Services and Controller App

[fgagnon]

Bonjour!

 

Je n'ai pas trouvé de fonction pour chercher sur le forum, mais j'imagine que ce problème a déjà été mentionné par quelqu'un içi Alors le titre dit tout, mon ordinateur recoit le message d'erreur: Services and controller app has encountered a problem and needs to close

 

J'ai tenté de régler le problème moi-même mais j'ai de la difficulté à trouver de l'aide sur internet présentement, à part le fait de lire que cet erreur est liée à un Sasser ou quelque chose du genre. Je vais aussi mentionner que je n'ai pas changé la configuration de mon PC dernièrement, ni ajouté à mes souvenirs quelquonque programme qui ne serait pas sécuritaire. Je n'ai jamais eu de problème avec mon ordinateur, c'est très soudain...

 

J'ai tenté de faire un rapport HijackThis mais je suis incappable de lancer l'application en mode sans échec.

 

Merci pour l'aide!

[pear]

Bonjour,

 

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

[fgagnon]

Bonjour!

 

Voici les 2 rapports:

 

info.txt logfile of random's system information tool 1.06 2009-06-24 09:57:50

 

======Uninstall list======

 

"AM! Menu" Setup & Install-->C:\Program Files\Autodesk\Maya2008\bin\plug-ins\UnInstall_12345.exe

-->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9 /remove

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe

Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}

Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}

Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}

Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}

Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}

Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}

Adobe Setup-->MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350}

Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}

Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}

Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe Version Cue CS3 Server {ko_KR} -->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}

Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}

Advanced Decoder Patch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46C73DE4-E96D-4F7C-8371-F28052183B12}\setup.exe" -l0x9

AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

AIM 6-->C:\Program Files\AIM6\uninst.exe

Antidote RX v2-->MsiExec.exe /X{A474EA56-5DBD-4181-8230-806A4762EA7F}

Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Autodesk 3ds Max 2008 32-bit Additional Maps and Material Libraries-->MsiExec.exe /I{EDC8D89C-DC3D-4a3d-ABE7-97D281C0A13A}

Autodesk 3ds Max 2008 32-bit Architectural Materials Library-->MsiExec.exe /I{3C106CBD-3E5A-4275-94F9-23FFE687D090}

Autodesk 3ds Max 2008 32-bit Help-->MsiExec.exe /I{38EC4486-44FF-49da-8FFF-87DA9DCBC06B}

Autodesk 3ds Max 2008 32-bit Vault 2008 Plug-In-->MsiExec.exe /I{679035C8-CEB8-4a5c-847A-5FB3FFADC0EB}

Autodesk 3ds Max 2008 32-bit Vault 5 Plug-In-->MsiExec.exe /I{D1B7094B-8CAC-492a-9EE6-D1576ED35208}

Autodesk 3ds Max 2008 32-bit-->MsiExec.exe /I{BF658A51-6D4F-4CB0-8D40-D183692B995D}

Autodesk DirectConnect 2.0-->MsiExec.exe /I{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}

Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe

Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

Broadcom Management Programs-->MsiExec.exe /X{C99C0593-3B48-41D9-B42F-6E035B320449}

Call of Duty® 4 - Modern Warfare 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409

Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409

CMN3 4.0-->C:\Program Files\CEVO\CMN3\Uninstall.exe

Combustion 2008-->C:\WINDOWS\unvise32.exe C:\Program Files\Autodesk\Combustion 2008\uninstal.log

Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240

Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x9 /remove

Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"

DDS Converter 2.1-->C:\Program Files\DDS Converter 2\Uninstal.exe

Dell DataSafe Online-->MsiExec.exe /I{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}

Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}

Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

EA Download Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1033

ESPNMotion-->C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG

FBX Plugin 2006.11.1 for Max 2008-->C:\Program Files\Autodesk\FBX\FbxPlugins\2006.11.1\Max2008\Uninstall.exe

GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"

GLOBEtrotter FLEXid Drivers-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GLOBEtrotter Software Inc.\GLOBEtrotter FLEXid Drivers\Uninst.isu"

Google Chrome-->"C:\Program Files\Google\Chrome\Application\2.0.172.31\Installer\setup.exe" --uninstall --system-level

Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"

headus UVLayout v2 Professional-->MsiExec.exe /I{A1086DA0-903E-4DEA-A83F-6317923CC63D}

High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotspot Shield 1.17-->C:\Program Files\Hotspot Shield\Uninstall.exe

iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}

J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}

Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

K-Lite Codec Pack 3.8.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Left 4 Dead Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/530

Left 4 Dead-->"C:\Program Files\Steam\steam.exe" steam://uninstall/500

LimeWire 5.1.2-->"C:\Program Files\LimeWire\uninstall.exe"

Logitech Legacy USB Camera Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\11.10.2016\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"legacyqcam_11.10" /clone_wait /hide_progress

Logitech MouseWare 9.80 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL

Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress

Maya 2008 Documentation (en_US)-->MsiExec.exe /I{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}

Maya 2008-->MsiExec.exe /I{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office Live Meeting 2007-->MsiExec.exe /I{E3CD4EA8-68BB-46E8-9E79-20A417A82C53}

Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}

Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}

mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC

Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

Nintendo Wi-Fi USB Connector Registration Tool-->C:\Program Files\WiFiConnector\SoftAPUninst.exe

NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI

NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}

OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U

Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"

Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x9 -cluninstall

PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"

PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u

QuickSet-->C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x0009 APPDRVNT4 -removeonly

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

RealFlow-->MsiExec.exe /I{9FE51DFE-D80F-447E-9F99-85BB273213AD}

RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}

Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}

Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}

Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}

Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}

Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Sentinel System Driver-->C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q

Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}

Sound Blaster X-Fi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\setup.exe" -l0x9 /remove

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

Team Fortress 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/440

TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}

Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"

Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe

VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}

VC8MSI-->MsiExec.exe /I{4F1758C9-1A0C-4A92-A72E-C2297AAE493B}

VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}

Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)-->rundll32.exe C:\PROGRA~1\DIFX\7AA84A78695B31A503D9537A76801D74E0FD14BD\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\RoundTable_F29D632BDCC1844B9B7688A0A4B4DA9E716B76FF\RoundTable.inf

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe

Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

Wrath of the Lich King Beta-->C:\Program Files\Common Files\Blizzard Entertainment\Wrath of the Lich King\Uninstall.exe

 

======System event log======

 

Computer Name: GAGNON3D

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

 

Record Number: 16780

Source Name: Tcpip

Time Written: 20090401005252.000000-240

Event Type: warning

User:

 

Computer Name: GAGNON3D

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

 

Record Number: 16779

Source Name: Tcpip

Time Written: 20090331193133.000000-240

Event Type: warning

User:

 

Computer Name: GAGNON3D

Event Code: 7000

Message: The DS1410D service failed to start due to the following error:

The system cannot find the device specified.

 

 

Record Number: 16747

Source Name: Service Control Manager

Time Written: 20090331183626.000000-240

Event Type: error

User:

 

Computer Name: GAGNON3D

Event Code: 7000

Message: The DS1410D service failed to start due to the following error:

The system cannot find the device specified.

 

 

Record Number: 16708

Source Name: Service Control Manager

Time Written: 20090330202001.000000-240

Event Type: error

User:

 

Computer Name: GAGNON3D

Event Code: 7000

Message: The DS1410D service failed to start due to the following error:

The system cannot find the device specified.

 

 

Record Number: 16651

Source Name: Service Control Manager

Time Written: 20090330081334.000000-240

Event Type: error

User:

 

=====Application event log=====

 

Computer Name: GAGNON3D

Event Code: 32026

Message: Fax Service failed to initialize any assigned fax devices (virtual or TAPI).

No faxes can be sent or received until a fax device is installed.

 

Record Number: 6555

Source Name: Microsoft Fax

Time Written: 20081017195855.000000-240

Event Type: warning

User:

 

Computer Name: GAGNON3D

Event Code: 1000

Message: Faulting application hl2.exe, version 0.0.0.0, faulting module datacache.dll, version 0.0.0.0, fault address 0x0000b423.

 

Record Number: 6545

Source Name: Application Error

Time Written: 20081016230054.000000-240

Event Type: error

User:

 

Computer Name: GAGNON3D

Event Code: 12001

Message: The Messenger Sharing USN Journal Reader service started successfully.

 

Record Number: 6533

Source Name: usnjsvc

Time Written: 20081015222323.000000-240

Event Type:

User:

 

Computer Name: GAGNON3D

Event Code: 32068

Message: The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.

Country/region code: '*'

Area code: '*'

 

Record Number: 6529

Source Name: Microsoft Fax

Time Written: 20081015031003.000000-240

Event Type: warning

User:

 

Computer Name: GAGNON3D

Event Code: 32026

Message: Fax Service failed to initialize any assigned fax devices (virtual or TAPI).

No faxes can be sent or received until a fax device is installed.

 

Record Number: 6528

Source Name: Microsoft Fax

Time Written: 20081015031003.000000-240

Event Type: warning

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\Program Files\Autodesk\Maya2008\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Autodesk\Backburner\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

"PROCESSOR_REVISION"=0f0b

"NUMBER_OF_PROCESSORS"=4

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"SAFEBOOT_OPTION"=NETWORK

 

-----------------EOF-----------------

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Fred at 2009-06-24 09:57:37

Microsoft Windows XP Professional Service Pack 3

System drive C: has 233 GB (49%) free of 472 GB

Total RAM: 3069 MB (88% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:57:47, on 2009-06-24

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Safe mode with network support

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Fred\Desktop\RSIT.exe

C:\Program Files\trend micro\Fred.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row&channel=ca&ibd=1080221

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row&channel=ca&ibd=1080221

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sysldtray] C:\windows\ld10.exe

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: rncsys32.exe

O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: intu-ir2008 - {729D3592-92E7-4CBC-8E44-3C22B3F457B3} - C:\Program Files\ImpotRapide 2008\ic2008pp.dll (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Service Google Update (gupdate1c9e510e4f3485a) (gupdate1c9e510e4f3485a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Hotspot Shield Service (hotspotshieldservice) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe

O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Remote Registry RemoteRegistryAlerter (RemoteRegistryAlerter) - Qncjvuu Manhycjkqyc - C:\WINDOWS\system32\aaclientb.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\

 

--

End of file - 12402 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-06-03 1404928]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-30 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-30 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-30 73728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]

Hotspot Shield Class - C:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-05-01 218160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]

"CTHelper"=C:\WINDOWS\CTHELPER.EXE [2005-11-08 16384]

"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-03-01 18944]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-30 136600]

"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2006-10-18 137216]

"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-04-04 1236992]

"AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152]

"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]

"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]

"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]

"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2007-05-24 17920]

"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]

"CTDVDDET"=C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE [2003-06-18 45056]

"VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe [2005-10-14 122880]

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]

"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-11 20992]

"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]

""= []

"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-04-03 185632]

"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]

"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-11-15 202544]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]

"sysldtray"=C:\windows\ld10.exe [2009-06-23 14848]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-11-15 202544]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Run Nintendo Wi-Fi USB Connector Registration Tool.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe

 

C:\Documents and Settings\Fred\Start Menu\Programs\Startup

rncsys32.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"

"C:\Program Files\Steam\steamapps\nero_rulz2@msn.com\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\nero_rulz2@msn.com\team fortress 2\hl2.exe:*:Enabled:hl2"

"C:\Program Files\Steam\steamapps\nero_rulz2@msn.com\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\nero_rulz2@msn.com\counter-strike source\hl2.exe:*:Enabled:hl2"

"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"

"C:\Program Files\WiFiConnector\NintendoWFCReg.exe"="C:\Program Files\WiFiConnector\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector"

"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"

"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"

"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"

"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"

"C:\Program Files\Autodesk\3ds Max 2008\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 2008\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2008 32-bit"

"C:\Program Files\Autodesk\Maya2008\bin\maya.exe"="C:\Program Files\Autodesk\Maya2008\bin\maya.exe:*:Enabled:Maya"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe"="C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007"

"C:\Program Files\Next Limit\RealFlow4\realflow.exe"="C:\Program Files\Next Limit\RealFlow4\realflow.exe:*:Enabled:realflow"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Autodesk\Combustion 2008\combustion.exe"="C:\Program Files\Autodesk\Combustion 2008\combustion.exe:*:Enabled:Combustion"

"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"

"C:\Documents and Settings\Fred\Local Settings\Temp\Blizzard Launcher Temporary - 578dc0b8\Launcher.exe"="C:\Documents and Settings\Fred\Local Settings\Temp\Blizzard Launcher Temporary - 578dc0b8\Launcher.exe:*:Enabled:Blizzard Launcher"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"

"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"

"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"

"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Disabled:left4dead"

"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Disabled:Steam"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe"="C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

shell\AutoRun\command - E:\Setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]

shell\AutoRun\command - E:\setup.exe

 

 

======List of files/folders created in the last 1 months======

 

2009-06-24 09:57:37 ----D---- C:\rsit

2009-06-24 09:57:37 ----D---- C:\Program Files\trend micro

2009-06-23 18:26:11 ----D---- C:\Program Files\sys

2009-06-23 18:25:35 ----H---- C:\WINDOWS\ld10.exe

2009-06-20 13:55:08 ----SHD---- C:\WINDOWS\CSC

2009-06-20 13:55:00 ----A---- C:\WINDOWS\ntbtlog.txt

2009-06-20 03:11:34 ----D---- C:\WINDOWS\LastGood.Tmp

2009-06-20 03:11:28 ----D---- C:\Hotspot Shield

2009-06-09 20:35:46 ----D---- C:\Program Files\mIRC

2009-06-09 20:35:46 ----D---- C:\Documents and Settings\Fred\Application Data\mIRC

2009-06-04 08:35:04 ----D---- C:\Program Files\Common Files\DivX Shared

2009-06-02 18:13:56 ----ASH---- C:\WINDOWS\system32\ac3acmp.dll

2009-06-02 18:12:50 ----RSH---- C:\WINDOWS\system32\aaclientb.exe

 

======List of files/folders modified in the last 1 months======

 

2009-06-24 09:57:37 ----RD---- C:\Program Files

2009-06-24 09:55:19 ----D---- C:\Program Files\Mozilla Firefox

2009-06-24 02:29:50 ----D---- C:\WINDOWS\system32

2009-06-24 02:29:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-06-24 02:26:50 ----D---- C:\WINDOWS\Temp

2009-06-24 02:26:29 ----D---- C:\WINDOWS\Prefetch

2009-06-24 02:26:27 ----D---- C:\WINDOWS\system32\CatRoot2

2009-06-24 02:26:07 ----D---- C:\WINDOWS\Registration

2009-06-24 02:25:42 ----D---- C:\WINDOWS

2009-06-24 02:25:35 ----D---- C:\MDT

2009-06-23 18:34:20 ----SHD---- C:\WINDOWS\Installer

2009-06-23 18:34:06 ----D---- C:\Program Files\Adobe

2009-06-20 13:33:51 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-06-20 13:33:40 ----D---- C:\Documents and Settings\Fred\Application Data\Azureus

2009-06-20 13:22:46 ----D---- C:\Program Files\Steam

2009-06-20 03:11:34 ----D---- C:\WINDOWS\system32\drivers

2009-06-20 03:11:32 ----D---- C:\Program Files\Hotspot Shield

2009-06-10 18:49:02 ----D---- C:\Documents and Settings\Fred\Application Data\LimeWire

2009-06-07 17:53:50 ----D---- C:\Program Files\World of Warcraft

2009-06-04 08:43:39 ----SD---- C:\WINDOWS\Tasks

2009-06-04 08:35:31 ----D---- C:\Program Files\Google

2009-06-04 08:35:26 ----D---- C:\Program Files\DivX

2009-06-04 08:35:04 ----D---- C:\Program Files\Common Files

2009-06-02 18:13:01 ----RSHD---- C:\WINDOWS\system32\dllcache

2009-05-27 18:33:00 ----D---- C:\Program Files\Windows Media Player

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]

R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]

R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]

R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-04-25 160256]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-11 25630]

R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-11 37916]

R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

R3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S1 29a3991e;29a3991e; C:\WINDOWS\System32\drivers\29a3991e.sys [2009-06-24 112704]

S1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]

S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

S1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]

S1 sysdrv;sysdrv; \??\C:\Program Files\sys\sys.sys []

S2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]

S2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]

S2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9400]

S2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]

S2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]

S2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]

S2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]

S2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]

S2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]

S2 DS1410D;DS1410D; \??\C:\WINDOWS\system32\drivers\ds1410d.sys []

S2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []

S2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []

S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-21 73728]

S3 agblkdoh;agblkdoh; C:\WINDOWS\system32\drivers\agblkdoh.sys []

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-11-08 502272]

S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-11-08 439680]

S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-07-13 340704]

S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-11-08 7168]

S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-11-08 143360]

S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]

S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-11-08 77824]

S3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2005-11-08 1095680]

S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-07-26 627864]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-07-26 41752]

S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]

S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-11-08 114688]

S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2008-07-26 13848]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]

S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\WINDOWS\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032]

S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]

S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]

S2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-04-07 79360]

S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

S2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]

S2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

S2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]

S2 gupdate1c9e510e4f3485a;Service Google Update (gupdate1c9e510e4f3485a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-04 133104]

S2 hotspotshieldservice;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2009-06-01 94256]

S2 HssSrv;Hotspot Shield Helper Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-06-01 331312]

S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-30 152984]

S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

S2 mi-raysat_3dsMax2008_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe [2007-09-24 65536]

S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]

S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-01-01 66872]

S2 RemoteRegistryAlerter;Remote Registry RemoteRegistryAlerter; C:\WINDOWS\system32\aaclientb.exe [2009-06-02 51712]

S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]

S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 202544]

S2 sys;sys; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-23 654848]

S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-06-01 34352]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

 

-----------------EOF-----------------

[fgagnon]

Bonsoir,

 

J'ai tenté d'installer AntiVir sur mon poste question d'avoir le plus de données possible sur ce qui aurait pu causer l'infection. Je n'ai jamais été capable de compléter l'installation. Je suis en mode sans échec et l'installation roule jusqu'au point ou les fichiers sont extraits. Puis une fenêtre "Preparing for installation" apparaît et l'installation coupe soudainement. Je voulais simplement poster l'info si ça peut en aucun cas aider à régler mon problème plus facilement,

 

c'est tout

 

Merci

[pear]

Bonjour,

 

Désolé de vous répondre si tardivement,mais j'ai été absent quelque temps.

 

 

 

Télécharger sur le bureauOTM by OldTimer .

Double-clic sur OTM.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

Vérifier que Unregister Dll's and Ocx's soit coché.

* Copiez /Collez les lignes ci dessous):

 

:Processes

explorer.exe

:Files

C:\windows\ld10.exe

 

:Reg

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"sysldtray"=-

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

 

Revenez dans OTM,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTM

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTM\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

 

Dans Hijackthis,cochez ces lignes puis clic sur Fix checked

O4 - HKLM\..\Run: [sysldtray] C:\windows\ld10.exe

O4 - Startup: rncsys32.exe

 

o Désactivez le proxy ajouté par l'infection pour cela :

o Sur Firefox, Menu Editions / Préférences puis onglet Avancés.

o Cliquez sur Réseau et Paramètres.

o Choisissez "Ne pas mettre de Proxy".

o Sur Internet Explorer, c'est le menu Outils / Options Internet.

o Onglet Connexions puis en bas, vous pouvez désactiver le proxy.

* Redémarrez l'ordinateur

Les infections Koobfaceinstallent un proxy , empêchant une connexion normale

Sous Vista, la désactivation du proxy dans IE ne suffit pas à rétablir les mises à jour.

 

Pour rétablir Windows Update, il faut lancer la commande suivante (avec les droits administrateur):

Démarrer->Exécuter

netsh winhttp reset proxy

 

La console de Récupération

Tout d'abord, Combofix vérifie si la Console de récupération est installée et vous propose de le faire dans le cas contraire.

La Console de récupération Windows vous permettra de démarrer dans un mode spécial de récupération (réparation).

Elle peut être nécessaire si votre ordinateur rencontre un problème après une tentative de nettoyage.

C'est une procédure simple, qui ne vous prendra que peu de temps et pourra peut-être un jour vous sauver la mise.

Certaines infections (Rootkit en Mbr)ne peuvent être traitées qu'en utilisant la Console de Récupération,

D'importantes procédures que Combofix est susceptible de lancer ne fonctionneront qu'à la condition que la console de récupération(Sous Xp) soit installée

C'est pourquoi il vous est instament conseillé d' installer d'abord la Console de Récupération sur le pc .

Les utilisateurs de Windows Vista peuvent utiliser leur CD Windows pour démarrer en mode Vista Recovery Environment (Environnement de réparation Vista)

Cela permettra de réparer le système au cas ou le pc ne redémarrerait plus suite à la désinfection.

* Après avoir cliqué sur le lien correspondant à votre version de Windows, vous serez dirigé sur une page:

cliquez sur le bouton Télécharger afin de récupérer le package d'installation sur leBureau:

Ne modifiez pas le nom du fichier

Windows XP Service Pack 2 (SP2) > Microsoft Windows XP Professionnel SP2

* Faites un glisser/déposer de ce fichier sur le fichier ComboFix.exe

 

* Suivre les indications à l'écran pour lancer ComboFix et lorsqu'on le demande, accepter le Contrat de Licence d'Utilisateur Final pour installer la Console de Récupération Microsoft.

* Après installation,vous devriez voir ce message:

The Recovery Console was successfully installed. puis un rapport nommé CF_RC.txt va s'afficher:

postez en le contenu .

 

Vous allez télécharger Combofix.

 

 

Ce logiciel est très puissant et ne doit pas être utilisé sans une aide compétente sous peine de risquer des dommages irréversibles.

Veuillez noter que ce logiciel est régulièrement mis à jour et que la version que vous allez charger sera obsolète dans quelques jours.

Avant de l'installer,lisez ce Mode opératoire:

Ensuite

Télécharger combofix.exe de sUBs

et sauvegardez le sur le bureau

 

Fermez ou désactivez tous les programmes Antivirus, Antispyware, Pare-feu actifs car ils pourraient perturber le fonctionnement de cet outil

* Pour cela, faites un clic droit sur l'icône de l'antivirus en bas à droite à côté de l'horloge puis Disable Guard ou Shield ou Résident...

Pour éviter leur réactivation après un redémarrage, décochez les dans les options de démarrage ->Msconfig

Si vous utilisez Spybot

Pour désactiver TeaTimer qui ne set à rien et peut faire échouer une désinfection:!

Afficher d'abord le Mode Avancé dans SpyBot

->Options Avancées :

- >menu Mode, Mode Avancé.

Une colonne de menus apparaît dans la partie gauche :

- >cliquer sur Outils,

- >cliquer sur Résident,

Dans Résident :

- >décocher Résident "TeaTimer" pour le désactiver.

Cela est absolument nécessaire au succès de la procédure.

Bien évidemment, vous les rétablirez ensuite.

 

*Double cliquer sur combofix.exe pour le lancer.

Ne pas fermer la fenêtre qui vient de s'ouvrir , le bureau serait vide et cela pourrait entraîner un plantage du programme!

Pour lancer le scan

Connecter tous les disques amovibles (disque dur externe, clé USB…).

* Taper sur la touche 1 pour démarrer le scan.

Si pour une raison quelconque, Vista par exemple, combofix ne se lançait pas,

Démarrez en mode sans échec, choisissez le compte Administrateur, lancez Combofix

Lorsque ComboFix tourne, ne touchez plus du tout à votre ordinateur, vous risqueriez de planter le programme.

 

* Le scan pourrait prendre un certain temps:Soyez patient!

A la fin,,un rapport sera généré : postez en le contenu dans un prochain message.

* Si le rapport est trop long, postez le en deux fois.

Il se trouve à c:\combofix.txt

 

J'ai tenté d'installer AntiVir sur mon poste

Je suis en mode sans échec et l'installation roule jusqu'au point ou les fichiers sont extraits.

 

L'installation se fait en mode normal et le scan en mode sans échec:

 

Télécharger Avira AntiVir Personal Edition en Français

 

NB : le choix d'Antivir comme antivirus à utiliser dans le cadre de cette procédure, a reposé sur les critères suivants :

--- failles de votre antivirus qui a laissé passer des malwares

--- En mode sans échec ,seuls les processus systèmes sont lancés.Il est donc plus facile de supprimer les infections

--- Antivir peut-être installé et désinstallé facilement

--- Antivir est reconnu pour son efficacité en mode sans échec

....AntiVir ne laisse pas entrer Bagle, sauf si l'utilisateur lui force la main pour récupérer un crack

 

Paramètres conseillés

Clic droit sur le parapluie--------------------->Configurer Antivir

Cliquer Expert mode--------------------------->Recherche:

Cocher: ------------->Selection intelligente des fichiers

Ce réglage est activé par défaut et recommandé.

 

Autres réglages:--->tout cocher

-Recherche+

Action en cas de résultat positif:

Cocher--------------->:Copier le fichier dans la quarantaine avant l'action:

Action principale....>: Réparer ( au cas ou ce serait un fichier système corrompu)

Action secondaire..>: Supprimer ( s'il y a détection, autant supprimer. une sauvegarde sera dans la quarantaine)

 

Désactivez votre antivirus actuel

Redémarrez en mode sans échec.

Lancez le scan

Postez le rapport

[fgagnon]

Bonjour,

 

J'ai pu tout faire les étapes, sauf pour HiJackThis, je n'avais plus les lignes que vous m'avez demandé de coché.

 

All processes killed

========== PROCESSES ==========

No active process named explorer.exe was found!

========== FILES ==========

C:\windows\ld10.exe moved successfully.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysldtray deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 32768 bytes

->Temporary Internet Files folder emptied: 32768 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 32768 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: Fred

->Temp folder emptied: -1165851909 bytes

->Temporary Internet Files folder emptied: 301343580 bytes

->Java cache emptied: 36514637 bytes

->FireFox cache emptied: 61756436 bytes

->Google Chrome cache emptied: 6628085 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

->Temporary Internet Files folder emptied: 32902 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 255991425 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 2577 bytes

File delete failed. C:\WINDOWS\temp\hlktmp scheduled to be deleted on reboot.

Windows Temp folder emptied: 20255755 bytes

 

RecycleBin emptied: 32327149 bytes

 

Total Files Cleaned = -429,96 mb

 

 

OTM by OldTimer - Version 3.0.0.2 log created on 07082009_001756

 

Files moved on Reboot...

File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

 

______________________________

 

ComboFix 09-07-09.08 - Fred 2009-07-11 13:02.1.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3069.2369 [GMT -4:00]

Running from: c:\documents and settings\Fred\Desktop\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

c:\documents and settings\Fred\Application Data\wiaserva.log

c:\documents and settings\Fred\Start Menu\Programs\Startup\rncsys32.exe

C:\install.exe

c:\program files\sys

c:\program files\sys\sys.dll

c:\program files\sys\sys.sys

c:\windows\010112010146118114.dat

c:\windows\0101120101464849.dat

c:\windows\freddy49.exe

c:\windows\kb913800.exe

c:\windows\pp10.exe

c:\windows\system32\aaclientb.exe

c:\windows\system32\drivers\29a3991e.sys

c:\windows\system32\ntr

c:\windows\system32\ntr\npntrplugin.dll

c:\windows\system32\ntr\nsINTRplugin.xpt

 

----- BITS: Possible infected sites -----

 

hxxp://wwwj+|Cv+@J:NGD_DQ{zGD_DQ{zGD_DQ{zGD_DQ{z+@J:Nj+|Cv

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_remoteregistryalerter

-------\Legacy_sys

-------\Legacy_sysdrv

-------\Service_RemoteRegistryAlerter

-------\Service_sys

-------\Service_sysdrv

-------\Service_29a3991e

 

 

((((((((((((((((((((((((( Files Created from 2009-06-11 to 2009-07-11 )))))))))))))))))))))))))))))))

.

 

2009-07-11 16:52 . 2009-07-11 16:52 -------- d-----w- c:\program files\Avira

2009-07-11 16:52 . 2009-07-11 16:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2009-07-11 16:52 . 2009-03-30 14:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-07-11 16:52 . 2009-03-24 20:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-07-11 16:52 . 2009-02-13 16:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2009-07-11 16:52 . 2009-02-13 16:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2009-07-08 04:17 . 2009-07-08 04:17 -------- d-----w- C:\_OTM

2009-07-03 05:30 . 2009-07-03 05:30 1 ---h--w- c:\windows\bf23567.dat

2009-06-24 13:57 . 2009-06-24 13:57 -------- d-----w- C:\rsit

2009-06-24 13:57 . 2009-06-24 13:57 -------- d-----w- c:\program files\trend micro

2009-06-13 22:35 . 2009-06-13 22:35 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\SupportSoft

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-08 22:01 . 2008-03-01 22:11 -------- d-----w- c:\documents and settings\Fred\Application Data\LimeWire

2009-07-03 03:03 . 2008-12-10 03:55 1324 ----a-w- c:\windows\system32\d3d9caps.dat

2009-07-03 02:50 . 2009-05-01 22:37 -------- d-----w- c:\program files\Hotspot Shield

2009-06-20 17:33 . 2008-02-28 03:05 -------- d-----w- c:\documents and settings\Fred\Application Data\Azureus

2009-06-20 17:22 . 2008-02-27 04:36 -------- d-----w- c:\program files\Steam

2009-06-20 07:16 . 2009-06-10 00:35 -------- d-----w- c:\documents and settings\Fred\Application Data\mIRC

2009-06-17 22:48 . 2009-06-10 00:35 -------- d-----w- c:\program files\mIRC

2009-06-07 21:53 . 2008-02-28 01:38 -------- d-----w- c:\program files\World of Warcraft

2009-06-04 12:35 . 2008-02-21 00:40 -------- d-----w- c:\program files\Google

2009-06-04 12:35 . 2009-01-27 04:43 -------- d-----w- c:\program files\DivX

2009-06-04 12:35 . 2009-06-04 12:35 -------- d-----w- c:\program files\Common Files\DivX Shared

2009-06-02 22:13 . 2009-06-02 22:13 20480 --sha-w- c:\windows\system32\ac3acmp.dll

2009-06-02 22:13 . 2009-06-02 22:12 86 --s-a-w- c:\windows\system32\1961783393.dat

2009-05-23 18:16 . 2009-05-23 18:16 -------- d-----w- c:\program files\AGEIA Technologies

2009-05-23 18:16 . 2008-02-28 03:59 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-05-21 22:24 . 2009-05-21 22:24 -------- d-----w- c:\program files\CEVO

2009-05-17 22:16 . 2009-05-17 22:16 -------- d-----w- c:\program files\OpenAL

2009-05-17 22:16 . 2005-11-08 12:35 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2009-05-17 22:16 . 2005-11-08 12:32 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2009-05-14 07:02 . 2008-03-24 01:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-05-09 13:27 . 2008-02-21 00:44 101104 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll

2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll

2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll

2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll

2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll

2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll

2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll

2009-05-01 04:31 . 2009-05-01 04:31 1657376 ----a-w- c:\windows\system32\nwiz.exe

2009-05-01 04:31 . 2009-05-01 04:31 449056 ----a-w- c:\windows\system32\nvappbar.exe

2009-05-01 04:31 . 2009-05-01 04:31 436768 ----a-w- c:\windows\system32\keystone.exe

2009-05-01 04:31 . 2009-05-01 04:31 466944 ----a-w- c:\windows\system32\nvshell.dll

2009-05-01 04:31 . 2009-05-01 04:31 1724416 ----a-w- c:\windows\system32\nvwdmcpl.dll

2009-05-01 04:31 . 2009-05-01 04:31 1507328 ----a-w- c:\windows\system32\nview.dll

2009-05-01 04:31 . 2009-05-01 04:31 1101824 ----a-w- c:\windows\system32\nvwimg.dll

2009-05-01 02:02 . 2009-05-01 02:02 663552 ----a-w- c:\windows\system32\nvcuvid.dll

2009-05-01 02:02 . 2009-05-01 02:02 1720320 ----a-w- c:\windows\system32\nvcuda.dll

2009-05-01 02:02 . 2009-05-01 02:02 1579630 ----a-w- c:\windows\system32\nvdata.bin

2009-05-01 02:02 . 2009-05-01 02:02 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll

2009-05-01 02:02 . 2008-02-21 00:15 457248 ----a-w- c:\windows\system32\nvudisp.exe

2009-05-01 02:02 . 2008-02-21 00:11 9994240 ----a-w- c:\windows\system32\nvoglnt.dll

2009-05-01 02:02 . 2008-02-21 00:11 806912 ----a-w- c:\windows\system32\nvapi.dll

2009-05-01 02:02 . 2008-02-21 00:11 143360 ----a-w- c:\windows\system32\nvcodins.dll

2009-05-01 02:02 . 2008-02-21 00:11 143360 ----a-w- c:\windows\system32\nvcod.dll

2009-05-01 02:02 . 2005-08-16 10:35 8055584 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2009-05-01 02:02 . 2005-08-16 10:35 5896320 ----a-w- c:\windows\system32\nv4_disp.dll

2009-04-27 04:42 . 2008-02-21 00:30 457248 ----a-w- c:\windows\system32\NVUNINST.EXE

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-31 136600]

"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2006-10-18 137216]

"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-04-04 1236992]

"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]

"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-24 17920]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]

"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 122880]

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-04 185632]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-04 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-05-01 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-01 13750272]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"CTHelper"="CTHELPER.EXE" - c:\windows\CTHELPER.EXE [2005-11-08 16384]

"CTxfiHlp"="CTXFIHLP.EXE" - c:\windows\system32\CTXFIHLP.EXE [2006-03-02 18944]

"Logitech Utility"="Logi_MwX.Exe" - c:\windows\LOGI_MWX.EXE [2003-12-11 20992]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-05-01 1657376]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Run Nintendo Wi-Fi USB Connector Registration Tool.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2008-3-10 1073152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\Program Files\\Steam\\steamapps\\nero_rulz2@msn.com\\team fortress 2\\hl2.exe"=

"c:\\Program Files\\Steam\\steamapps\\nero_rulz2@msn.com\\counter-strike source\\hl2.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=

"c:\\Program Files\\AIM6\\aim6.exe"=

"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=

"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=

"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=

"c:\\Program Files\\Autodesk\\3ds Max 2008\\3dsmax.exe"=

"c:\\Program Files\\Autodesk\\Maya2008\\bin\\maya.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe"=

"c:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Autodesk\\Combustion 2008\\combustion.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=

"c:\\Program Files\\World of Warcraft\\Launcher.exe"=

"c:\\Program Files\\mIRC\\mirc.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=

"c:\\Program Files\\Steam\\Steam.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

"8085:TCP"= 8085:TCP:sys

 

R2 antivirschedulerservice;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-07-11 108289]

S2 gupdate1c9e510e4f3485a;Service Google Update (gupdate1c9e510e4f3485a);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-04 133104]

 

--- Other Services/Drivers In Memory ---

 

*NewlyCreated* - AVGNTFLT

*NewlyCreated* - SSMDRV

.

Contents of the 'Scheduled Tasks' folder

 

2009-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

 

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-04 12:35]

 

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-04 12:35]

.

- - - - ORPHANS REMOVED - - - -

 

HKLM-Run-sysfbtray - c:\windows\freddy49.exe

 

 

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.daemon-search.com/startpage

uInternet Settings,ProxyOverride = *.local

IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000

Handler: intu-ir2008 - {729D3592-92E7-4cbc-8E44-3C22B3F457B3} -

FF - ProfilePath - c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zpinsax.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca

FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npntrplugin.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-11 13:06

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-3768975564-2129727667-2487725501-1005\Software\SecuROM\License information*]

"datasecu"=hex:16,28,a0,ac,3e,4f,6a,34,7c,3d,08,b4,c6,84,44,da,f6,44,12,d4,3b,

7f,55,fb,2f,9e,de,99,d3,b6,b1,59,38,36,fe,bc,0c,7a,6f,09,e1,33,3f,8d,41,eb,\

"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

- - - - - - - > 'explorer.exe'(292)

c:\program files\Logitech\MouseWare\System\LgWndHk.dll

c:\progra~1\WINDOW~3\wmpband.dll

c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Roxio\Drag-to-Disc\Shellex.dll

c:\windows\system32\DLAAPI_W.DLL

c:\program files\Roxio\Drag-to-Disc\ShellRes.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\windows\system32\CTXFISPI.EXE

c:\program files\Logitech\MouseWare\system\EM_EXEC.EXE

c:\windows\system32\rundll32.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\CTSVCCDA.EXE

c:\windows\ehome\ehrecvr.exe

c:\windows\ehome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Dell Support Center\bin\sprtsvc.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

c:\program files\iPod\bin\iPodService.exe

c:\windows\ehome\ehmsas.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2009-07-11 13:12 - machine was rebooted

ComboFix-quarantined-files.txt 2009-07-11 17:12

 

Pre-Run: 273 653 563 392 bytes free

Post-Run: 273 438 748 672 bytes free

 

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

 

305 --- E O F --- 2009-05-14 07:02

 

___________________________________

 

Avira AntiVir Personal

Date de création du fichier de rapport : 11 juillet 2009 15:05

 

La recherche porte sur 1284893 souches de virus.

 

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus

Numéro de série : 0000149996-ADJIE-0000001

Plateforme : Windows XP

Version de Windows : (Service Pack 3) [5.1.2600]

Mode Boot : Mode sans échec avec assistance réseau

Identifiant : Fred

Nom de l'ordinateur : GAGNON3D

 

Informations de version :

BUILD.DAT : 9.0.0.65 17959 Bytes 4/22/2009 12:06:00

AVSCAN.EXE : 9.0.3.6 466689 Bytes 4/21/2009 18:20:54

AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/3/2009 15:21:02

LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 16:35:11

LUKERES.DLL : 9.0.2.0 13569 Bytes 3/3/2009 15:21:31

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 17:30:36

ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 01:33:26

ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 3/3/2009 12:41:14

ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 3/5/2009 19:58:20

Version du moteur : 8.2.0.100

AEVDF.DLL : 8.1.1.0 106868 Bytes 1/27/2009 22:36:42

AESCRIPT.DLL : 8.1.1.56 352634 Bytes 2/27/2009 01:01:56

AESCN.DLL : 8.1.1.7 127347 Bytes 2/12/2009 16:44:25

AERDL.DLL : 8.1.1.3 438645 Bytes 10/29/2008 23:24:41

AEPACK.DLL : 8.1.3.10 397686 Bytes 3/4/2009 18:06:10

AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/27/2009 01:01:56

AEHEUR.DLL : 8.1.0.100 1618295 Bytes 2/25/2009 20:49:16

AEHELP.DLL : 8.1.2.2 119158 Bytes 2/27/2009 01:01:56

AEGEN.DLL : 8.1.1.24 336244 Bytes 3/4/2009 18:06:10

AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 19:32:40

AECORE.DLL : 8.1.6.6 176501 Bytes 2/17/2009 19:22:44

AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 19:32:40

AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 13:47:30

AVPREF.DLL : 9.0.0.1 43777 Bytes 12/3/2008 16:39:26

AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 19:34:28

AVREG.DLL : 9.0.0.0 36609 Bytes 11/7/2008 20:24:42

AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 20:05:22

AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 15:36:37

SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 20:03:49

SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 13:20:57

NETNT.DLL : 9.0.0.0 11521 Bytes 11/7/2008 20:40:59

RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 2/17/2009 18:49:32

RCTEXT.DLL : 9.0.37.0 88321 Bytes 4/15/2009 15:07:05

 

Configuration pour la recherche actuelle :

Nom de la tâche...............................: Contrôle intégral du système

Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp

Documentation.................................: bas

Action principale.............................: réparer

Action secondaire.............................: supprimer

Recherche sur les secteurs d'amorçage maître..: marche

Recherche sur les secteurs d'amorçage.........: marche

Secteurs d'amorçage...........................: C:,

Recherche dans les programmes actifs..........: marche

Recherche en cours sur l'enregistrement.......: marche

Recherche de Rootkits.........................: marche

Contrôle d'intégrité de fichiers système......: arrêt

Recherche optimisée...........................: marche

Fichier mode de recherche.....................: Tous les fichiers

Recherche sur les archives....................: marche

Limiter la profondeur de récursivité..........: 20

Archive Smart Extensions......................: marche

Heuristique de macrovirus.....................: marche

Heuristique fichier...........................: moyen

 

Début de la recherche : 11 juillet 2009 15:05

 

La recherche d'objets cachés commence.

Impossible d'initialiser le pilote.

 

La recherche sur les processus démarrés commence :

Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés

Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés

Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés

Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés

Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés

Processus de recherche 'services.exe' - '1' module(s) sont contrôlés

Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés

Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés

Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés

'15' processus ont été contrôlés avec '15' modules

 

La recherche sur les secteurs d'amorçage maître commence :

Secteur d'amorçage maître HD0

[iNFO] Aucun virus trouvé !

Secteur d'amorçage maître HD1

[iNFO] Aucun virus trouvé !

Secteur d'amorçage maître HD2

[iNFO] Aucun virus trouvé !

Secteur d'amorçage maître HD3

[iNFO] Aucun virus trouvé !

Secteur d'amorçage maître HD4

[iNFO] Aucun virus trouvé !

 

La recherche sur les secteurs d'amorçage commence :

Secteur d'amorçage 'C:\'

[iNFO] Aucun virus trouvé !

 

La recherche sur les renvois aux fichiers exécutables (registre) commence :

Le registre a été contrôlé ( '76' fichiers).

 

 

La recherche sur les fichiers sélectionnés commence :

 

Recherche débutant dans 'C:\'

C:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

[REMARQUE] Ce fichier est un fichier système Windows.

[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.

C:\Documents and Settings\Fred\Desktop\ComboFix.exe

[0] Type d'archive: RAR SFX (self extracting)

[REMARQUE] Une copie de sécurité a été créée sous le nom 4ac5e398.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

--> 32788R22FWJFW\n.pif

[RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted)

C:\Documents and Settings\Fred\My Documents\Installations\Adobe CS3 Design Premium\Crack\Adobe CS3 Design Premium Keygen ZWT.exe

[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Pcclient.578

[REMARQUE] Une copie de sécurité a été créée sous le nom 4ac7e5c4.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

C:\Documents and Settings\Fred\My Documents\Installations\Headus UV Layout Pro 2.0\Headus UVlayout\Crack\XF-UVLayout2-KG.exe

[RESULTAT] Contient le cheval de Troie TR/Agent.34789.A

[REMARQUE] Une copie de sécurité a été créée sous le nom 4a85e5d8.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

C:\Documents and Settings\Fred\My Documents\Installations\Headus UV Layout Pro 2.0\Headus UVlayout\iuvlayout-pro-2.00.05\Crack\XF-UVLayout2-KG.exe

[RESULTAT] Contient le cheval de Troie TR/Agent.34789.A

[REMARQUE] Une copie de sécurité a été créée sous le nom 49a07bc1.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

C:\Documents and Settings\Fred\My Documents\Installations\Maxon Cinema4D v.10\PANTHEON\keygen.exe

[RESULTAT] Contient le cheval de Troie TR/Agent.200704.B

[REMARQUE] Une copie de sécurité a été créée sous le nom 4ad1e5f9.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

C:\Documents and Settings\Fred\My Documents\Installations\Pixologic ZBrush3\apzbrs37.zip

[0] Type d'archive: ZIP

[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.

--> apzbrs30.part7.rar

[1] Type d'archive: RAR

--> crack\ZActivator.dll

[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\29a3991e.sys.vir

[RESULTAT] Contient le cheval de Troie TR/Rootkit.Gen

[REMARQUE] Une copie de sécurité a été créée sous le nom 4ab9f1b4.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_29a3991e_.sys.zip

[0] Type d'archive: ZIP

[REMARQUE] Une copie de sécurité a été créée sous le nom 4a91f1ad.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

--> 29a3991e.sys

[RESULTAT] Contient le cheval de Troie TR/Rootkit.Gen

--> 29a3991e.sys.1

[RESULTAT] Contient le cheval de Troie TR/Rootkit.Gen

C:\WINDOWS\system32\ac3acmp.dll

[RESULTAT] Contient le cheval de Troie TR/Vundo.Gen

[REMARQUE] Une copie de sécurité a été créée sous le nom 4a8bf365.qua ( QUARANTAINE )

[REMARQUE] Fichier supprimé.

C:\WINDOWS\system32\drivers\sptd.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

 

 

Fin de la recherche : 11 juillet 2009 16:17

Temps nécessaire: 1:12:27 Heure(s)

 

La recherche a été effectuée intégralement

 

17751 Les répertoires ont été contrôlés

906486 Des fichiers ont été contrôlés

9 Des virus ou programmes indésirables ont été trouvés

0 Des fichiers ont été classés comme suspects

8 Des fichiers ont été supprimés

0 Des virus ou programmes indésirables ont été réparés

8 Les fichiers ont été déplacés dans la quarantaine

0 Les fichiers ont été renommés

2 Impossible de contrôler des fichiers

906475 Fichiers non infectés

7095 Les archives ont été contrôlées

4 Avertissements

9 Consignes