---- C:\Windows\system32\MAGIX
2009-06-28 13:40:10 ----D---- C:\ProgramData\MAGIX
2009-06-28 13:39:39 ----A---- C:\Windows\win.ini
2009-06-28 13:30:36 ----A---- C:\Windows\mgxoschk.ini
2009-06-28 12:39:31 ----A---- C:\Windows\Robota.INI
2009-06-28 12:26:18 ----D---- C:\Users\Olje\AppData\Roaming\MAGIX
2009-06-28 11:48:36 ----D---- C:\Users\Olje\AppData\Roaming\Steady Recorder
2009-06-28 04:57:10 ----RD---- C:\Program Files\!Portables
2009-06-28 04:32:49 ----RD---- C:\Program Files\TC UP
2009-06-25 05:11:34 ----D---- C:\Windows\Microsoft.NET
2009-06-23 02:20:56 ----D---- C:\Program Files\VeryPDF PDF Editor v2.2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avfwot;avfwot; C:\Windows\system32\DRIVERS\avfwot.sys [2009-05-08 97608]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2003-07-29 28518]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-07-16 9968]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-02 271360]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 CoLinuxDriver;CoLinuxDriver; \??\C:\Portable_Ubuntu\linux.sys [2008-05-25 68096]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\Drivers\hcmon.sys [2007-10-08 34864]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-02 18048]
R2 PMEM;PMEM; \??\C:\Windows\system32\drivers\pmemnt.sys [1999-03-08 7168]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2007-10-08 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2007-10-08 25008]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2007-10-08 924976]
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys [2007-03-23 18480]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [2007-08-07 19248]
R3 avfwim;AvFw Packet Filter Miniport; C:\Windows\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\dlkfet5b.sys [2007-05-16 43008]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\Windows\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-04-15 14408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-13 2325728]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2007-10-08 20912]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2007-10-08 16816]
S3 ag6ndplb;ag6ndplb; C:\Windows\system32\drivers\ag6ndplb.sys []
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-04-11 93696]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-04-11 93696]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FETNDIS;Service de pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MA_CMIDI;M-Audio USB Driver; C:\Windows\system32\drivers\ma_cmidi.sys [2006-08-16 21888]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RTL8169;Pilote Realtek 8169 NT; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; C:\Windows\system32\DRIVERS\sis163u.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2007-10-08 30768]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2008-06-12 4608]
S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 EWAVE;EWAVE; \??\C:\Windows\system32\drivers\ew.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 NSTATION;NSTATION; \??\C:\Windows\system32\drivers\nstation.sys []
S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2008-01-25 132128]
S4 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
S4 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Pare-feu; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-05-11 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-05-11 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-05-11 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-05-12 434945]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 gearsec;gearsec; C:\Windows\system32\gearsec.exe [2003-12-01 53248]
R2 MA_CMIDI_InstallerService;M-Audio Series II MIDI Installer; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [2007-06-11 86016]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-05-08 604416]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2007-10-08 109104]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2007-10-08 121392]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2007-10-08 150064]
S2 AtomicAlarmClock;Atomic Alarm Clock Time; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2008-09-02 414720]
S2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2003-11-26 61440]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-28 654848]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-05-08 361216]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-08-07 186928]
S4 AeLookupSvcALG;Expérience d’application AeLookupSvcALG; C:\Windows\TEMP\snypbuqmnw.exe service []
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-07-21 06:24:04
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x40c
3D Driving-School-->"C:\games\3D Driving-School\uninstall.exe"
ABLPro 1.1.0-->"C:\Program Files\VstPlugins\ABL Pro\unins000.exe"
ACID Pro 7.0-->MsiExec.exe /X{FBCED1D8-E731-42B7-AD49-A291175BAA1B}
Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Ad-Aware-->"C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Shockwave Player 11.5-->C:\Windows\system32\Adobe\uninstaller.exe
Advanced File Organizer 3.01-->"C:\Program Files\Advanced File Organizer\unins000.exe"
Advanced IP Scanner v1.5-->C:\Program Files\Advanced IP Scanner\uninstal.exe
AGEIA PhysX v6.10.05-->MsiExec.exe /X{582876EC-A178-44D4-9823-C10D6C62EAFF}
Alien Skin Eye Candy 5 Impact-->C:\PROGRA~1\JASCSO~1\PAINTS~2\PlugIns\ALIENS~1\EYECAN~1\Unwise32.exe C:\PROGRA~1\JASCSO~1\PAINTS~2\PlugIns\ALIENS~1\EYECAN~1\INSTALL.LOG
Alien Skin Eye Candy 5 Nature-->C:\PROGRA~1\JASCSO~1\PAINTS~2\PlugIns\ALIENS~1\EYECAN~2\Unwise32.exe C:\PROGRA~1\JASCSO~1\PAINTS~2\PlugIns\ALIENS~1\EYECAN~2\INSTALL.LOG
Alien Skin Eye Candy 5 Textures-->C:\PROGRA~1\JASCSO~1\PAINTS~2\PlugIns\ALIENS~1\EYECAN~3\Unwise32.exe C:\PROGRA~1\JASCSO~1\PAINTS~2\PlugIns\ALIENS~1\EYECAN~3\INSTALL.LOG
ArtIcons Pro-->"C:\Program Files\ArtIcons Pro\uninstall.exe"
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Aston.1.9.5-->C:\Program Files\Aston\uninst.exe
Atomic Alarm Clock 5.81-->"C:\Program Files\Atomic Alarm Clock\unins000.exe"
AudioMulch Interactive Music Studio 2.0.1-->"C:\Program Files\AudioMulch 2.0.1\unins000.exe"
AutoIt v3.2.12.1-->C:\Program Files\AutoIt3\Uninstall.exe
Avira Premium Security Suite-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BitComet 1.05-->C:\Program Files\BitComet\uninst.exe
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
Bulk Image Downloader v1.34 (GiveAwayOfTheDay)-->"C:\Program Files\Bulk Image Downloader\unins000.exe"
Bus Driver 1.0-->C:\Program Files\Bus Driver\uninst.exe
Calcute 7.7.16.0 (Remove only)-->C:\Program Files\!Goodies\Calcute\Uninstall.exe
Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409
Creative Media Lite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x40c /remove
DAZ Studio-->C:\Program Files\DAZ\Studio\Remove-Studio.exe
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
Dia (supprimer uniquement)-->C:\Program Files\Dia\dia-0.96.1-9-uninstall.exe
Digidesign Free Bomb Factory Plug-Ins 7.4-->C:\Program Files\InstallShield Installation Information\{82D48AB1-8E7F-4AA5-A5FA-47FA58A48110}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly
Digidesign Shared Plug-Ins 7.4-->C:\Program Files\InstallShield Installation Information\{AFE354A5-640F-4A23-94C8-0B441E8967CA}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly
D-Link PCI Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $D-Link
Driver Magician 3.4-->"C:\Program Files\Driver Magician\unins000.exe"
DROID-->MsiExec.exe /I{F2A6D728-E30C-483D-9E81-485A056995DA}
Drumagog 4-->C:\Windows\iun6002.exe "C:\Program Files\Drumagog40\irunin.ini"
Easy Duplicate Finder v. 2.2.1-->"C:\Program Files\Easy Duplicate Finder\unins000.exe"
EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Encoders for Helium Music Manager 2008-->"C:\Program Files\Intermedia Software\Encoders\unins000.exe"
EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
ExifPro 1.0 Photo Viewer-->C:\Program Files\ExifPro\UnInstall.exe
ExplorerXP (remove only)-->C:\Program Files\ExplorerXP\Uninst.exe
Eye Candy 3-->C:\PROGRA~1\Gimp-2.0\lib\gimp\2.0\plug-ins\UNWISE.EXE C:\PROGRA~1\Gimp-2.0\lib\gimp\2.0\plug-ins\INSTALL.LOG
Eye Candy 4000 Demo-->C:\PROGRA~1\Gimp-2.0\lib\gimp\2.0\plug-ins\EYECAN~1\UNWISE.EXE C:\PROGRA~1\Gimp-2.0\lib\gimp\2.0\plug-ins\EYECAN~1\INSTALL.LOG
EzGenerator Trial 2.8-->C:\Program Files\EzGenerator28\uninst.exe
FEAR Extraction Point-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}\setup.exe" -l0x10 -removeonly
FEAR Perseus Mandate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBC2BA3A-69CE-4468-8513-D5ADC2D21D6A}\setup.exe" -l0xa -removeonly
FEAR-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x40c /zU -removeonly
ffdshow [rev 2098] [2008-09-03]-->"C:\Program Files\ffdshow\unins000.exe"
FileAlyzer 2-->"C:\Program Files\TC UP\PLUGINS\Media\FileAlyzer\unins000.exe"
FileBoss 2.301-->"C:\Program Files\FileBoss V2\unins000.exe"
FirmTools Duplicate Photo Finder 1-->C:\Program Files\DuplicateFinder\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Folder Marker Pro v 3.0-->"C:\Program Files\Folder Marker\unins000.exe"
FolderSizes 4-->"C:\ProgramData\{1FD94113-C78D-4E31-A3B6-8EB6161F9986}\FolderSizes4-Setup.exe" REMOVE=TRUE MODIFY=FALSE
FolderSizes 4-->C:\ProgramData\{1FD94113-C78D-4E31-A3B6-8EB6161F9986}\FolderSizes4-Setup.exe
Foxit PDF Suite-->C:\Program Files\Foxit Software\Uninstall.exe
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free Extended Task Manager-->"C:\Program Files\Free Extended Task Manager\Task Manager Uninstaller.exe"
FreeBASIC 0.20.0b-->C:\Program Files\FreeBASIC\uninst.exe
GForce - Oddity-->C:\Windows\unvise32.exe C:\Program Files\Oddit\GForce\Oddity\uninstal.log
Gimp 2.6.0-->"C:\Program Files\Gimp-2.0\setup\unins000.exe"
Gladiator v1.2.2.0-->"C:\Program Files\Vstplugins\unins000.exe"
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
Guide de l'utilisateur Creative ZEN Stone-->"C:\Program Files\Creative\Creative ZEN Stone\UGRemove.exe" /Product_Name:ZENStoneUG
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
HijackThis 2.0.2-->"C:\Program Files\!Goodies\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
IBM Lotus Organizer 6 - English-->MsiExec.exe /I{4F726761-6E69-7A65-7236-2E31302D0409}
i-Fluid-->"C:\Windows\i-Fluid\uninstall.exe" "/U:C:\Program Files\i-Fluid\Uninstall\uninstall.xml"
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
IL Ogun-->C:\Program Files\Image-Line\IL Ogun\uninstall.exe
ImageSorter 3.0-->"C:\Program Files\ImageSorterV3\unins000.exe"
Imagesynth 2 Standalone-->"C:\Program Files\InstallShield Installation Information\{274D87F9-1FD1-4E5E-81D1-5A060743298E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Imagesynth 2 Standalone-->MsiExec.exe /I{274D87F9-1FD1-4E5E-81D1-5A060743298E}
Infernal-->C:\Program Files\Playlogic\Infernal\uninstall.exe
Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
instant.EXE 3.0 V372 Full-->C:\PROGRA~1\INSTAN~1\UNWISE.EXE C:\PROGRA~1\INSTAN~1\INSTALL.LOG
iRadio-->MsiExec.exe /I{F66F7C87-CD1D-4F17-9438-1BE668D3DC4E}
Jasc Animation Shop 3-->MsiExec.exe /I{7C4196CA-CA41-4F34-9C08-7724E7705D52}
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KaraFun Studio 1.10a-->"C:\Program Files\KaraFun\unins000.exe"
K-Meleon 1.5.3 fr-FR (supprimer uniquement)-->C:\Program Files\K-Meleon\uninstall.exe
Linkman 7.8.0.12-->"E:\Linkman\Trialpay.exe"
Live 8.0.1-->C:\PROGRA~1\Ableton\LIVE80~1.1\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE80~1.1\Install\INSTALL.LOG
Lizardtech DjVu Control-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x40c
LUXONIX LFX-1310-->C:\Program Files\VstPlugins\LFX-1310\uninst LFX-1310.exe
MadTracker 2-->"C:\Windows\MTUn4136.exe" -uninstall
M-Audio Series II MIDI-->C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe -runfromtemp -l0x0009 -removeonly
Microangelo Toolset 6-->C:\Windows\IsUninst.exe -f"C:\Program Files\Microangelo\Toolset 6\m6uninst.isu" -c"C:\Program Files\Microangelo\Toolset 6\m6uninst.dll"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Small Basic v0.4-->MsiExec.exe /I{6CC02A6E-782C-4F3B-BBA9-32FE7D186091}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft VC80 Support DLLs-->MsiExec.exe /I{342F5437-C87D-4BB5-89B9-B23E16C6A395}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WorldWide Telescope-->MsiExec.exe /I{E7A9DCC5-8D19-4B95-BED8-2DB41F920F11}
MinGW 5.1.4-->C:\MinGW\uninst.exe
MixMeister Pro 6-->MsiExec.exe /I{E39DF79E-B969-47E2-BB64-071A68871C6F}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Thunderbird (2.0.0.22)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MP3-Info extension V3.4.23-->"C:\Program Files\MP3ext\unins000.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Music Express 4.26-->"C:\Program Files\Music Express\unins000.exe"
MyLogoMaker 2.0-->"C:\Program Files\MyLogoMaker\unins000.exe"
MySQL Workbench 5.0 OSS-->MsiExec.exe /I{B7289D1B-A1C6-46BB-B6D4-82FE3E17094E}
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS-->C:\PROGRA~1\NATIVE~1\FM8\UNWISE.EXE C:\PROGRA~1\NATIVE~1\FM8\INSTALL.LOG
Native Instruments Guitar Rig 3-->C:\Program Files\Native Instruments\Guitar Rig 3\uninstall.exe
Native Instruments Pro-53 v3.02-->C:\PROGRA~1\NATIVE~1\Pro-53\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Pro-53\INSTALL.LOG
Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetMeter 1.1.3-->"C:\Program Files\!Goodies\NetMeter\unins000.exe"
NewsBin Pro V5-->C:\Program Files\NewsBin\uninst.exe
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenAL-->"C:\Program Files\OpenAL\OpenAL Installer 2.0.3.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Organizer Conversion Utility-->C:\PROGRA~1\COMMON~1\RandSync\SetupHelper.exe /L "EN" /C "OrUpgrd"
Package de pilotes Windows - NVIDIA (nvlddmkm) Display (05/02/2008 7.15.11.7516)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_c002725b\nv_disp.inf
Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
PDFtoMusic Pro-->C:\Program Files\PDFtoMusic Pro\Uninstal\Uninstal.exe
PlugSound - Vol 05 - World Of Synthesizers-->"C:\Program Files\VSTPlugIns\PlugSound\PS05 - Synths\uninstall.exe"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
Poser 7-->C:\Windows\unvise32.exe C:\Program Files\e frontier\Poser 7\uninstal.log
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
QuickPar 0.9-->C:\Program Files\!Goodies\QuickPar\uninst.exe
RasterVect 12.4-->"C:\Program Files\RasterVect 12.4\unins000.exe"
REALbasic 2008r5.1-->MsiExec.exe /X{B025773A-AA4C-4F75-81F8-0901B7105D3B}
Realtek HD Audio V6.0.1.5618-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
REAPER-->"C:\Program Files\REAPER\Uninstall.exe"
Reason 4.0.1-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
ReCycle 2.1-->"C:\Program Files\Propellerhead\ReCycle\unins000.exe"
ReFill Packer 4.0.1-->"C:\Program Files\Propellerhead\Reason\Uninstall ReFill Packer\unins000.exe"
ReFX Junox2 VSTi v1.4-->C:\PROGRA~1\VSTPLU~1\REFXJU~1.4\Log\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\REFXJU~1.4\Log\INSTALL.LOG
ReFX PlastiCZ VSTi v1.02-->C:\PROGRA~1\VSTPLU~1\REFXPL~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\REFXPL~1\INSTALL.LOG
ReFX QuadraSID 6581 v1.41-->C:\PROGRA~1\VSTPLU~1\REFXQU~1\Log\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\REFXQU~1\Log\INSTALL.LOG
reFX Vanguard 1.7.2-->"C:\Program Files\Steinberg\VstPlugins\unins000.exe"
rgc:audio z3ta+ 1.5-->"C:\Program Files\z3ta+\unins000.exe"
Rob Papen Albino 3-->C:\Program Files\VstPlugins\UninstalAlbino3.exe
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Room Arranger (remove only)-->"C:\Program Files\Room Arranger\uninstall.exe"
Sauerbraten-->"C:\Program Files\Sauerbraten\uninstall.exe"
Seamless3d version 2.143-->"C:\Program Files\Seamless3d\unins000.exe"
SeaTools for Windows-->"C:\Program Files\Seagate\unins000.exe"
SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
SFPack-->C:\PROGRA~1\!PORTA~1\SFPack\SFPACK.EXE /uninstall
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Soldier of Fortune-->C:\Windows\IsUn040c.exe -f"C:\Program Files\Raven\SOF\sof.isu"
Songsmith-->MsiExec.exe /I{2BB07452-57ED-42CC-AEFF-7A0090C934E9}
Sonic Charge Synplant 1.0-->"C:\Program Files\VstPlugins\Synplant\Uninstall\unins000.exe"
Sony ACID Music Studio 7.0-->MsiExec.exe /X{A74C1699-4BCE-433F-82D6-F11207A0581B}
Star Wars Republic Commando-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}\Setup.exe" -l0x40c
Steady Recorder 2.4.5-->"C:\Program Files\Steady Recorder\unins000.exe"
Steinberg VoiceMachine v1.0-->C:\PROGRA~1\VSTPLU~1\STEINB~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\STEINB~1\INSTALL.LOG
Steinberg WaveLab 5.01b-->C:\PROGRA~1\STEINB~1\WaveLab\UNWISE.EXE C:\PROGRA~1\STEINB~1\WaveLab\INSTALL.LOG
Subtitle Workshop 2.51-->"C:\Program Files\Subtitle Workshop\uninstall.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Sweet Home 3D version 1.5.1-->"C:\Program Files\Sweet Home 3D\unins000.exe"
Sylenth1 v2.20-->"C:\Program Files\VSTPlugins\Sylenth1\unins000.exe"
Synkron 1.5.0-->"C:\Program Files\Synkron\unins000.exe"
SynthFont Version 1.202-->"C:\Program Files\SynthFont\unins000.exe"
TallStick TS-AudioToMIDI 3.30 (remove only)-->"C:\Program Files\AudioToMIDI 3.30\Uninstall.exe"
TaskPatrol Personal 2.0-->"C:\Program Files\TaskPatrol Personal\unins000.exe"
TBL BassLine v1.3 VSTi-->C:\PROGRA~1\VSTPLU~1\TBLBAS~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\TBLBAS~1\INSTALL.LOG
TGEA 1.8.0 SDK (remove only)-->"C:\Torque\TGEA_1_8_0\uninst-tsdk.exe"
The Ultimate Troubleshooter-->C:\PROGRA~1\TROUBL~2\UNWISE.EXE C:\PROGRA~1\TROUBL~2\INSTALL.LOG
Total Commander Ultima Prime 4.6.0.0-->"C:\Program Files\TC UP\un_TC UP.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TreeSize Professional 4.1.1-->"C:\Program Files\TreeSize Professional\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TvFreePlayer Tools-->c:\TFPTools3_0\Uninstal.exe
Unreal II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{626F32D6-007C-41D5-8157-9509AB1428BE}\Setup.exe" -l0x9
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VeryPDF PDF Editor v2.2-->"C:\Program Files\VeryPDF PDF Editor v2.2\unins000.exe"
Video NVIDIA v174.90-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA*
Viena-->"C:\Program Files\SynthFont\unins001.exe"
Vista Manager-->MsiExec.exe /I{4E79AC14-1F0A-4044-B069-126EDCD2308F}
Vista Shortcut Manager-->MsiExec.exe /I{47609E69-4C5E-48B1-A889-24C6B82B5C04}
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware ThinApp-->MsiExec.exe /X{C9ED3D8F-9BD9-4B76-8F63-184E813A8ABD}
VMware Workstation-->MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}
Vuze-->C:\Program Files\Vuze\uninstall.exe
WIDI Recognition System 2.7-->C:\Windows\UnGins.exe "C:\Program Files\WIDI\install.log"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Xilisoft Video Converter Ultimate-->C:\Program Files\Xilisoft Video Converter Ultimate\Uninstall.exe
xplorer² professional-->"C:\Program Files\!Goodies\xplorer2\Uninstall.exe"
Zinf 2.2.1-->C:\PROGRA~1\Zinf\UNWISE.EXE C:\PROGRA~1\Zinf\INSTALL.LOG
======Security center information======
AS: Windows Defender
AS: SUPERAntiSpyware (disabled)
======System event log======
Computer Name: Quadri4000
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package RemoteAssistance_fr-FR(Language Pack) à l’état Installé(Installed)
Record Number: 119854
Source Name: Microsoft-Windows-Servicing
Time Written: 20090331012037.000000-000
Event Type: Avertissement
User: QUADRI4000\Olje
Computer Name: Quadri4000
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB936330(Service Pack) à l’état Installé(Installed)
Record Number: 119853
Source Name: Microsoft-Windows-Servicing
Time Written: 20090331012037.000000-000
Event Type: Avertissement
User: QUADRI4000\Olje
Computer Name: Quadri4000
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package RemoteAssistance(Feature Pack) à l’état Installé(Installed)
Record Number: 119852
Source Name: Microsoft-Windows-Servicing
Time Written: 20090331012037.000000-000
Event Type: Avertissement
User: QUADRI4000\Olje
Computer Name: Quadri4000
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package Client-Features(Feature Pack) à l’état Installé(Installed)
Record Number: 119851
Source Name: Microsoft-Windows-Servicing
Time Written: 20090331012037.000000-000
Event Type: Avertissement
User: QUADRI4000\Olje
Computer Name: Quadri4000
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package Windows Foundation(Foundation) à l’état Installé(Installed)
Record Number: 119850
Source Name: Microsoft-Windows-Servicing
Time Written: 20090331012037.000000-000
Event Type: Avertissement
User: QUADRI4000\Olje
=====Application event log=====
Computer Name: Quadri
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
Opération :
Données du rédacteur en cours de collecte
Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {a19550bc-ba7a-445e-b338-c8c213e15058}
Record Number: 711
Source Name: VSS
Time Written: 20080926185202.000000-000
Event Type: Erreur
User:
Computer Name: Quadri
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 666
Source Name: Microsoft-Windows-WMI
Time Written: 20080926174941.000000-000
Event Type: Erreur
User:
Computer Name: Quadri
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 644
Source Name: Microsoft-Windows-Search
Time Written: 20080926174901.000000-000
Event Type: Avertissement
User:
Computer Name: Quadri
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 554
Source Name: Microsoft-Windows-WMI
Time Written: 20080926170436.000000-000
Event Type: Erreur
User:
Computer Name: Quadri
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 550
Source Name: Microsoft-Windows-Search
Time Written: 20080926170434.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: Quadri4000
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : QUADRI4000$
Domaine du compte : HYPERTRUC
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x2d4
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Adresse du réseau : -
Port : -
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informatio
C class
