WereSphere
Fermé
oxydant
-
14 déc. 2009 à 15:47
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 - 14 déc. 2009 à 22:00
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 - 14 déc. 2009 à 22:00
6 réponses
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
14 déc. 2009 à 15:52
14 déc. 2009 à 15:52
Bonjour,
• http://images.malwareremoval.com/random/RSIT.exe et enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
* laisses le chois 1 month
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
ps:Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
Tutoriel pour t'aider
https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
• http://images.malwareremoval.com/random/RSIT.exe et enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
* laisses le chois 1 month
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
ps:Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
Tutoriel pour t'aider
https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
14 déc. 2009 à 16:05
14 déc. 2009 à 16:05
içi nouveau lien
http://images.malwareremoval.com/random/RSIT.exe
http://images.malwareremoval.com/random/RSIT.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Medion MT6 at 2009-12-14 16:17:20
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 2047 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:17:35, on 14/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Windows\System32\ctfmon.exe
C:\Users\Medion MT6\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Users\Medion MT6\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\TELECH (D)\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Medion MT6.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://m.fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ript - {91D9091B-2046-42f7-903E-1215A29E21EA} - D:\Program Files\Ript\mscoree.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Medion MT6\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Medion MT6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version8/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version8/Applet/wchatsign.cab
O16 - DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} (CPlayFirstdreamControl Object) - http://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-2.0.cab
O16 - DPF: {C6B8A039-7350-42CB-ACF2-CDBB0E598EB0} - http://search.live.com/s/p4/p4dwvista.cab?ver=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\Windows\system32\ieframe.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - D:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c8c4962fe7379) (gupdate1c8c4962fe7379) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\ProgramData\Kwanzy\kwanzy131.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: PoliceService - Unknown owner - C:\Windows\system32\srksrv.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Run by Medion MT6 at 2009-12-14 16:17:20
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 2047 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:17:35, on 14/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Windows\System32\ctfmon.exe
C:\Users\Medion MT6\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Users\Medion MT6\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\TELECH (D)\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Medion MT6.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://m.fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ript - {91D9091B-2046-42f7-903E-1215A29E21EA} - D:\Program Files\Ript\mscoree.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Medion MT6\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Medion MT6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version8/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version8/Applet/wchatsign.cab
O16 - DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} (CPlayFirstdreamControl Object) - http://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-2.0.cab
O16 - DPF: {C6B8A039-7350-42CB-ACF2-CDBB0E598EB0} - http://search.live.com/s/p4/p4dwvista.cab?ver=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\Windows\system32\ieframe.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - D:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c8c4962fe7379) (gupdate1c8c4962fe7379) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\ProgramData\Kwanzy\kwanzy131.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: PoliceService - Unknown owner - C:\Windows\system32\srksrv.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
info.txt logfile of random's system information tool 1.06 2009-12-14 16:17:41
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{F37167DD-4436-4641-90B6-329D60632DDA}\Setup.exe" REMOVEALL --u:{F37167DD-4436-4641-90B6-329D60632DDA}
-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{47ECCB1F-2811-49C0-B6A7-26778639ABA0}
3D Realistic Fireplace Screen Saver 3.31-->"D:\Program Files\3D Realistic Fireplace 3\unins000.exe"
3D Water Effects Full Screen Saver-->"C:\PROGRA~1\ScreenSaver.com\3D Water Effects Full\UNINSTAL.EXE"
7 Wonders II-->M:\Program Files\MumboJumbo\7 Wonders II\uninstall.exe 7 Wonders II
7 Wonders: Treasures of Seven-->"m:\Program Files\7 Wonders - Treasures of Seven\Uninstall.exe"
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
AAA Logo 2009 Business Edition 3.0-->"M:\Program Files\AAALOGO2009\unins000.exe"
AC-130 Operation Devastation-->"C:\Program Files\InstallShield Installation Information\{0FA64337-A418-4F54-9632-C76438BBCF8C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acropolis Deluxe-->"d:\Program Files\Zylom Games\Acropolis Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Action Ball 2-->"M:\Program Files\Action Ball 2\ReflexiveArcade\unins000.exe"
Ad-Aware-->"C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Photoshop Elements 8.0-->msiexec /i {17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}
Adobe Reader 8.1.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
aerosoft's - Piper Cheyenne-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0489CB0C-89F7-4EFF-827F-C85339ABF232}\Setup.exe" -uninst
Agatha Christie: Le Crime de L'Orient Express-->"m:\Program Files\Agatha Christie - Le Crime de L'Orient Express\Uninstall.exe"
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Air Strike II Gulf Thunder-->"M:\Program Files\Air Strike II Gulf Thunder\ReflexiveArcade\unins000.exe"
Alabama Smith: Escape from Pompeii-->"m:\Program Files\Alabama Smith - Escape from Pompeii\Uninstall.exe"
Alchemist's Apprentice-->"m:\Program Files\Alchemist's Apprentice\Uninstall.exe"
Alien Skin Eye Candy 5 Nature-->C:\PROGRA~1\ALIENS~1\EYECAN~1\Unwise32.exe C:\PROGRA~1\ALIENS~1\EYECAN~1\INSTALL.LOG
aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe
Anark Client 4-->C:\Program Files\Anark\Anark Client 4\AMInstal.exe -uninstall
Ancient Quest of Saqqarah-->"m:\Program Files\Ancient Quest of Saqqarah\Uninstall.exe"
AnumanLive-->"C:\Users\Medion MT6\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe" /UNINSTALL
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Aquadelic GT 1.0.0.0-->"C:\Program Files\Aquadelic GT\unins000.exe"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASCOM Platform 5.0a-->MsiExec.exe /I{075F543B-97C5-4118-9D54-93910DE03FE9}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Astro Avenger 2-->"m:\Program Files\Astro Avenger 2\Uninstall.exe"
Autour du Monde 1.0-->"M:\Program Files\Mindscape\Autour du Monde\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Azada - Ancient Magic-->"d:\Games\Azada - Ancient Magic\uninstall.exe"
Azada-->"d:\Games\Azada\uninstall.exe"
Azkend-->"m:\Program Files\Azkend\Uninstall.exe"
Bible des Peuples-->"C:\Program Files\bible\Uninst.exe" /D
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bookworm Deluxe-->"C:\Program Files\Zylom Games\Bookworm Deluxe\GameInstaller.exe" --uninstall UnInstall.log
CamStudio 2.0 Fr-->"D:\Program Files\CamStudio\unins000.exe"
CamStudio 2.02 Fr-->"C:\Program Files\CamStudio\unins000.exe"
Carenado Premium Cessna 210M Centurion II For Fs2004-->C:\Program Files\Microsoft Games\Flight Simulator 9\UNCARCEN210FS9.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
C-Media WDM Audio Driver-->C:\Windows\system32\cmirmdrv.exe
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Cooliris for Internet Explorer-->MsiExec.exe /I{B46BC183-3713-3814-9067-D1C6BC952F7B}
CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DFX for RealNetworks-->C:\Program Files\DFX\uninstall_RealNetworks.exe
DFX for Windows Media Player-->MsiExec.exe /I{fe7ccec2-0f76-4921-bc75-caaf255cbbf2}
DH Driver Cleaner Professional Edition-->M:\Program Files\Driver Cleaner Pro\Uninstall.exe
Dico de Rimes-->c:\rimes\Uninstal.exe
Digital Aviation's - Dornier Do-27-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0F1431E-B33E-447D-A157-ED8AAA6BE5BB}\Setup.exe" -uninst
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DR 221-->C:\Program Files\Microsoft Games\Flight Simulator 9\DR 221 Uninstall.exe
Drawn: La Tour d'Iris ™-->"m:\Program Files\Drawn - La Tour d'Iris\Uninstall.exe"
Dream Chronicles 2: The Eternal Maze-->"m:\Program Files\Dream Chronicles 2 - The Eternal Maze\Uninstall.exe"
Dream Chronicles 3 Deluxe-->"d:\Program Files\Zylom Games\Dream Chronicles 3 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
EasyFlirt Messenger 2.0-->"C:\Program Files\EasyFlirt Messenger\unins000.exe"
e-Carte Bleue Société Générale-->"C:\Program Files\InstallShield Installation Information\{EC3CAFA6-1CDC-46D1-AD8D-B66CFDE59EE0}\setup.exe" -runfromtemp -l0x040c -removeonly
Eee Storage-->C:\Program Files\ASUS\Eee Storage\uninst.exe
Empire of the Gods-->"m:\Program Files\Empire of the Gods\Uninstall.exe"
Enemy Territory - QUAKE Wars(TM) Demo-->C:\Program Files\InstallShield Installation Information\{AEF04476-51FA-41F2-80F0-0AD9B026F46A}\setup.exe -runfromtemp -l0x0409
Escape Rosecliff Island Deluxe-->"d:\Program Files\Zylom Games\Escape Rosecliff Island Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FaceGen Modeller 3.1-->MsiExec.exe /I{332B1B33-D0EE-4A0A-AB2F-12BF56BCE1C3}
Fairy Treasure Deluxe-->"d:\Program Files\Zylom Games\Fairy Treasure Deluxe\GameInstlr.exe" --uninstall UnInstall.log
FastPictureViewer (32-bit)-->MsiExec.exe /I{7F7D8C49-0792-460F-BE49-B64A843D112D}
ffdshow [rev 497] [2006-11-04]-->"M:\Program Files\ffdshow\unins000.exe"
Free Download Manager 2.5 build 758-->C:\Program Files\Free Download Manager\uninst.exe
Free Download Manager 2.5-->"C:\Program Files\Free Download Manager\unins000.exe"
Free FLV Converter V 5.8-->"M:\Program Files\Free FLV Converter\unins000.exe"
Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
Free Video Converter V 1.4-->"M:\Program Files\Free Video Converter\unins000.exe"
Frontcam-->C:\PROGRA~1\Frontcam\UNWISE.EXE C:\PROGRA~1\Frontcam\INSTALL.LOG
FS Aircraft Collection-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fsaircraftcollection.exe
FS Décors Détaillés-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fsdecors.exe
FSMMovingMap-->C:\Program Files\RanaInside\FSMMovingMap\uninstall.exe
G.H.O.S.T. Chronicles: Le Fantôme de la Foire de la Renaissance-->"m:\Program Files\G.H.O.S.T. Chronicles - Le Fantome de la Foire de la Renaissance\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Games by Petersonic 1.00-->d:\Program Files\PC-home\Games by Petersonic\Uninstall.exe
Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
GigaTribe 2.50-->"C:\Program Files\GigaTribe\unins000.exe"
Ginipic-->MsiExec.exe /X{6FC0A4F8-8301-48C6-ADB7-B9EA8CF09C39}
Glary Utilities 2.13.0.686-->"C:\Program Files\Glary Utilities\unins000.exe"
Glyph 2 Deluxe-->"d:\Program Files\Zylom Games\Glyph 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
GoodFrame-->"D:\Program Files\FDSoftware\GoodFrame\unins000.exe"
Google Gears-->MsiExec.exe /I{BC2FE771-EDBE-3087-A676-2B6C45A2BF7E}
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Video Player-->"C:\Program Files\Google\Google Video Player\Uninstall.exe"
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
H.2.O Net Sender 3.1-->"C:\Program Files\H.2.O Net Sender\unins000.exe"
HardwareDetection-->"C:\Program Files\HardwareDetection\Uninstall.exe" "C:\Program Files\HardwareDetection\install.log" -u
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Photosmart C4500 All-In-One Driver 12.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{0BC1A5B2-79A1-4716-B3E5-4071E9AB6F43}\setup\hpzscr01.exe -datfile hposcr30.dat -onestop -forcereboot
HyperShot-->MsiExec.exe /I{04DD2EE7-31BB-4186-9A30-447283BC26F8}
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
ItsTV 3.0-->"C:\Program Files\ItsLabel\unins000.exe"
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JFK Reloaded 1.1-->M:\Program Files\JFK Reloaded\uninst.exe
JVTorrent 1.1-->C:\Program Files\JVTorrent\uninst.exe
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Kwanzy 1.0 build 131-->C:\Program Files\Kwanzy\uninstall.exe
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Le pic rouge-->"d:\Program Files\Anuman interactive\Le pic rouge\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
Les Chasseurs de Trésor ™: Rêves d'Or-->"m:\Program Files\Les Chasseurs de Tresor - Reves d'Or\Uninstall.exe"
LightBox Free Image Editor-->M:\Program Files\19th Parallel\LightBox\UninstallFree.exe
LimeWire PRO 4.17.0-->"c:\Program Files\LimeWire\uninstall.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
LogoMaker 2.0-->"D:\Program Files\Studio V5\LogoMaker\unins000.exe"
Luxor 4 Quest For The Afterlife 1.00-->d:\Program Files\Games\Luxor 4 Quest For The Afterlife\Uninstall.exe
Luxor Mega Pack-->"C:\Windows\Luxor Mega Pack\uninstall.exe" "/U:D:\Program Files\Luxor Mega Pack\Uninstall\uninstall.xml"
Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
Media Manager for WALKMAN 1.1-->MsiExec.exe /X{125CF05E-8533-478F-AD92-314A000D9164}
Medion Flash XL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - MediaDICO 12-->C:\Windows\IsUn040c.exe -f"D:\Program Files\Micro Application\12 DICOS Indispensables\Uninst.isu"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Flight Simulator 2004 Un siècle d'aviation-->"C:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Sites publics français-->MsiExec.exe /I{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Windows Thème Nunavut-->MsiExec.exe /X{828600A6-B64A-439D-858C-16DA548BE549}
Microsoft WorldWide Telescope-->MsiExec.exe /I{E7A9DCC5-8D19-4B95-BED8-2DB41F920F11}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mirar-->mshta.exe http://remove.getmirar.com/
Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
MITs Wizard 3.0 for Device-->MsiExec.exe /X{0143CF89-5CF2-4F2D-80D5-BFAE64E1BA00}
MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Monopoly Deluxe-->"M:\Program Files\Zylom Games\Monopoly Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Contact-->MsiExec.exe /I{CC5F268E-5A85-428E-95CC-A8E3FB650D5A}
MSN Explorer-->C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe
MSN Toolbar-->MsiExec.exe /I{7390F1A6-B3D4-4FCC-BDB1-A935EB0114F1}
MSN-->C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MultiRes (remove only)-->C:\Program Files\MultiRes\uninstal.exe
Mystery Case Files: Madame Fate ™-->"m:\Program Files\Mystery Case Files - Madame Fate\Uninstall.exe"
Mystery Case Files: Retour à Ravenhearst - Guide de Stratégie ™-->"m:\Program Files\Mystery Case Files - Retour a Ravenhearst - Guide de Strategie\Uninstall.exe"
Mystery Case Files: Retour à Ravenhearst ™-->"m:\Program Files\Mystery Case Files - Retour a Ravenhearst\Uninstall.exe"
Mythic Pearls-->D:\Games\Mythic Pearls\Uninstall.exe
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E0F252A6-DE85-4E93-A93B-DFC3537B3965}
NoiseCradle-->"M:\Program Files\Noise Cradle\uninstall.exe"
Nostradamus, la dernière prophétie-->"D:\Elektrogames\Nostradamus\unins000.exe"
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA Performance-->"C:\Program Files\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -runfromtemp -l0x040c -removeonly
NVIDIA Performance-->MsiExec.exe /I{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~2\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~2\INSTALL.LOG
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OnlineLive-->MsiExec.exe /I{505A5E33-446A-4ED4-849C-D38D6F91EA39}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pahelika: Légendes Secrètes-->"m:\Program Files\Pahelika - Legendes Secretes\Uninstall.exe"
Pando-->MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}
patch (1) du DR 221-->C:\Program Files\Microsoft Games\Flight Simulator 9\DR 221 Uninstall.exe
patch (2) du DR 221-->C:\Program Files\Microsoft Games\Flight Simulator 9\DR 221 Uninstall.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Peggle Nights Deluxe 1.0-->C:\Program Files\PopCap Games\Peggle Nights Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Peggle Nights Deluxe\Install.log"
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,DefaultUninstall
Pharaoh's Mystery-->"D:\Program Files\Pharaoh's Mystery\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PicLens for Internet Explorer-->MsiExec.exe /I{C92651B8-39F6-3DD5-80EF-E71D2A21DE2F}
PicLens for Internet Explorer-->MsiExec.exe /I{F33EE637-BFBA-38BE-8355-A29ACF54F010}
Plus! MP3 Audio Converter LE-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\audcle.inf,DefaultUninstall
Pochette Dvd-->MsiExec.exe /X{3049B3DE-E1D4-418E-8A35-1BFB0E1D9AB5}
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
Puzzle Quest-->"m:\Program Files\Puzzle Quest\Uninstall.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
QVGDM Seconde Edition-->MsiExec.exe /I{735D1B9F-A9A4-4FF2-A830-96C150883B97}
RadioWeb Player V5-->C:\WINDOWS\st6unst.exe -n "M:\Program Files\Radioweb Player\ST6UNST.LOG"
Rainbow Mystery-->"d:\Program Files\Rainbow Mystery\ReflexiveArcade\unins000.exe"
Rainbow Web II-->"m:\Program Files\Rainbow Web II\Uninstall.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Reaxxion-->"C:\Windows\Reaxxion\uninstall.exe" "/U:d:\Program Files\Reaxxion\Uninstall\uninstall.xml"
RedShift 6 Universel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E8C0B770-CC99-42D3-A0CF-B21C4D58DFA2}\Setup.EXE" -l0x40c
Retour sur l'Ile Mystérieuse-->"m:\Program Files\Retour sur l'Ile Mysterieuse\Uninstall.exe"
Ricochet: Infinity-->"m:\Program Files\Ricochet - Infinity\Uninstall.exe"
Ript-->MsiExec.exe /I{3E50F28A-86D8-4DA5-8850-C55684574F86}
Rolex Oyster Datejust special edition Screen Saver-->C:\Windows\system32\Rolex Oyster Datejust special edition.scr /u
Rolex Oyster Day-Date Screen Saver-->C:\Windows\system32\Rolex Oyster Day-Date.scr /u
Rolex Oyster Daytona Screen Saver-->C:\Windows\system32\Rolex Oyster Daytona.scr /u
Rolex Oyster Deepsea Screen Saver-->C:\Windows\system32\Rolex Oyster Deepsea.scr /u
Rolex Oyster Perpetual Screen Saver-->C:\Windows\system32\Rolex Oyster Perpetual.scr /u
Rolex Oyster Submariner Screen Saver-->C:\Windows\system32\Rolex Oyster Submariner.scr /u
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Sarkophage 1.5-->"C:\Program Files\Sarkophage\unins000.exe"
Save Flash 4.1-->C:\Program Files\Save Flash\uninst.exe
SCRABBLE(R) LA MARQUE de jeu de lettres-->"d:\Program Files\Zylom Games\SCRABBLE(R) LA MARQUE de jeu de lettres\GameInstlr.exe" --uninstall UnInstall.log
Scratches-->C:\Program Files\Micro Application\Scratches\uninstall.exe
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe"
Secret Files 2 - Puritas Cordis-->C:\Program Files\InstallShield Installation Information\{EBEAEB77-E98A-472E-AD82-E077EF613DDC}\setup.exe -runfromtemp -l0x040c -removeonly
Seven Remix 1.0-->C:\Program Files\NiwradSoft\NiwradSoft Shell Pack\uninst.exe
Ship Simulator 2008-->"D:\Program Files\Vstep\ShipSim2008\uninstall.exe"
SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Space Invaders OpenGL-->"D:\Program Files\Space Invaders OpenGL\uninstall.exe"
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Strike Ball 3-->"M:\Program Files\Strike Ball 3\ReflexiveArcade\unins000.exe"
Studio 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup2.exe" -l0x40c UNINSTALL
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
The Great Tree Deluxe-->"d:\Program Files\Zylom Games\The Great Tree Deluxe\GameInstlr.exe" --uninstall UnInstall.log
The Pharaohs Mystery-->"M:\Program Files\The Pharaohs Mystery\ReflexiveArcade\unins000.exe"
Tom Clancy's H.A.W.X Demo-->"C:\Program Files\InstallShield Installation Information\{6C596FD6-C378-4399-93F1-43A206759B23}\setup.exe" -runfromtemp -l0x040c -removeonly
Treasure Island 2-->"m:\Program Files\Treasure Island 2\Uninstall.exe"
Treasure Island Deluxe-->"M:\Program Files\Zylom Games\Treasure Island Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Trivial Pursuit Family Edition-->"M:\Program Files\Zylom Games\Trivial Pursuit Family Edition\GameInstlr.exe" --uninstall UnInstall.log
Trivial Pursuit Genus Edition Deluxe-->"M:\Program Files\Zylom Games\Trivial Pursuit Genus Edition Deluxe\GameInstlr.exe" --uninstall UnInstall.log
TSP_CODEC-->C:\Program Files\Bytescribe\TSP_CODEC\Uninst.exe /pid:{A90C03D6-08E1-4C59-B93B-6919A6C0AC19} /asd
Twingly Screensaver-->MsiExec.exe /I{EB711BC7-0FDF-460C-A00C-DF8E5E996037}
TYPSoft FTP Server-->"C:\Program Files\TYPSoft FTP Server\unins000.exe"
Ulead ArtTexture.Plugin 1.0-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead ArtTexture.Plugin\At10f.isu"
Ulead FantasyWarp.Plugin 1.0-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead FantasyWarp.Plugin\Fw10f.isu"
Ulead Particle.Plugin 1.0-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead Particle.Plugin\Pp10t.isu"
Ulead SmartSaver Pro 3.0 Full Version-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead SmartSaver Pro 3.0\Ussp30f.isu" -c"C:\Program Files\Ulead SmartSaver Pro 3.0\IS32Inst.dll"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
US Trucks Road Simulator-->"d:\Program Files\Anuman interactive\US Trucks Road Simulator\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Veneaviones Turbo Commander 690B-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
Video to Flash Converter-->"C:\Program Files\GeoVid\Video to Flash Converter\unins000.exe"
Vio Video Converter 1.0-->C:\Program Files\Vio Video Converter\Uninst.exe
Virtual DJ - Atomix Productions-->L:\PROGRA~1\VIRTUA~1\UNWISE.EXE L:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Visual C++ 8.0 ATL (x86) WinSXS MSM-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18F}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WindowBlinds-->D:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE D:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
Windows Media Bonus Pack for Windows XP-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmbonus.inf,DefaultUninstall
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
Windows Media Player Tray Control-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxptray.inf,DefaultUninstall
WinPcap 3.1-->C:\Program Files\WinPcap\uninstall.exe
Wolfenstein(TM) 1.11 Patch-->C:\Program Files\InstallShield Installation Information\{362C6A81-4C88-4B26-8C79-B2EE0076F65F}\setup.exe -runfromtemp -l0x0409
Wolfenstein-->C:\Program Files\InstallShield Installation Information\{F9B37992-968C-4264-8449-489032FC28DE}\setup.exe -runfromtemp -l0x040c
World Voyage-->"m:\Program Files\World Voyage\Uninstall.exe"
Xenon 2000 - Project PCF-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EE3C83-725F-4EA4-891A-CD6B019FCDC1}\Setup.exe"
XnView 1.96.1-->"C:\Program Files\XnView\unins000.exe"
Zuma's Revenge!-->"C:\Windows\Zuma's Revenge!\uninstall.exe" "/U:D:\Program Files\Zuma's Revenge!\Uninstall\uninstall.xml"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
Securitycenter WMI appears to be broken
======System event log======
Computer Name: medion
Event Code: 46
Message: L'initialisation du fichier de vidage sur incident a échoué.
Record Number: 10274675
Source Name: volmgr
Time Written: 20091214141637.659838-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 2511
Message: Le service Serveur n'a pas pu recréer le partage StudioLine$ car le répertoire D:\StudioLine3\Web n'existe plus. Veuillez exécuter "netshare StudioLine$/supprimer" pour supprimer le partage ou recréer le répertoire D:\StudioLine3\Web.
Record Number: 10274679
Source Name: Server
Time Written: 20091214141730.000000-000
Event Type: Avertissement
User:
Computer Name: medion
Event Code: 7000
Message: Le service General Purpose USB Driver (e4ldr.sys) n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 10274684
Source Name: Service Control Manager
Time Written: 20091214141739.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 7000
Message: Le service PoliceService n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 10274736
Source Name: Service Control Manager
Time Written: 20091214141739.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 7026
Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt
Record Number: 10274756
Source Name: Service Control Manager
Time Written: 20091214141739.000000-000
Event Type: Erreur
User:
=====Application event log=====
Computer Name: medion
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 579737
Source Name: WerSvc
Time Written: 20091214140217.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 3
Message: Le service Centre de sécurité de Windows n’a pas pu établir de requêtes d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion et le pare-feu tiers.
Record Number: 579743
Source Name: SecurityCenter
Time Written: 20091214140409.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1085031214-1123561945-682003330-1004:
Process 696 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1085031214-1123561945-682003330-1004
Record Number: 579751
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091214141428.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: medion
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 579770
Source Name: WerSvc
Time Written: 20091214141824.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 3
Message: Le service Centre de sécurité de Windows n’a pas pu établir de requêtes d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion et le pare-feu tiers.
Record Number: 579776
Source Name: SecurityCenter
Time Written: 20091214141953.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {A0D3E760-4E8B-4F02-B1D5-D08BAC6429C5}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71123
Informations sur la couche :
ID : {E1CD9FE7-F4B5-4273-96C0-592E487B8650}
Nom : Couche v4 de réception/acceptation ALE
ID d’exécution : 44
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4683813845918027776
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
ID condition : {77a40437-8779-4868-a261-f5a902f1c0cd}
Valeur de correspondance : Égal à
Valeur de la condition : 0x00000000
ID condition : {b235ae9a-1d64-49b8-a44c-5ff3d9095045}
Valeur de correspondance : À portée
Valeur de la condition : 0xe0000000 - 0xefffffff
ID condition : {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7}
Valeur de correspondance : Égal à
Valeur de la condition : 0x06
Action du filtre : Autoriser
Record Number: 9098758
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.635363-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {2B995D6D-E496-4335-BEBF-89BCC95E0823}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71125
Informations sur la couche :
ID : {A3B42C97-9F04-4672-B87E-CEE9C483257F}
Nom : Couche v6 de réception/acceptation ALE
ID d’exécution : 46
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4683747993868830720
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
ID condition : {77a40437-8779-4868-a261-f5a902f1c0cd}
Valeur de correspondance : Égal à
Valeur de la condition : 0x00000000
ID condition : {b235ae9a-1d64-49b8-a44c-5ff3d9095045}
Valeur de correspondance : À portée
Valeur de la condition : ff000000000000000000000000000000 - ffffffffffffffffffffffffffffffff
ID condition : {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7}
Valeur de correspondance : Égal à
Valeur de la condition : 0x06
Action du filtre : Autoriser
Record Number: 9098759
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.636340-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {07A6C5A7-2E84-4C22-8036-2F85769A96A6}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71124
Informations sur la couche :
ID : {7AC9DE24-17DD-4814-B4BD-A9FBC95A321B}
Nom : Couche v6 d’écoute ALE
ID d’exécution : 42
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4611686018444165104
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
Action du filtre : Autoriser
Record Number: 9098760
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.636340-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {CBAA54A5-46FB-40F2-B81E-9DE072AEED38}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71126
Informations sur la couche :
ID : {7AC9DE24-17DD-4814-B4BD-A9FBC95A321B}
Nom : Couche v6 d’écoute ALE
ID d’exécution : 42
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4611686018444165104
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
Action du filtre : Autoriser
Record Number: 9098761
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.637316-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {444E05D2-5D11-4CC6-8173-37B61FFC2633}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71127
Informations sur la couche :
ID : {A3B42C97-9F04-4672-B87E-CEE9C483257F}
Nom : Couche v6 de réception/acceptation ALE
ID d’exécution : 46
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 5188151152134326272
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
ID condition : {77a40437-8779-4868-a261-f5a902f1c0cd}
Valeur de correspondance : Égal à
Valeur de la condition : 0x00000000
ID condition : {b235ae9a-1d64-49b8-a44c-5ff3d9095045}
Valeur de correspondance : À portée
Valeur de la condition : fe800000000000000000000000000000 - fe80000000000000ffffffffffffffff
ID condition : {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7}
Valeur de correspondance : Égal à
Valeur de la condition : 0x06
Action du filtre : Autoriser
Record Number: 9098762
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.637316-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"HYPERSHOT"=C:\ProgramData\Bunkspeed\HyperShot
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
-----------------EOF-----------------
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{F37167DD-4436-4641-90B6-329D60632DDA}\Setup.exe" REMOVEALL --u:{F37167DD-4436-4641-90B6-329D60632DDA}
-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{47ECCB1F-2811-49C0-B6A7-26778639ABA0}
3D Realistic Fireplace Screen Saver 3.31-->"D:\Program Files\3D Realistic Fireplace 3\unins000.exe"
3D Water Effects Full Screen Saver-->"C:\PROGRA~1\ScreenSaver.com\3D Water Effects Full\UNINSTAL.EXE"
7 Wonders II-->M:\Program Files\MumboJumbo\7 Wonders II\uninstall.exe 7 Wonders II
7 Wonders: Treasures of Seven-->"m:\Program Files\7 Wonders - Treasures of Seven\Uninstall.exe"
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
AAA Logo 2009 Business Edition 3.0-->"M:\Program Files\AAALOGO2009\unins000.exe"
AC-130 Operation Devastation-->"C:\Program Files\InstallShield Installation Information\{0FA64337-A418-4F54-9632-C76438BBCF8C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acropolis Deluxe-->"d:\Program Files\Zylom Games\Acropolis Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Action Ball 2-->"M:\Program Files\Action Ball 2\ReflexiveArcade\unins000.exe"
Ad-Aware-->"C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Photoshop Elements 8.0-->msiexec /i {17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}
Adobe Reader 8.1.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
aerosoft's - Piper Cheyenne-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0489CB0C-89F7-4EFF-827F-C85339ABF232}\Setup.exe" -uninst
Agatha Christie: Le Crime de L'Orient Express-->"m:\Program Files\Agatha Christie - Le Crime de L'Orient Express\Uninstall.exe"
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Air Strike II Gulf Thunder-->"M:\Program Files\Air Strike II Gulf Thunder\ReflexiveArcade\unins000.exe"
Alabama Smith: Escape from Pompeii-->"m:\Program Files\Alabama Smith - Escape from Pompeii\Uninstall.exe"
Alchemist's Apprentice-->"m:\Program Files\Alchemist's Apprentice\Uninstall.exe"
Alien Skin Eye Candy 5 Nature-->C:\PROGRA~1\ALIENS~1\EYECAN~1\Unwise32.exe C:\PROGRA~1\ALIENS~1\EYECAN~1\INSTALL.LOG
aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe
Anark Client 4-->C:\Program Files\Anark\Anark Client 4\AMInstal.exe -uninstall
Ancient Quest of Saqqarah-->"m:\Program Files\Ancient Quest of Saqqarah\Uninstall.exe"
AnumanLive-->"C:\Users\Medion MT6\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe" /UNINSTALL
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Aquadelic GT 1.0.0.0-->"C:\Program Files\Aquadelic GT\unins000.exe"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASCOM Platform 5.0a-->MsiExec.exe /I{075F543B-97C5-4118-9D54-93910DE03FE9}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Astro Avenger 2-->"m:\Program Files\Astro Avenger 2\Uninstall.exe"
Autour du Monde 1.0-->"M:\Program Files\Mindscape\Autour du Monde\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Azada - Ancient Magic-->"d:\Games\Azada - Ancient Magic\uninstall.exe"
Azada-->"d:\Games\Azada\uninstall.exe"
Azkend-->"m:\Program Files\Azkend\Uninstall.exe"
Bible des Peuples-->"C:\Program Files\bible\Uninst.exe" /D
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bookworm Deluxe-->"C:\Program Files\Zylom Games\Bookworm Deluxe\GameInstaller.exe" --uninstall UnInstall.log
CamStudio 2.0 Fr-->"D:\Program Files\CamStudio\unins000.exe"
CamStudio 2.02 Fr-->"C:\Program Files\CamStudio\unins000.exe"
Carenado Premium Cessna 210M Centurion II For Fs2004-->C:\Program Files\Microsoft Games\Flight Simulator 9\UNCARCEN210FS9.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
C-Media WDM Audio Driver-->C:\Windows\system32\cmirmdrv.exe
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Cooliris for Internet Explorer-->MsiExec.exe /I{B46BC183-3713-3814-9067-D1C6BC952F7B}
CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DFX for RealNetworks-->C:\Program Files\DFX\uninstall_RealNetworks.exe
DFX for Windows Media Player-->MsiExec.exe /I{fe7ccec2-0f76-4921-bc75-caaf255cbbf2}
DH Driver Cleaner Professional Edition-->M:\Program Files\Driver Cleaner Pro\Uninstall.exe
Dico de Rimes-->c:\rimes\Uninstal.exe
Digital Aviation's - Dornier Do-27-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0F1431E-B33E-447D-A157-ED8AAA6BE5BB}\Setup.exe" -uninst
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DR 221-->C:\Program Files\Microsoft Games\Flight Simulator 9\DR 221 Uninstall.exe
Drawn: La Tour d'Iris ™-->"m:\Program Files\Drawn - La Tour d'Iris\Uninstall.exe"
Dream Chronicles 2: The Eternal Maze-->"m:\Program Files\Dream Chronicles 2 - The Eternal Maze\Uninstall.exe"
Dream Chronicles 3 Deluxe-->"d:\Program Files\Zylom Games\Dream Chronicles 3 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
EasyFlirt Messenger 2.0-->"C:\Program Files\EasyFlirt Messenger\unins000.exe"
e-Carte Bleue Société Générale-->"C:\Program Files\InstallShield Installation Information\{EC3CAFA6-1CDC-46D1-AD8D-B66CFDE59EE0}\setup.exe" -runfromtemp -l0x040c -removeonly
Eee Storage-->C:\Program Files\ASUS\Eee Storage\uninst.exe
Empire of the Gods-->"m:\Program Files\Empire of the Gods\Uninstall.exe"
Enemy Territory - QUAKE Wars(TM) Demo-->C:\Program Files\InstallShield Installation Information\{AEF04476-51FA-41F2-80F0-0AD9B026F46A}\setup.exe -runfromtemp -l0x0409
Escape Rosecliff Island Deluxe-->"d:\Program Files\Zylom Games\Escape Rosecliff Island Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FaceGen Modeller 3.1-->MsiExec.exe /I{332B1B33-D0EE-4A0A-AB2F-12BF56BCE1C3}
Fairy Treasure Deluxe-->"d:\Program Files\Zylom Games\Fairy Treasure Deluxe\GameInstlr.exe" --uninstall UnInstall.log
FastPictureViewer (32-bit)-->MsiExec.exe /I{7F7D8C49-0792-460F-BE49-B64A843D112D}
ffdshow [rev 497] [2006-11-04]-->"M:\Program Files\ffdshow\unins000.exe"
Free Download Manager 2.5 build 758-->C:\Program Files\Free Download Manager\uninst.exe
Free Download Manager 2.5-->"C:\Program Files\Free Download Manager\unins000.exe"
Free FLV Converter V 5.8-->"M:\Program Files\Free FLV Converter\unins000.exe"
Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
Free Video Converter V 1.4-->"M:\Program Files\Free Video Converter\unins000.exe"
Frontcam-->C:\PROGRA~1\Frontcam\UNWISE.EXE C:\PROGRA~1\Frontcam\INSTALL.LOG
FS Aircraft Collection-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fsaircraftcollection.exe
FS Décors Détaillés-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fsdecors.exe
FSMMovingMap-->C:\Program Files\RanaInside\FSMMovingMap\uninstall.exe
G.H.O.S.T. Chronicles: Le Fantôme de la Foire de la Renaissance-->"m:\Program Files\G.H.O.S.T. Chronicles - Le Fantome de la Foire de la Renaissance\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Games by Petersonic 1.00-->d:\Program Files\PC-home\Games by Petersonic\Uninstall.exe
Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
GigaTribe 2.50-->"C:\Program Files\GigaTribe\unins000.exe"
Ginipic-->MsiExec.exe /X{6FC0A4F8-8301-48C6-ADB7-B9EA8CF09C39}
Glary Utilities 2.13.0.686-->"C:\Program Files\Glary Utilities\unins000.exe"
Glyph 2 Deluxe-->"d:\Program Files\Zylom Games\Glyph 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
GoodFrame-->"D:\Program Files\FDSoftware\GoodFrame\unins000.exe"
Google Gears-->MsiExec.exe /I{BC2FE771-EDBE-3087-A676-2B6C45A2BF7E}
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Video Player-->"C:\Program Files\Google\Google Video Player\Uninstall.exe"
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
H.2.O Net Sender 3.1-->"C:\Program Files\H.2.O Net Sender\unins000.exe"
HardwareDetection-->"C:\Program Files\HardwareDetection\Uninstall.exe" "C:\Program Files\HardwareDetection\install.log" -u
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Photosmart C4500 All-In-One Driver 12.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{0BC1A5B2-79A1-4716-B3E5-4071E9AB6F43}\setup\hpzscr01.exe -datfile hposcr30.dat -onestop -forcereboot
HyperShot-->MsiExec.exe /I{04DD2EE7-31BB-4186-9A30-447283BC26F8}
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
ItsTV 3.0-->"C:\Program Files\ItsLabel\unins000.exe"
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JFK Reloaded 1.1-->M:\Program Files\JFK Reloaded\uninst.exe
JVTorrent 1.1-->C:\Program Files\JVTorrent\uninst.exe
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Kwanzy 1.0 build 131-->C:\Program Files\Kwanzy\uninstall.exe
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Le pic rouge-->"d:\Program Files\Anuman interactive\Le pic rouge\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
Les Chasseurs de Trésor ™: Rêves d'Or-->"m:\Program Files\Les Chasseurs de Tresor - Reves d'Or\Uninstall.exe"
LightBox Free Image Editor-->M:\Program Files\19th Parallel\LightBox\UninstallFree.exe
LimeWire PRO 4.17.0-->"c:\Program Files\LimeWire\uninstall.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
LogoMaker 2.0-->"D:\Program Files\Studio V5\LogoMaker\unins000.exe"
Luxor 4 Quest For The Afterlife 1.00-->d:\Program Files\Games\Luxor 4 Quest For The Afterlife\Uninstall.exe
Luxor Mega Pack-->"C:\Windows\Luxor Mega Pack\uninstall.exe" "/U:D:\Program Files\Luxor Mega Pack\Uninstall\uninstall.xml"
Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
Media Manager for WALKMAN 1.1-->MsiExec.exe /X{125CF05E-8533-478F-AD92-314A000D9164}
Medion Flash XL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - MediaDICO 12-->C:\Windows\IsUn040c.exe -f"D:\Program Files\Micro Application\12 DICOS Indispensables\Uninst.isu"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Flight Simulator 2004 Un siècle d'aviation-->"C:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Sites publics français-->MsiExec.exe /I{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Windows Thème Nunavut-->MsiExec.exe /X{828600A6-B64A-439D-858C-16DA548BE549}
Microsoft WorldWide Telescope-->MsiExec.exe /I{E7A9DCC5-8D19-4B95-BED8-2DB41F920F11}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mirar-->mshta.exe http://remove.getmirar.com/
Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
MITs Wizard 3.0 for Device-->MsiExec.exe /X{0143CF89-5CF2-4F2D-80D5-BFAE64E1BA00}
MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Monopoly Deluxe-->"M:\Program Files\Zylom Games\Monopoly Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Contact-->MsiExec.exe /I{CC5F268E-5A85-428E-95CC-A8E3FB650D5A}
MSN Explorer-->C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe
MSN Toolbar-->MsiExec.exe /I{7390F1A6-B3D4-4FCC-BDB1-A935EB0114F1}
MSN-->C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MultiRes (remove only)-->C:\Program Files\MultiRes\uninstal.exe
Mystery Case Files: Madame Fate ™-->"m:\Program Files\Mystery Case Files - Madame Fate\Uninstall.exe"
Mystery Case Files: Retour à Ravenhearst - Guide de Stratégie ™-->"m:\Program Files\Mystery Case Files - Retour a Ravenhearst - Guide de Strategie\Uninstall.exe"
Mystery Case Files: Retour à Ravenhearst ™-->"m:\Program Files\Mystery Case Files - Retour a Ravenhearst\Uninstall.exe"
Mythic Pearls-->D:\Games\Mythic Pearls\Uninstall.exe
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E0F252A6-DE85-4E93-A93B-DFC3537B3965}
NoiseCradle-->"M:\Program Files\Noise Cradle\uninstall.exe"
Nostradamus, la dernière prophétie-->"D:\Elektrogames\Nostradamus\unins000.exe"
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA Performance-->"C:\Program Files\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -runfromtemp -l0x040c -removeonly
NVIDIA Performance-->MsiExec.exe /I{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~2\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~2\INSTALL.LOG
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OnlineLive-->MsiExec.exe /I{505A5E33-446A-4ED4-849C-D38D6F91EA39}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pahelika: Légendes Secrètes-->"m:\Program Files\Pahelika - Legendes Secretes\Uninstall.exe"
Pando-->MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}
patch (1) du DR 221-->C:\Program Files\Microsoft Games\Flight Simulator 9\DR 221 Uninstall.exe
patch (2) du DR 221-->C:\Program Files\Microsoft Games\Flight Simulator 9\DR 221 Uninstall.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Peggle Nights Deluxe 1.0-->C:\Program Files\PopCap Games\Peggle Nights Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Peggle Nights Deluxe\Install.log"
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,DefaultUninstall
Pharaoh's Mystery-->"D:\Program Files\Pharaoh's Mystery\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PicLens for Internet Explorer-->MsiExec.exe /I{C92651B8-39F6-3DD5-80EF-E71D2A21DE2F}
PicLens for Internet Explorer-->MsiExec.exe /I{F33EE637-BFBA-38BE-8355-A29ACF54F010}
Plus! MP3 Audio Converter LE-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\audcle.inf,DefaultUninstall
Pochette Dvd-->MsiExec.exe /X{3049B3DE-E1D4-418E-8A35-1BFB0E1D9AB5}
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
Puzzle Quest-->"m:\Program Files\Puzzle Quest\Uninstall.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
QVGDM Seconde Edition-->MsiExec.exe /I{735D1B9F-A9A4-4FF2-A830-96C150883B97}
RadioWeb Player V5-->C:\WINDOWS\st6unst.exe -n "M:\Program Files\Radioweb Player\ST6UNST.LOG"
Rainbow Mystery-->"d:\Program Files\Rainbow Mystery\ReflexiveArcade\unins000.exe"
Rainbow Web II-->"m:\Program Files\Rainbow Web II\Uninstall.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Reaxxion-->"C:\Windows\Reaxxion\uninstall.exe" "/U:d:\Program Files\Reaxxion\Uninstall\uninstall.xml"
RedShift 6 Universel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E8C0B770-CC99-42D3-A0CF-B21C4D58DFA2}\Setup.EXE" -l0x40c
Retour sur l'Ile Mystérieuse-->"m:\Program Files\Retour sur l'Ile Mysterieuse\Uninstall.exe"
Ricochet: Infinity-->"m:\Program Files\Ricochet - Infinity\Uninstall.exe"
Ript-->MsiExec.exe /I{3E50F28A-86D8-4DA5-8850-C55684574F86}
Rolex Oyster Datejust special edition Screen Saver-->C:\Windows\system32\Rolex Oyster Datejust special edition.scr /u
Rolex Oyster Day-Date Screen Saver-->C:\Windows\system32\Rolex Oyster Day-Date.scr /u
Rolex Oyster Daytona Screen Saver-->C:\Windows\system32\Rolex Oyster Daytona.scr /u
Rolex Oyster Deepsea Screen Saver-->C:\Windows\system32\Rolex Oyster Deepsea.scr /u
Rolex Oyster Perpetual Screen Saver-->C:\Windows\system32\Rolex Oyster Perpetual.scr /u
Rolex Oyster Submariner Screen Saver-->C:\Windows\system32\Rolex Oyster Submariner.scr /u
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Sarkophage 1.5-->"C:\Program Files\Sarkophage\unins000.exe"
Save Flash 4.1-->C:\Program Files\Save Flash\uninst.exe
SCRABBLE(R) LA MARQUE de jeu de lettres-->"d:\Program Files\Zylom Games\SCRABBLE(R) LA MARQUE de jeu de lettres\GameInstlr.exe" --uninstall UnInstall.log
Scratches-->C:\Program Files\Micro Application\Scratches\uninstall.exe
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe"
Secret Files 2 - Puritas Cordis-->C:\Program Files\InstallShield Installation Information\{EBEAEB77-E98A-472E-AD82-E077EF613DDC}\setup.exe -runfromtemp -l0x040c -removeonly
Seven Remix 1.0-->C:\Program Files\NiwradSoft\NiwradSoft Shell Pack\uninst.exe
Ship Simulator 2008-->"D:\Program Files\Vstep\ShipSim2008\uninstall.exe"
SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Space Invaders OpenGL-->"D:\Program Files\Space Invaders OpenGL\uninstall.exe"
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Strike Ball 3-->"M:\Program Files\Strike Ball 3\ReflexiveArcade\unins000.exe"
Studio 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup2.exe" -l0x40c UNINSTALL
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
The Great Tree Deluxe-->"d:\Program Files\Zylom Games\The Great Tree Deluxe\GameInstlr.exe" --uninstall UnInstall.log
The Pharaohs Mystery-->"M:\Program Files\The Pharaohs Mystery\ReflexiveArcade\unins000.exe"
Tom Clancy's H.A.W.X Demo-->"C:\Program Files\InstallShield Installation Information\{6C596FD6-C378-4399-93F1-43A206759B23}\setup.exe" -runfromtemp -l0x040c -removeonly
Treasure Island 2-->"m:\Program Files\Treasure Island 2\Uninstall.exe"
Treasure Island Deluxe-->"M:\Program Files\Zylom Games\Treasure Island Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Trivial Pursuit Family Edition-->"M:\Program Files\Zylom Games\Trivial Pursuit Family Edition\GameInstlr.exe" --uninstall UnInstall.log
Trivial Pursuit Genus Edition Deluxe-->"M:\Program Files\Zylom Games\Trivial Pursuit Genus Edition Deluxe\GameInstlr.exe" --uninstall UnInstall.log
TSP_CODEC-->C:\Program Files\Bytescribe\TSP_CODEC\Uninst.exe /pid:{A90C03D6-08E1-4C59-B93B-6919A6C0AC19} /asd
Twingly Screensaver-->MsiExec.exe /I{EB711BC7-0FDF-460C-A00C-DF8E5E996037}
TYPSoft FTP Server-->"C:\Program Files\TYPSoft FTP Server\unins000.exe"
Ulead ArtTexture.Plugin 1.0-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead ArtTexture.Plugin\At10f.isu"
Ulead FantasyWarp.Plugin 1.0-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead FantasyWarp.Plugin\Fw10f.isu"
Ulead Particle.Plugin 1.0-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead Particle.Plugin\Pp10t.isu"
Ulead SmartSaver Pro 3.0 Full Version-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead SmartSaver Pro 3.0\Ussp30f.isu" -c"C:\Program Files\Ulead SmartSaver Pro 3.0\IS32Inst.dll"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
US Trucks Road Simulator-->"d:\Program Files\Anuman interactive\US Trucks Road Simulator\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Veneaviones Turbo Commander 690B-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
Video to Flash Converter-->"C:\Program Files\GeoVid\Video to Flash Converter\unins000.exe"
Vio Video Converter 1.0-->C:\Program Files\Vio Video Converter\Uninst.exe
Virtual DJ - Atomix Productions-->L:\PROGRA~1\VIRTUA~1\UNWISE.EXE L:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Visual C++ 8.0 ATL (x86) WinSXS MSM-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18F}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WindowBlinds-->D:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE D:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
Windows Media Bonus Pack for Windows XP-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmbonus.inf,DefaultUninstall
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
Windows Media Player Tray Control-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxptray.inf,DefaultUninstall
WinPcap 3.1-->C:\Program Files\WinPcap\uninstall.exe
Wolfenstein(TM) 1.11 Patch-->C:\Program Files\InstallShield Installation Information\{362C6A81-4C88-4B26-8C79-B2EE0076F65F}\setup.exe -runfromtemp -l0x0409
Wolfenstein-->C:\Program Files\InstallShield Installation Information\{F9B37992-968C-4264-8449-489032FC28DE}\setup.exe -runfromtemp -l0x040c
World Voyage-->"m:\Program Files\World Voyage\Uninstall.exe"
Xenon 2000 - Project PCF-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EE3C83-725F-4EA4-891A-CD6B019FCDC1}\Setup.exe"
XnView 1.96.1-->"C:\Program Files\XnView\unins000.exe"
Zuma's Revenge!-->"C:\Windows\Zuma's Revenge!\uninstall.exe" "/U:D:\Program Files\Zuma's Revenge!\Uninstall\uninstall.xml"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
Securitycenter WMI appears to be broken
======System event log======
Computer Name: medion
Event Code: 46
Message: L'initialisation du fichier de vidage sur incident a échoué.
Record Number: 10274675
Source Name: volmgr
Time Written: 20091214141637.659838-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 2511
Message: Le service Serveur n'a pas pu recréer le partage StudioLine$ car le répertoire D:\StudioLine3\Web n'existe plus. Veuillez exécuter "netshare StudioLine$/supprimer" pour supprimer le partage ou recréer le répertoire D:\StudioLine3\Web.
Record Number: 10274679
Source Name: Server
Time Written: 20091214141730.000000-000
Event Type: Avertissement
User:
Computer Name: medion
Event Code: 7000
Message: Le service General Purpose USB Driver (e4ldr.sys) n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 10274684
Source Name: Service Control Manager
Time Written: 20091214141739.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 7000
Message: Le service PoliceService n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 10274736
Source Name: Service Control Manager
Time Written: 20091214141739.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 7026
Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt
Record Number: 10274756
Source Name: Service Control Manager
Time Written: 20091214141739.000000-000
Event Type: Erreur
User:
=====Application event log=====
Computer Name: medion
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 579737
Source Name: WerSvc
Time Written: 20091214140217.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 3
Message: Le service Centre de sécurité de Windows n’a pas pu établir de requêtes d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion et le pare-feu tiers.
Record Number: 579743
Source Name: SecurityCenter
Time Written: 20091214140409.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1085031214-1123561945-682003330-1004:
Process 696 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1085031214-1123561945-682003330-1004
Record Number: 579751
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091214141428.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: medion
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 579770
Source Name: WerSvc
Time Written: 20091214141824.000000-000
Event Type: Erreur
User:
Computer Name: medion
Event Code: 3
Message: Le service Centre de sécurité de Windows n’a pas pu établir de requêtes d’événements avec WMI pour contrôler le programme antivirus, le logiciel anti-espion et le pare-feu tiers.
Record Number: 579776
Source Name: SecurityCenter
Time Written: 20091214141953.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {A0D3E760-4E8B-4F02-B1D5-D08BAC6429C5}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71123
Informations sur la couche :
ID : {E1CD9FE7-F4B5-4273-96C0-592E487B8650}
Nom : Couche v4 de réception/acceptation ALE
ID d’exécution : 44
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4683813845918027776
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
ID condition : {77a40437-8779-4868-a261-f5a902f1c0cd}
Valeur de correspondance : Égal à
Valeur de la condition : 0x00000000
ID condition : {b235ae9a-1d64-49b8-a44c-5ff3d9095045}
Valeur de correspondance : À portée
Valeur de la condition : 0xe0000000 - 0xefffffff
ID condition : {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7}
Valeur de correspondance : Égal à
Valeur de la condition : 0x06
Action du filtre : Autoriser
Record Number: 9098758
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.635363-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {2B995D6D-E496-4335-BEBF-89BCC95E0823}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71125
Informations sur la couche :
ID : {A3B42C97-9F04-4672-B87E-CEE9C483257F}
Nom : Couche v6 de réception/acceptation ALE
ID d’exécution : 46
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4683747993868830720
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
ID condition : {77a40437-8779-4868-a261-f5a902f1c0cd}
Valeur de correspondance : Égal à
Valeur de la condition : 0x00000000
ID condition : {b235ae9a-1d64-49b8-a44c-5ff3d9095045}
Valeur de correspondance : À portée
Valeur de la condition : ff000000000000000000000000000000 - ffffffffffffffffffffffffffffffff
ID condition : {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7}
Valeur de correspondance : Égal à
Valeur de la condition : 0x06
Action du filtre : Autoriser
Record Number: 9098759
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.636340-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {07A6C5A7-2E84-4C22-8036-2F85769A96A6}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71124
Informations sur la couche :
ID : {7AC9DE24-17DD-4814-B4BD-A9FBC95A321B}
Nom : Couche v6 d’écoute ALE
ID d’exécution : 42
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4611686018444165104
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
Action du filtre : Autoriser
Record Number: 9098760
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.636340-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {CBAA54A5-46FB-40F2-B81E-9DE072AEED38}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71126
Informations sur la couche :
ID : {7AC9DE24-17DD-4814-B4BD-A9FBC95A321B}
Nom : Couche v6 d’écoute ALE
ID d’exécution : 42
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 4611686018444165104
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
Action du filtre : Autoriser
Record Number: 9098761
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.637316-000
Event Type: Succès de l'audit
User:
Computer Name: medion
Event Code: 5447
Message: Un filtre de la plateforme WFP (Windows Filtering Platform) a été modifié.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : AUTORITE NT\SERVICE LOCAL
Informations sur le processus :
ID du processus : 300
Informations sur le fournisseur :
ID : {DECC16CA-3F33-4346-BE1E-8FB4AE0F3D62}
Nom : Pare-feu Windows
Informations sur la modification :
Type de modification : Supprimer
Informations sur le filtre :
ID : {444E05D2-5D11-4CC6-8173-37B61FFC2633}
Nom : Windows Live Messenger (UPnP-In)
Type : Non persistant
ID d’exécution : 71127
Informations sur la couche :
ID : {A3B42C97-9F04-4672-B87E-CEE9C483257F}
Nom : Couche v6 de réception/acceptation ALE
ID d’exécution : 46
Informations sur l’appel :
ID : {00000000-0000-0000-0000-000000000000}
Nom : -
Informations supplémentaires :
Poids : 5188151152134326272
Conditions :
ID condition : {0c1ba1af-5765-453f-af22-a8f791ac775b}
Valeur de correspondance : Égal à
Valeur de la condition : 0x0b35
ID condition : {d78e1e87-8644-4ea5-9437-d809ecefc971}
Valeur de correspondance : Égal à
Valeur de la condition :
00000000 53 00 79 00 73 00 74 00-65 00 6d 00 00 00 S.y.s.t.e.m...
ID condition : {77a40437-8779-4868-a261-f5a902f1c0cd}
Valeur de correspondance : Égal à
Valeur de la condition : 0x00000000
ID condition : {b235ae9a-1d64-49b8-a44c-5ff3d9095045}
Valeur de correspondance : À portée
Valeur de la condition : fe800000000000000000000000000000 - fe80000000000000ffffffffffffffff
ID condition : {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7}
Valeur de correspondance : Égal à
Valeur de la condition : 0x06
Action du filtre : Autoriser
Record Number: 9098762
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091214143221.637316-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"HYPERSHOT"=C:\ProgramData\Bunkspeed\HyperShot
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
-----------------EOF-----------------
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
14 déc. 2009 à 16:56
14 déc. 2009 à 16:56
fait sa pendant que je regarde le rapport Rsit
telecharge
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher
Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
A la fin du scan clique sur Afficher les résultats
Vérifier si tout est coché et clic Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
Et tu poste le rapport générer
telecharge
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher
Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
A la fin du scan clique sur Afficher les résultats
Vérifier si tout est coché et clic Supprimer la sélection
S'il t'es demandé de redémarrer >>> clique sur "Yes"
Et tu poste le rapport générer
Voilà le rapport de malwarebytes, après 4h de scan ! Merci de toute ton attention encore une fois :-)
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3358
Windows 6.0.6000
Internet Explorer 8.0.6001.18865
14/12/2009 21:16:20
mbam-log-2009-12-14 (21-16-20).txt
Type de recherche: Examen complet (C:\|M:\|)
Eléments examinés: 487317
Temps écoulé: 4 hour(s), 11 minute(s), 58 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 17
Processus mémoire infecté(s):
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Unloaded process successfully.
C:\ProgramData\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Kwanzy\kwanzy.dll (Adware.Kwanzy) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\xml2u (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Kwanzy (Adware.Kwanzy) -> Delete on reboot.
C:\ProgramData\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\AppData\Local\TempImages\CleanTemps.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\1f78.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Yoog_Fix\Backup_27_06_2009_\9dc50ff6-1c76-6ae0-ce11-6e5b1438f180..exe.vir (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\Yoog_Fix\Backup_27_06_2009_\adzgalore-remove..exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
M:\copy.exe (Worm.Perlovga) -> Quarantined and deleted successfully.
M:\host.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
M:\copy.exe.vir (Worm.Perlovga) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\kwanzy.dll (Adware.Kwanzy) -> Delete on reboot.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\ProgramData\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Windows\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3358
Windows 6.0.6000
Internet Explorer 8.0.6001.18865
14/12/2009 21:16:20
mbam-log-2009-12-14 (21-16-20).txt
Type de recherche: Examen complet (C:\|M:\|)
Eléments examinés: 487317
Temps écoulé: 4 hour(s), 11 minute(s), 58 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 17
Processus mémoire infecté(s):
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Unloaded process successfully.
C:\ProgramData\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Kwanzy\kwanzy.dll (Adware.Kwanzy) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\xml2u (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Kwanzy (Adware.Kwanzy) -> Delete on reboot.
C:\ProgramData\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\Local Settings\Application Data\miuioqe.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Medion MT6\AppData\Local\TempImages\CleanTemps.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\1f78.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Yoog_Fix\Backup_27_06_2009_\9dc50ff6-1c76-6ae0-ce11-6e5b1438f180..exe.vir (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\Yoog_Fix\Backup_27_06_2009_\adzgalore-remove..exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
M:\copy.exe (Worm.Perlovga) -> Quarantined and deleted successfully.
M:\host.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
M:\copy.exe.vir (Worm.Perlovga) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\kwanzy.dll (Adware.Kwanzy) -> Delete on reboot.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\ProgramData\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Windows\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
14 déc. 2009 à 22:00
14 déc. 2009 à 22:00
pour verifier
Désactive le contrôle des comptes utilisateurs (tu le réactiveras lorsque tu auras obtenu le rapport):
- Vas dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
clic droit sur navilog1.exe et exécute le en tant qu'administrateur pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, clic droit sur le raccourci Navilog1 présent sur le bureau et exécute en tant qu'administrateur).
Laisse-toi guider. Au menu principal, choisis l'option 1 et valide.
(ne fais pas le choix 2)
Patiente jusqu'au message :
* "Analyse Termine le ....."
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Désactive le contrôle des comptes utilisateurs (tu le réactiveras lorsque tu auras obtenu le rapport):
- Vas dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
clic droit sur navilog1.exe et exécute le en tant qu'administrateur pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, clic droit sur le raccourci Navilog1 présent sur le bureau et exécute en tant qu'administrateur).
Laisse-toi guider. Au menu principal, choisis l'option 1 et valide.
(ne fais pas le choix 2)
Patiente jusqu'au message :
* "Analyse Termine le ....."
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
14 déc. 2009 à 15:57