Problème de recherche avec Google

Résolu
50_baht Messages postés 634 Statut Membre -  
 ric025 -
Bonjour,
voici mon problème:

lorsque j'effectue une recherche sur google, les premiers résultats qui s'affichent sont des liens vers les sites web suivants: www.moxiesearch.com ; fortuna.duonik.org ; bonlivaros.com ; bediddle.com... etc.
Quelque soit le mot recherché, ce sont toujours ces mêmes liens qui apparaissent. Le problème persiste avec IE ou Firefox.

J'ai effectué un scan avec HijackThis et supprimé certains fichiers jugés malveillants ou inutiles par http://hijackthis.de/
mais ça ne change rien.

J'ai pu voir que certaines personnes sur ce forum ont eu le même problème et l'ont réglé. Mais les fichiers à supprimer/corriger ne sont pas les mêmes.

Voici le Log de Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:25, on 26/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ferdinand\Bureau\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://evo-web.co.uk/forums/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\Office12\EXCEL.EXE/3000
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe

--
End of file - 9360 bytes
Configuration: Windows XP
Firefox 3.0
Antivirus: AVG 8.0

21 réponses

  • 1
  • 2
  1. ric025
     
    Salut!!

    Le problème, c'est qu'en ayant fixer des lignes, on voit plus grand-chose..

    Commence par ceci:

    Télécharge malwarebytes

    Installe-le en veillant bien à ce que la case de mise à jour soit cochée en fin d'installation.

    Lance-le et après la mise à jour, coche la case "Examen Complet".

    Lance la recherche sur tous tes disques. /!\ Le scan peut durer longtemps.

    Après le scan, si le programme trouve quelque chose, clique sur "Voir les résultats" puis sur "Supprimer la sélection".

    Si MBAM te demande de rebooter pour finaliser la suppression, accepte.

    Poste ensuite le rapport généré dans ta prochaine réponse.

    ----------------------

    Ensuite tu peux désinstaller hijackthis qui est mal installé.

    Fais comme suit:

    Télécharge d'abord cet outil qui va permettre de cibler l'infection:

    hijackthis

    Installe-le dans son dossier par défaut et lance-le.

    Choisis l'option "Do a system scan and save a Logfile".

    Copie/colle alors le rapport généré dans ta prochaine réponse.

    A++ ;)
    0
  2. 50_baht Messages postés 634 Statut Membre 319
     
    Merci d'avoir répondu.

    Qu'entends-tu par "fixer des lignes"?

    J'ai effectué deux scans avec MBAM:
    il m'a trouvé quelques menaces et elles ont été placées en quarantaine
    mais ça n'a pas réglé le problème.

    Voici les deux rapports des deux scans:

    Malwarebytes' Anti-Malware 1.31
    Version de la base de données: 1550
    Windows 5.1.2600 Service Pack 3
    
    26/12/2008 19:12:53
    mbam-log-2008-12-26 (19-12-53).txt
    
    Type de recherche: Examen complet (C:\|D:\|F:\|K:\|N:\|)
    Eléments examinés: 140888
    Temps écoulé: 1 hour(s), 7 minute(s), 9 second(s)
    
    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 9
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0
    
    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)
    
    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)
    
    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{013a653b-49a6-4f76-8b68-e4875ea6ba54} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{013a653b-49a6-4f76-8b68-e4875ea6ba54} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35f7813a-af74-4474-b1dc-7ee6fb6c43c6} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3fd6b99c-a275-46ea-8fd1-3d63986e51e4} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cfe9e8a8-38c0-4ef8-aec2-5035efe81030} (Trojan.Vundo) -> Quarantined and deleted successfully.
    
    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)
    
    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)
    
    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)
    
    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    


    __________________________________________________________________________________________

    Malwarebytes' Anti-Malware 1.31
    Version de la base de données: 1550
    Windows 5.1.2600 Service Pack 3
    
    26/12/2008 19:45:59
    mbam-log-2008-12-26 (19-45-59).txt
    
    Type de recherche: Examen complet (D:\|F:\|K:\|N:\|)
    Eléments examinés: 112927
    Temps écoulé: 16 minute(s), 55 second(s)
    
    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 6
    
    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)
    
    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)
    
    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    
    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)
    
    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)
    
    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)
    
    Fichier(s) infecté(s):
    C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\pmkjj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ssqpm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\awvtq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ClickToFindandFixErrors_RON.ico (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sysaudio.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
    


    ________________________________________________________________________________________
    Sinon, j'ai ré installé Hijack (cependant, je n'ai pas compris en quoi il tait mal installé),
    voici un nouveau rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:11:35, on 26/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://evo-web.co.uk/forums/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
    
    --
    End of file - 9329 bytes
    
    0
  3. ric025
     
    Sinon, j'ai ré installé Hijack (cependant, je n'ai pas compris en quoi il tait mal installé)

    --> C:\Documents and Settings\Ferdinand\Bureau\HiJackThis.exe : 1er rapport

    --> C:\Program Files\Trend Micro\HijackThis\HijackThis.exe : 2nd rapport

    Hijackthis doit se trouver là et pas ailleurs! ;))

    Toujours des soucis?

    Commence par virer un antivirus! Deux AV sur la même machine = risque de conflit!

    ---------------------------------------

    Relance MBAM, va dans quarantaine et supprime tout.

    Un petit nettoyage:

    Télécharge CCleaner

    Lors de l’installation, décoche l’option qui t’installerait la barre Yahoo

    Va dans "Options">>"Avancé". Décoche la première ligne.

    Va dans la section "Nettoyeur". Lance l'analyse. La liste créée, lance le nettoyage deux fois de suite afin d'obtenir 0bytes supprimé!

    Ensuite dans "Registre", lance une recherche des erreurs. La liste créée, fais-les réparer.

    /!\ A ce moment CCleaner te demande normalement de sauvegarder le registre, fais-le. /!\

    Recommence ensuite le cycle Recherche/Réparation des erreurs jusqu'à n'en trouver aucune lors de la recherche.

    ---------------------

    Si tu as toujours des soucis, dis-le moi pour te faire passer un autre outil plus dangereux donc je ferai appel à quelqu'un de plus compétent!
    0
  4. 50_baht Messages postés 634 Statut Membre 319
     
    (Désolé j'ai pas pu répondre plus tôt)

    J'utilise CCleaner une fois par semaine pour tout nettoyer. J'ai fait ce que tu m'as indiqué mais ça n'a rien changé...=/
    Lorsque je lance une recherche, je vois dans la petite barre en bas, qu'il me redirige vers une IP bizarre avant de me diriger vers google: j'ai fait un petit screen http://img267.imageshack.us/img267/4545/sanstitre1pj0.jpg

    Sinon, pour les deux anti virus, ça fait des années que j'utilise ad-aware et AVG en même temps j'ai jamais eu de problème de conflit. En général lorsque l'un zappe un truc louche, l'autre le détecte...

    Merci de prêter attention à mon cas =)
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ric025
     
    Sinon, pour les deux anti virus, ça fait des années que j'utilise ad-aware et AVG en même temps j'ai jamais eu de problème de conflit. En général lorsque l'un zappe un truc louche, l'autre le détecte...

    --> Ad-Aware n'est pas un AV! Mais je vois AVG8 et Norton sur ta machine! Et les deux ne vont pas ensemble!

    Relance MBAM, va dans quarantaine et supprime tout.

    Puis

    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

    Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec comme ceci!! :

    • Redémarre ton ordinateur
    • Tout de suite après le bip de démarrage, tapote la touche F8 (une pression par seconde).
    • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
    • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
    • Choisis ton compte.

    • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    • Appuie sur une touche pour commencer le processus de nettoyage.
    • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

    • Appuie sur une touche pour redémarrer le PC.

    • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    • Après le chargement du Bureau, l'outil terminera son travail et affichera "Finished".
    • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

    • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.
    0
  7. 50_baht Messages postés 634 Statut Membre 319
     
    Pour Norton, il est désinstallé depuis 2005 mais il y a un truc deSymantec qui subsiste
    et que j'arrive pas à virer (avec Ccleaner ou l'outil suppression de
    programme de Windows, m^me résultat: j'appuie sur desinstaller et
    il n'y a aucune réaction...)

    Y a eu un p'tit souci avec SDFix, j'ai dû recommencer ce matin.
    Voici le rapport

    [b]SDFix: Version 1.240 [/b]
    Run by Ferdinand on 28/12/2008 at 12:40
    
    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix
    
    [b]Checking Services [/b]:
    
    
    Restoring Default Security Values
    Restoring Default Hosts File
    
    Rebooting
    
    
    [b]Checking Files [/b]: 
    
    Trojan Files Found:
    
    C:\WINDOWS\system32\autorun.ini - Deleted
    
    
    
    
    
    Removing Temp Files
    
    [b]ADS Check [/b]:
     
    
    
                                     [b]Final Check [/b]:
    
    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-28 13:32:44
    Windows 5.1.2600 Service Pack 3 NTFS
    
    scanning hidden processes ...
    
    scanning hidden services & system hive ...
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]
    "khjeh"=hex:20,02,00,00,fd,a5,88,f4,ed,09,73,60,b5,f0,2f,03,e6,fa,91,41,2d,..
    "hj34z0"=hex:ce,a2,f5,5b,1a,ad,39,77,10,b6,86,35,b9,24,97,ca,af,61,95,a4,4b,..
    "hj34z1"=hex:23,a2,f5,5b,62,ad,39,77,11,b6,87,35,b8,24,97,ca,af,61,95,a4,fe,..
    "hj34z2"=hex:23,a2,f5,5b,62,ad,39,77,11,b6,87,35,b8,24,97,ca,af,61,95,a4,fe,..
    "hj34z3"=hex:23,a2,f5,5b,62,ad,39,77,11,b6,87,35,b8,24,97,ca,af,61,95,a4,fe,..
    "hj34z4"=hex:23,a2,f5,5b,62,ad,39,77,11,b6,87,35,b8,24,97,ca,af,61,95,a4,fe,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf41]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf42]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf43]
    "khjeh"=hex:20,02,00,00,ed,a5,88,f4,39,1e,3e,dc,05,ca,30,8b,db,e1,39,c1,3d,..
    "hj34z0"=hex:9f,0c,7b,fa,ba,96,26,ff,c0,bd,2e,b5,a9,d5,9d,09,df,ad,a9,b1,77,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:568b74a7
    "s2"=dword:f9b5378d
    "h0"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "h0"=dword:00000000
    "ujdew"=hex:f1,32,9d,fb,cf,c5,4e,18,57,9d,20,b7,06,b9,0a,47,cc,d1,79,a9,92,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "h0"=dword:00000000
    "ujdew"=hex:f1,32,9d,fb,cf,c5,4e,18,57,9d,20,b7,06,b9,0a,47,cc,d1,79,a9,92,..
    
    scanning hidden registry entries ...
    
    scanning hidden files ...
    
    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0
    
    
    [b]Remaining Services [/b]:
    
    
    
    
    Authorized Application Key Export:
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
    "C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
    "C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
    "C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe:*:Enabled:TrueVector Service"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "D:\\Office12\\OUTLOOK.EXE"="D:\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\\Documents and Settings\\Krid\\Application Data\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\Ferdinand\\Application Data\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
    "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent"
    "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
    "C:\\Program Files\\Codemasters\\RF Online\\RF.exe"="C:\\Program Files\\Codemasters\\RF Online\\RF.exe:*:Enabled:RFLauncher"
    "C:\\Documents and Settings\\Ferdinand\\Bureau\\iexplore.exe"="C:\\Documents and Settings\\Ferdinand\\Bureau\\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"="C:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
    "C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"="C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0"
    "C:\\Program Files\\Sony Ericsson\\Mobile4\\Sync Manager\\DXP SyncML.exe"="C:\\Program Files\\Sony Ericsson\\Mobile4\\Sync Manager\\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\\Documents and Settings\\Ferdinand\\Bureau\\Nouveau dossier\\pes2009.exe"="C:\\Documents and Settings\\Ferdinand\\Bureau\\Nouveau dossier\\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
    "C:\\PES 09\\pes2009.exe"="C:\\PES 09\\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
    "C:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"="C:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe:*:Enabled:Veoh Web Player "
    "C:\\Program Files\\VideoLAN\\VideoLAN Client\\vlc.exe"="C:\\Program Files\\VideoLAN\\VideoLAN Client\\vlc.exe:*:Enabled:vlc"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    
    [b]Remaining Files [/b]:
    
    
    File Backups: - C:\SDFix\backups\backups.zip
    
    [b]Files with Hidden Attributes [/b]:
    
    Mon 14 Apr 2008     1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
    Mon 14 Apr 2008        60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
    Sat 15 Jan 2005         1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK32.dll"
    Sat 15 Jan 2005         1,024 ...HR --- "C:\WINDOWS\system32\ntiembed.dll"
    Sat 15 Jan 2005         1,024 A..HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
    Mon 11 Dec 2006       607,019 ..SH. --- "C:\WINDOWS\system32\pqtwa.bak1"
    Mon 25 Dec 2006       672,986 ..SH. --- "C:\WINDOWS\system32\pqtwa.bak2"
    Tue 13 May 2008         4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Tue 28 Nov 2006             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    
    [b]Finished![/b]
    
    
    0
  8. ric025
     
    Ok!

    Pour supprimer toute trace de Norton, suis cette procédure:

    http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

    ---------------------------

    Ensuite on va vérifier:

    Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

    http://images.malwareremoval.com/random/RSIT.exe

    Double-clique sur RSIT.exe.

    Clique sur Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches). Poste les deux rapports dans deux messages séparés afin d'éviter un bug éventuel.

    A noter: Les rapports se trouvent également ici: C:\rsit.
    0
  9. 50_baht Messages postés 634 Statut Membre 319
     
    Au moins tu m'auras permis de virer Norton, on aura pas perdu notre temps pour rien =D

    V'là le log:

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Ferdinand at 2008-12-28 15:24:25
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 5 GB (6%) free of 74 GB
    Total RAM: 1023 MB (48% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:24:41, on 28/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Ferdinand\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Ferdinand.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://evo-web.co.uk/forums/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
    0
  10. 50_baht Messages postés 634 Statut Membre 319
     
    Et l Info.txt:

    info.txt logfile of random's system information tool 1.05 2008-12-28 15:24:43

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}\Setup.exe" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent-->"C:\Program Files\uTorrent\uninstall.exe"
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
    AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
    Ad-Aware SE Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
    ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
    AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CodecInstaller 2.5.5-->C:\Program Files\JockerSoft\CodecInstaller\uninst.exe
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    CoreAAC Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreAAC-uninstall.exe"
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
    dBpowerAMP-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP.dat
    Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
    DivX Codec 3.1alpha release-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX.inf
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
    FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
    Flag 1600x1200-->C:\Program Files\Flag 1600x1200\Uninstall.exe
    Free FLV Converter V 5.9.1-->"C:\Program Files\Free FLV Converter\unins000.exe"
    Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B22C19AE-6A67-4f28-B541-5AE72FB17A25}\setup\hpzscr01.exe -datfile hposcr15.dat
    HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
    J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Magic ISO Maker v5.4 (build 0251)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{E6BAE954-487E-488B-BC4E-2E69E54E8117}
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    MKVtoolnix 2.3.0-->C:\Program Files\MKVtoolnix\uninst.exe
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
    Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
    Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
    Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    mTC (remove only)-->"C:\Program Files\mTC\mtc-uninst.exe"
    Nero 7 Demo-->MsiExec.exe /I{513AEC24-3465-8C4F-87BA-652D6F491036}
    Nimo Codecs Pack v5.0 (Remove Only)-->"C:\Program Files\NimoCodec Pack\uninstall.exe"
    Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    NTI CD & DVD-Maker Gold -->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778} /l1036 AnyText
    NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
    On2 VP7 Personal Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}\Setup.exe" -l0x9
    Pack PSP - Ri4m - v1.0a-->C:\Program Files\Ripp-it_AM\dlls\Uninstal.exe
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    Pen Tablet-->C:\Program Files\Tablet\Pen\Remove.exe /u
    Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,DefaultUninstall
    QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    Real Alternative 1.51 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
    Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
    Ripp-It Codec Pack v 4.2.6-->C:\Program Files\Ripp-It Codec Pack\uninst.exe
    Satsuki Decoder Pack-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
    Sélecteur d'installation de Microsoft Works 2004-->C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
    Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Sony Ericsson Media Manager 1.0-->MsiExec.exe /X{37F8E751-D19B-4445-8007-831CA42A9F9E}
    Sony Ericsson PC Suite for Smartphones-->C:\WINDOWS\Installer\{E1252473-6306-4d5d-904D-B06AA7F38161}\setup.exe /uninstall
    Sony Ericsson PC Suite for Smartphones-->MsiExec.exe /I{E09936FE-9B7B-4AB5-B08A-A9216E0D042F}
    Sony Ericsson Symbian 9 Drivers-->C:\Program Files\Sony Ericsson\Sony Ericsson Symbian 9 Drivers\ZEBRUninstall.exe
    SopCast 1.1.1-->C:\Program Files\SopCast\uninst.exe
    SopCore 1.1.2-->C:\Program Files\SopCast\uninst.exe
    Subtitle Workshop 2.51-->"C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
    Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
    VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Media Bonus Pack for Windows XP-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmbonus.inf,DefaultUninstall
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Media Player Playlist Import to Excel Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxlswiz.inf,DefaultUninstall
    Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
    Windows Media Player Tray Control-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxptray.inf,DefaultUninstall
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinFast Entertainment Center(WDM Driver)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE4AA694-815A-4045-BD49-C94F2BED7458}\setup.exe"
    x264 Revision 573 x264.nl (remove only)-->"C:\Program Files\x264\x264-uninstall.exe"
    Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: AVG Anti-Virus
    FW: AVG Firewall (disabled)

    System event log

    Computer Name: ACER-5C89C15659
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.

    Record Number: 43729
    Source Name: Service Control Manager
    Time Written: 20081220174351.000000+060
    Event Type: erreur
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 43728
    Source Name: Service Control Manager
    Time Written: 20081220174351.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

    Record Number: 43727
    Source Name: Service Control Manager
    Time Written: 20081220174351.000000+060
    Event Type: Informations
    User: ACER-5C89C15659\Ferdinand

    Computer Name: ACER-5C89C15659
    Event Code: 7023
    Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
    Le module spécifié est introuvable.

    Record Number: 43726
    Source Name: Service Control Manager
    Time Written: 20081220174351.000000+060
    Event Type: erreur
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 7036
    Message: Le service Gestion d'applications est entré dans l'état : arrêté.

    Record Number: 43725
    Source Name: Service Control Manager
    Time Written: 20081220174351.000000+060
    Event Type: Informations
    User:

    Application event log

    Computer Name: ACER-5C89C15659
    Event Code: 100
    Message: msnmsgr (2736) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 38120
    Source Name: ESENT
    Time Written: 20081124080623.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 12001
    Message: The Messenger Sharing USN Journal Reader service started successfully.

    Record Number: 38119
    Source Name: usnjsvc
    Time Written: 20081124080622.000000+060
    Event Type:
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 0
    Message:
    Record Number: 38118
    Source Name: hpqcxs08
    Time Written: 20081124080512.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 38117
    Source Name: SecurityCenter
    Time Written: 20081124080456.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-5C89C15659
    Event Code: 0
    Message:
    Record Number: 38116
    Source Name: hpqddsvc
    Time Written: 20081124080428.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ESTsoft\ALZip\;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\Intuwave\Shared\mRouterRuntime;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=2f02
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "DEFAULT_CA_NR"=CA8
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  11. ric025
     
    Au moins tu m'auras permis de virer Norton, on aura pas perdu notre temps pour rien =D

    --> Tu n'as pas l'air de te rendre compte que tu étais sacrément infecté et que l'on a déjà nettoyé pas mal!!!

    Je regarde le RSIT et te redis ça!

    A+
    0
    1. 50_baht Messages postés 634 Statut Membre 319
       
      Je ne m'en suis pas rendu compte en effet. Pourtant je fais souvent des nettoyages avec Ccleaner, et des scans.
      M'enfin...
      Merci en tout cas pour ton aide (même si c'est pas encore fini...).
      0
  12. ric025
     
    Ad-Remover:

    * Télécharge et enregistre le fichier d installation sur ton bureau :

    http://sd-1.archive-host.com/membres/up/16506160323759868/AD­-R.exe

    * Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )

    * Ouvre le dossier Ad-remover présent sur ton bureau, et double clique sur Ad-remover.bat.

    * Au menu principal choisi l'option "A"

    * Poste le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :


    Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis
    entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels
    de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces
    antivirus.
    0
    1. 50_baht Messages postés 634 Statut Membre 319
       
      Le lien ne fonctionne pas, il ne trouve pas le fichier...
      0
  13. 50_baht Messages postés 634 Statut Membre 319
     
    Voilà le rapport de A-R:

    --------- Logfile of AD-Remover 1.0.8.0 by C_XX ---------
    
    # START at: 15:57:21 | Dim 28/12/2008 | Microsoft® Windows XP™  SP3 (v5.1.2600)
    # BOOT MODE: Normal
    
    # OPTION: Scan | EXECUTED FROM: C:\Documents and Settings\Ferdinand\Bureau\AD-Remover.bat
    
    # PC: ACER-5C89C15659 | USER: Ferdinand ( Current user is an administrator)
    
    # DRIVE(S): 
    - C:\  (File System: NTFS)
    - D:\  (File System: FAT32)
    - F:\  (File System: NTFS)
    - T:\  (File System: UDF)
    
    # Internet Explorer v7.0.5730.11
    
    --------- [ RUNNING PROCESSES: 38 ] ---------
    
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\ntvdm.exe
    
    -----------------------------------
    
    
    +-----------------------| Boonty/Boonty Games Elements found :
    
    "Boonty Games" (service)
    .
    "HKEY_LOCAL_MACHINE\Software\Boonty"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
    .
    [12/05/2008 19:56|d--------] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [12/05/2008 19:56|d--------] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY\Licenses
    [12/05/2008 19:57|-r-------] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY\Licenses\B486D000.dat
    
    +-----------------------| Eorezo Elements found :
    
    .
    
    +-----------------------| Everest Poker Elements found :
    
    .
    
    +-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
    
    .
    
    +-----------------------| It's TV Elements found :
    
    .
    
    +-----------------------| Sweetim Elements found :
    
    .
    
    +-----------------------| ADDED SCAN :
    
    
    
    +---------- Scanning prefs.js ... ( # Mozilla User Preferences )
    
    ...\r9ezq3j4.default\prefs.js :
    
    ~~~~ Mozilla FireFox version 3.0.5 ~~~~
    
    * Browser Search Default Engine:  "Search the web"
    * Browser Search Selected Engine:  "Google"
    * Browser Search Default Url:  "http://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q="
    * Browser Startup HomePage:  "https://start.mozilla.org/fr/"
    
    +----------+
    
    
    +---------------------------------------------------------------------------+
    
    +--[HKEY_CURRENT_USER\..\Run]
    
    CTFMON.EXE	REG_SZ	C:\WINDOWS\system32\ctfmon.exe
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}	REG_SZ	"C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    DWQueuedReporting	REG_SZ	"C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    msnmsgr	REG_SZ	"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    
    +--[HKEY_LOCAL_MACHINE\..\Run]
    
    IMJPMIG8.1	REG_SZ	"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    MSPY2002	REG_SZ	C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    PHIME2002ASync	REG_SZ	C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    PHIME2002A	REG_SZ	C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    SunJavaUpdateSched	REG_SZ	"C:\Program Files\Java\jre6\bin\jusched.exe"
    NeroFilterCheck	REG_SZ	C:\WINDOWS\system32\NeroCheck.exe
    LaunchApp	REG_SZ	Alaunch
    AWMON	REG_SZ	"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    QuickTime Task	REG_SZ	"C:\Program Files\QuickTime\QTTask.exe" -atboottime
    AVG8_TRAY	REG_SZ	C:\PROGRA~1\AVG\AVG8\avgtray.exe
    hpqSRMon	REG_SZ	C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    
    +--[HKEY_USERS\.DEFAULT\..\Run]
    
    CTFMON.EXE	REG_SZ	C:\WINDOWS\system32\CTFMON.EXE
    
    +--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
    
    Start Page : hxxp://forums.evo-web.co.uk/index.php
    
    +--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
    
    Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    Start Page : hxxp://www.01net.com/\0http
    
    +---------------------------------------------------------------------------+
    
    - "C:\AD-report-Scan-28.12.2008.log" (~5194 bytes)
    
    # END at: 15:57:36 | 28/12/2008 - Time elapsed: 15.1 seconds 
    
    +---------------------------------------------------------------------------+
    +------------------------------- [ E.O.F - 108 lines ]
    +---------------------------------------------------------------------------+
    
    
    0
  14. ric025
     
    ! Déconnectes toi et fermes toutes applications en cours !

    * Relances "Ad-remover" : au menu principal choisi l'option "B" .

    * Coche à l'écran de sélection :


    Suppression Boonty/BoontyGames


    * Puis choisi "S" , le programme va travailler,

    * Postes le rapport qui apparait à la fin.

    ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    /!\
    Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet
    "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides)
    0
  15. 50_baht Messages postés 634 Statut Membre 319
     
    --------- Logfile of AD-Remover 1.0.8.0 by C_XX ---------

    *** Limited to ***

    Boonty/BoontyGames

    ******************

    # START at: 16:13:36 | Dim 28/12/2008 | Microsoft® Windows XP™ SP3 (v5.1.2600)
    # BOOT MODE: Normal

    # OPTION: Clean | EXECUTED FROM: C:\Documents and Settings\Ferdinand\Bureau\AD-Remover.bat

    # PC: ACER-5C89C15659 | USER: Ferdinand ( Current user is an administrator)

    # DRIVE(S):
    - C:\ (File System: NTFS)
    - D:\ (File System: FAT32)
    - F:\ (File System: NTFS)
    - T:\ (File System: UDF)

    # Internet Explorer v7.0.5730.11

    --------- [ RUNNING PROCESSES: 36 ] ---------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\ntvdm.exe

    -----------------------------------

    (!) ---- IE start pages reset

    +-----------------------| Boonty/Boonty Games Elements Deleted :

    .

    +-----------------------| Eorezo Elements Deleted :

    .

    +-----------------------| Everest Poker Elements Deleted :

    .

    +-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

    .

    +-----------------------| It's TV Elements Deleted :

    .

    +-----------------------| Sweetim Elements Deleted :
    --------- Logfile of AD-Remover 1.0.8.0 by C_XX ---------

    # START at: 15:57:21 | Dim 28/12/2008 | Microsoft® Windows XP™ SP3 (v5.1.2600)
    # BOOT MODE: Normal

    # OPTION: Scan | EXECUTED FROM: C:\Documents and Settings\Ferdinand\Bureau\AD-Remover.bat

    # PC: ACER-5C89C15659 | USER: Ferdinand ( Current user is an administrator)

    # DRIVE(S):
    - C:\ (File System: NTFS)
    - D:\ (File System: FAT32)
    - F:\ (File System: NTFS)
    - T:\ (File System: UDF)

    # Internet Explorer v7.0.5730.11

    --------- [ RUNNING PROCESSES: 38 ] ---------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\ntvdm.exe

    -----------------------------------

    +-----------------------| Boonty/Boonty Games Elements found :

    "Boonty Games" (service)
    .
    "HKEY_LOCAL_MACHINE\Software\Boonty"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES"
    "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games"
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games"
    .
    [12/05/2008 19:56|d--------] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [12/05/2008 19:56|d--------] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY\Licenses
    [12/05/2008 19:57|-r-------] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY\Licenses\B486D000.dat

    +-----------------------| ADDED SCAN :

    +---------- Scanning prefs.js ... ( # Mozilla User Preferences )

    ...\r9ezq3j4.default\prefs.js :

    ~~~~ Mozilla FireFox version 3.0.5 ~~~~

    * Browser Search Default Engine: "Search the web"
    * Browser Search Selected Engine: "Google"
    * Browser Search Default Url: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q="
    * Browser Startup HomePage: "https://start.mozilla.org/fr/"

    +----------+

    +---------------------------------------------------------------------------+

    +--[HKEY_CURRENT_USER\..\Run]

    CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    DWQueuedReporting REG_SZ "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    +--[HKEY_LOCAL_MACHINE\..\Run]

    IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    MSPY2002 REG_SZ C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
    NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
    LaunchApp REG_SZ Alaunch
    AWMON REG_SZ "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    AVG8_TRAY REG_SZ C:\PROGRA~1\AVG\AVG8\avgtray.exe
    hpqSRMon REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

    +--[HKEY_USERS\.DEFAULT\..\Run]

    CTFMON.EXE REG_SZ C:\WINDOWS\system32\CTFMON.EXE

    +--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

    Start Page : hxxp://forums.evo-web.co.uk/index.php

    +--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

    Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    Start Page : hxxp://www.01net.com/\0http

    +---------------------------------------------------------------------------+

    - "C:\AD-report-Scan-28.12.2008.log" (~5194 bytes)

    # END at: 15:57:36 | 28/12/2008 - Time elapsed: 15.1 seconds

    +---------------------------------------------------------------------------+
    +------------------------------- [ E.O.F - 108 lines ]
    +---------------------------------------------------------------------------+

    .

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.

    +-----------------------| ADDED SCAN :

    +---------- Scanning prefs.js ... ( # Mozilla User Preferences )

    ...\r9ezq3j4.default\prefs.js :

    ~~~~ Mozilla FireFox version 3.0.5 ~~~~

    * Browser Search Default Engine: "Search the web"
    * Browser Search Selected Engine: "Google"
    * Browser Search Default Url: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q="
    * Browser Startup HomePage: "https://start.mozilla.org/fr/"

    +----------+

    +--[HKEY_CURRENT_USER\..\Run]

    CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    DWQueuedReporting REG_SZ "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    +--[HKEY_LOCAL_MACHINE\..\Run]

    IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    MSPY2002 REG_SZ C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
    NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
    LaunchApp REG_SZ Alaunch
    AWMON REG_SZ "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    AVG8_TRAY REG_SZ C:\PROGRA~1\AVG\AVG8\avgtray.exe
    hpqSRMon REG_SZ C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

    +--[HKEY_USERS\.DEFAULT\..\Run]

    CTFMON.EXE REG_SZ C:\WINDOWS\system32\CTFMON.EXE

    +--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

    Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    +--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

    Start Page : hxxp://fr.msn.com/
    Start Page : hxxp://www.01net.com/\0http

    +---------------------------------------------------------------------------+

    - "C:\AD-report-Clean-28.12.2008.log" (~4653 bytes)

    - "C:\AD-report-Scan-28.12.2008.log" (~5529 bytes)

    # END at: 16:13:56 | 28/12/2008 - Time elapsed: 19.6 seconds

    +---------------------------------------------------------------------------+
    +------------------------------- [ E.O.F - 201 lines ]
    +---------------------------------------------------------------------------+
    0
  16. ric025
     
    Télécharge CCleaner

    Lors de l’installation, décoche l’option qui t’installerait la barre Yahoo

    Va dans "Options">>"Avancé". Décoche la première ligne.

    Va dans la section "Nettoyeur". Lance l'analyse. La liste créée, lance le nettoyage deux fois de suite afin d'obtenir 0bytes supprimé!

    Ensuite dans "Registre", lance une recherche des erreurs. La liste créée, fais-les réparer.

    /!\ A ce moment CCleaner te demande normalement de sauvegarder le registre, fais-le. /!\

    Recommence ensuite le cycle Recherche/Réparation des erreurs jusqu'à n'en trouver aucune lors de la recherche.

    ------------------------------

    Ensuite reposte un rapport RSIT tout neuf stp! ;)
    0
  17. 50_baht Messages postés 634 Statut Membre 319
     
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Ferdinand at 2008-12-28 16:29:47
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 5 GB (6%) free of 74 GB
    Total RAM: 1023 MB (54% free)
    
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:29:57, on 28/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\Ferdinand\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Ferdinand.exe
    
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
    
    --
    End of file - 8139 bytes
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-07 399424]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
    HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-11-05 455960]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-21 320920]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVGTOOLBAR - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-18 2055960]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-21 34816]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-21 73728]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-07 399424]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVGTOOLBAR - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-18 2055960]
    {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-03 463872]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-21 136600]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "LaunchApp"=Alaunch []
    "AWMON"=C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe [2004-09-16 538112]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-27 1261336]
    "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208]
    "DWQueuedReporting"=C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-08-24 437160]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-05-29 5724184]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe []
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
    C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized []
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
    C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
    C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-06-13 528384]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /Minimized []
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
    C:\Program Files\WinFast\WFTVFM\WFWIZ.exe []
    
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
    
    C:\Documents and Settings\Ferdinand\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="avgrsstx.dll"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-10-24 46080]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    WgaLogon.dll []
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=95000000
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
    "C:\Program Files\Grisoft\AVG Free\avgamsvr.exe"="C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
    "C:\Program Files\Grisoft\AVG Free\avgcc.exe"="C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
    "C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "D:\Office12\OUTLOOK.EXE"="D:\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
    "C:\Documents and Settings\Ferdinand\Application Data\SopCast\adv\SopAdver.exe"="C:\Documents and Settings\Ferdinand\Application Data\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
    "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
    "C:\Program Files\Codemasters\RF Online\RF.exe"="C:\Program Files\Codemasters\RF Online\RF.exe:*:Enabled:RFLauncher"
    "C:\Documents and Settings\Ferdinand\Bureau\iexplore.exe"="C:\Documents and Settings\Ferdinand\Bureau\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
    "C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0"
    "C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe"="C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Documents and Settings\Ferdinand\Bureau\Nouveau dossier\pes2009.exe"="C:\Documents and Settings\Ferdinand\Bureau\Nouveau dossier\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
    "C:\PES 09\pes2009.exe"="C:\PES 09\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
    "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
    "C:\Program Files\VideoLAN\VideoLAN Client\vlc.exe"="C:\Program Files\VideoLAN\VideoLAN Client\vlc.exe:*:Enabled:vlc"
    "C:\Documents and Settings\Ferdinand\Local Settings\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\Ferdinand\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48810704-1cdc-11dd-b36f-00016ce61d16}]
    shell\Auto\command - AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae5ea7c5-07c4-11dd-b34e-00016ce61d16}]
    shell\auto\command - Knight.exe open
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
    shell\explore\command - Knight.exe open
    shell\find\command - Knight.exe open
    shell\install\command - Knight.exe open
    shell\open\command - Knight.exe open
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae5ea7c6-07c4-11dd-b34e-00016ce61d16}]
    shell\auto\command - Knight.exe open
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
    shell\explore\command - Knight.exe open
    shell\find\command - Knight.exe open
    shell\install\command - Knight.exe open
    shell\open\command - Knight.exe open
    
    
    ======List of files/folders created in the last 1 months======
    
    2008-12-28 15:24:25 ----D---- C:\rsit
    2008-12-28 15:12:42 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2008-12-28 12:28:43 ----D---- C:\SDFix
    2008-12-27 23:37:58 ----D---- C:\WINDOWS\ERUNT
    2008-12-26 19:25:52 ----D---- C:\Program Files\Trend Micro
    2008-12-26 18:03:10 ----D---- C:\Documents and Settings\Ferdinand\Application Data\Malwarebytes
    2008-12-26 18:03:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-12-26 18:03:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-12-26 16:10:38 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-12-26 16:10:33 ----A---- C:\rapport.txt
    2008-12-26 16:09:33 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2008-12-26 16:09:33 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
    2008-12-26 16:09:32 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2008-12-26 16:09:30 ----A---- C:\WINDOWS\system32\404Fix.exe
    2008-12-26 16:09:29 ----A---- C:\WINDOWS\system32\VACFix.exe
    2008-12-26 16:09:29 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2008-12-26 16:09:28 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2008-12-26 16:09:28 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2008-12-26 16:09:27 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2008-12-26 16:09:27 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2008-12-26 16:09:27 ----A---- C:\WINDOWS\system32\dumphive.exe
    2008-12-26 16:09:26 ----A---- C:\WINDOWS\system32\swsc.exe
    2008-12-26 16:09:26 ----A---- C:\WINDOWS\system32\swreg.exe
    2008-12-26 16:09:25 ----A---- C:\WINDOWS\system32\Process.exe
    2008-12-25 21:45:06 ----D---- C:\Documents and Settings\Ferdinand\Application Data\vlc
    2008-12-25 12:01:10 ----A---- C:\mpeg.txt
    2008-12-25 12:01:10 ----A---- C:\mp4.txt
    2008-12-25 10:47:25 ----D---- C:\Documents and Settings\Ferdinand\Application Data\Uniblue
    2008-12-25 10:47:25 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner
    2008-12-22 14:01:31 ----D---- C:\Program Files\URUSoft
    2008-12-21 11:41:58 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-12-21 11:41:58 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-12-21 11:41:58 ----A---- C:\WINDOWS\system32\java.exe
    2008-12-21 11:41:58 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-12-17 00:32:19 ----A---- C:\WINDOWS\system32\TubeFinder.exe
    2008-12-17 00:32:17 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
    2008-12-17 00:32:16 ----D---- C:\Program Files\Free FLV Converter
    2008-12-17 00:32:16 ----A---- C:\WINDOWS\system32\PCCLPFR.DLL
    2008-12-17 00:32:16 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
    2008-12-12 18:05:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2008-12-12 18:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2008-12-12 17:57:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2008-12-12 17:57:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2008-11-30 17:20:06 ----A---- C:\WINDOWS\UninstVeetleTVPlayer.exe
    
    ======List of files/folders modified in the last 1 months======
    
    2008-12-28 16:29:57 ----D---- C:\WINDOWS\Temp
    2008-12-28 16:29:33 ----SHD---- C:\Fichiers Internet temporaires
    2008-12-28 16:28:14 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-28 16:27:05 ----AD---- C:\WINDOWS
    2008-12-28 16:11:24 ----D---- C:\WINDOWS\Prefetch
    2008-12-28 15:18:03 ----D---- C:\Documents and Settings\Ferdinand\Application Data\WTablet
    2008-12-28 15:17:19 ----D---- C:\Program Files\Fichiers communs
    2008-12-28 15:16:21 ----N---- C:\WINDOWS\SchedLgU.Txt
    2008-12-28 15:14:28 ----AD---- C:\Program Files
    2008-12-28 15:14:24 ----AD---- C:\WINDOWS\system32\drivers
    2008-12-28 15:14:23 ----AD---- C:\WINDOWS\system32
    2008-12-28 15:13:25 ----SHD---- C:\WINDOWS\Installer
    2008-12-28 12:39:41 ----RSHD---- C:\WINDOWS\system32\dllcache
    2008-12-28 11:52:45 ----D---- C:\WINDOWS\system32\config
    2008-12-28 11:52:18 ----D---- C:\WINDOWS\system32\wbem
    2008-12-28 11:52:18 ----D---- C:\WINDOWS\Registration
    2008-12-28 01:08:45 ----HD---- C:\Config.Msi
    2008-12-28 01:08:15 ----D---- C:\Documents and Settings\Ferdinand\Application Data\Identities
    2008-12-27 22:20:38 ----D---- C:\Documents and Settings\Ferdinand\Application Data\Adobe
    2008-12-27 18:24:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-12-27 17:11:17 ----D---- C:\WTablet
    2008-12-27 13:44:26 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-12-26 12:15:32 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-12-25 22:41:59 ----D---- C:\Documents and Settings\Ferdinand\Application Data\dvdcss
    2008-12-25 11:13:17 ----D---- C:\Program Files\MeuhMeuhTV
    2008-12-21 11:42:45 ----HD---- C:\WINDOWS\inf
    2008-12-21 11:41:41 ----D---- C:\Program Files\Java
    2008-12-18 17:53:11 ----HD---- C:\WINDOWS\$hf_mig$
    2008-12-18 12:49:37 ----A---- C:\WINDOWS\win.ini
    2008-12-15 01:35:01 ----D---- C:\WINDOWS\Debug
    2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-12-12 18:06:45 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-12-12 18:05:16 ----D---- C:\Program Files\Internet Explorer
    2008-12-10 00:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-12-05 16:56:13 ----D---- C:\Program Files\VideoLAN
    2008-12-05 16:54:30 ----D---- C:\Program Files\Nvu
    2008-12-05 15:18:36 ----D---- C:\Documents and Settings\Ferdinand\Application Data\Screenshot Sender
    2008-12-03 13:34:23 ----D---- C:\WINDOWS\Help
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-30 98440]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-18 26824]
    R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-05 90632]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2004-10-04 75925]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
    R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.10; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-07-02 15890]
    R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2004-10-04 36423]
    R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2004-10-04 10005]
    R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2006-04-04 19200]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-10-24 1333760]
    R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-11-05 29208]
    R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2002-06-03 40832]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-01-15 6912]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-09-10 52224]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-11-15 33408]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-11-15 12928]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-09-10 412032]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
    R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]
    R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-16 11440]
    R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2007-04-13 62984]
    S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
    S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
    S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service; C:\WINDOWS\system32\DRIVERS\wg11tnd5.sys []
    S3 ATHFMWDL;NETGEAR WG111T bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
    S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-11-05 29208]
    S3 catchme;catchme; \??\C:\DOCUME~1\FERDIN~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\DNINDIS5.SYS []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
    S3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
    S3 pctvvbi;PCTVVBI; C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
    S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
    S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
    S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
    S3 se44bus;Sony Ericsson Device 068 driver (WDM); C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536]
    S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360]
    S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088]
    S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624]
    S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS); C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 18704]
    S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432]
    S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM); C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 w550bus;Sony Ericsson W550 driver (WDM); C:\WINDOWS\system32\DRIVERS\w550bus.sys []
    S3 w550mdfl;Sony Ericsson W550 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w550mdfl.sys []
    S3 w550mdm;Sony Ericsson W550 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w550mdm.sys []
    S3 w550mgmt;Sony Ericsson W550 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w550mgmt.sys []
    S3 w550obex;Sony Ericsson W550 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w550obex.sys []
    S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-12-30 104576]
    S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2007-04-13 83080]
    S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2007-04-13 15112]
    S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2007-04-13 108296]
    S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2007-04-13 108424]
    S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2007-04-13 90888]
    S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-10-24 376832]
    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-18 231704]
    R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-11-05 1212184]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-21 152984]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 TabletServicePen;TabletServicePen; C:\WINDOWS\system32\Pen_Tablet.exe [2007-09-07 1373480]
    R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-09 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
    
    -----------------EOF-----------------
    
    0
  18. ric025
     
    Encore quelque chose qui colle! ;)

    Fais ceci:

    Télécharge UsbFix (de Chiquitine29) sur ton Bureau :

    http://sd-1.archive-host.com/membres/up/116615172019703188/U­sbFix.exe

    --> Lance l'installation avec les paramètres par défaut.

    --> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

    --> Clic droit sur le raccourci UsbFix sur ton Bureau et choisis Exécuter en tant qu'administrateur.

    --> Le PC va redémarrer.

    --> Après redémarrage, poste le rapport UsbFix.txt

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
    0
    1. 50_baht Messages postés 634 Statut Membre 319
       
      Le lien que tu m'as donné ne fonctionne pas non plus. Mais j'en ai trouvé un autre.
      Je l'ai installé sur mon disque dur, j'ai fait clique-droit sur le raccourci sur le bureau, mais il n y a pas la commande "executer en tant que"
      Dans le menu du programme, il y a "nettoyage" ou "vaccination", est ce que ce que tu me demande correspond à l un de ces choix?
      0
  19. ric025
     
    Faut que je revoie mes canneds!

    Ok! Fais le nettoyage.

    A+
    0
  20. 50_baht Messages postés 634 Statut Membre 319
     
    -------------- UsbFix V2.413.8 ---------------

    * User : Ferdinand - ACER-5C89C15659
    * Outils mis a jours le 27/12/2008 par Chiquitine29 et Chimay8
    * Recherche effectuée à 17:21:29 le 28/12/2008
    * Windows Xp - Internet Explorer 7.0.5730.11

    --------------- [ Processus actifs ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe

    --------------- [ Informations lecteurs ] ----------------

    C: - Lecteur fixe

    D: - Lecteur fixe

    E: - Lecteur de CD-ROM

    F: - Lecteur fixe

    O: - Lecteur amovible

    T: - Lecteur de CD-ROM

    +- Contenu de l'autorun : E:\autorun.inf

    [autorun]
    open=setup.exe
    icon=setup.exe,0
    [Version]
    CDGuid={B22C19AE-6A67-4f28-B541-5AE72FB17A25}
    SoftwareGuid=
    InfrastructureDatabaseList=hpomdl15.dat
    LanguagesInthisCD=enu,ell,plk,rus,trk,chs,cht,csy,dan,deu,esn,fin,fra,hun,ita,jpn,kor,nld,nob,ptb,sve,heb,ara
    DefaultLanguageInThisRelease=enu
    DIVISION=hpo
    ICE_REV=15
    FIRST_IO_REVISION=09
    LAST_IO_REVISION=09
    VCD_FILEVER=0
    Manufacturer=HP
    RegistryManufacturer=Hewlett-Packard
    ProductSeries=Photosmart All-In-One Series
    Pre-Install=%ProgramFilesx86%%Manufacturer%\
    SilentInstall=No
    InvalidPathCharacters=#$&,%
    ConnectivityPlugin=%sourcepath%setup\hpzdui%ICE_SUFFIX%.exe
    PreloadICEEngineToGUIDFolder=%sourcepath%hpzprl01.dat
    PreloadRecoveryMechanism=%sourcepath%hpzprl02.dat
    PreloadRestingPad=%sourcepath%hpzprl03.dat
    UI_03=No
    UI_20=Yes
    UI_21=No
    UI_25=No
    UI_30=Yes
    UI_50=No
    UI_80=swreinstall&NoDeviceConnected&NoDeviceDiscovery
    UI_250=No
    UI_260=Yes
    UI_40=Yes
    UI_60=Yes
    UI_70=Yes
    UI_110=Yes
    UI_100=Yes
    RegistryRebootLocation=DigitalImaging\Install
    autorunid=PS_AIO_NonNetwork_DVD
    ConnectivityStopAndRestart=%InstallMainBin%hpqtra08.exe
    driverver=06/06/2007, 090.000.238.000
    first_ca_revision=0
    CPENetworkSupport=Yes
    IEFIX=NoFix
    last_ca_revision=0
    log=1
    maxinstalldirlength=64
    maxinstalltime=35
    maxpathforcd=100
    mininstalltime=15
    preloadiceexes=hpoprl10.dat
    preloadlpmsis=hpoprl08.dat
    preloadproductcontext=hpoprl09.dat
    preloadproductmsis=hpoprl07.dat
    preloadreadme=hpoprl06.dat
    productfinishevent=somestring
    provider=HP
    setupfinishevent=somestring
    shortcut=Yes
    shortcutcheckbox=Yes
    startup=Yes
    UI_261=TimeoutIfSWFirst
    DirectConnectSuccessTimeout=5
    usingdevicediscovery=Yes
    DeviceDiscoveryBucket=DeviceManagement_AIO
    %DeviceManagementGUID%={8C1DC8A2-1B7C-4e10-8280-C3791E94A4D3}
    [Strings]
    _TargetDatFile=autorun,scr
    %Preload%=%InstallDirx86%Digital Imaging\%CDGuid%\
    %ICETemp%=%ProgramFilesx86%%ICETempInPF%\
    %ICETempInPF%=%Manufacturer%\Temp\%CDGuid%
    %Recovery%=%ICETemp%
    %RecoveryInPF%=%ICETempInPF%
    %Preloadx86%=%InstallDirx86%Digital Imaging\%CDGuid%\
    %InstallMain%=%InstallDirx86%Digital Imaging\
    %ProductScrubberDatfile%=hposcr15.dat
    %autorunlocation%=.
    %setupName%=hpzsetup.exe
    %setupStubName%=hpzstub.exe
    %MSIRollbackDatFile%=hpzmsirb.dat
    %DeviceInstanceRollbackFile%=hpzdirb.dat
    %CUEVersion%=9.0
    %CUEDivision%=hpq
    %WebPrintVersion%=2.0
    %DTSSVersion%=8.0
    %SoftwareUpdateVersion%=8.0
    %PhotosmartEssentialVersion%=2.01
    %bounty_id%=D10
    %DeviceManagementGUID%={7CE9F96F-3B1F-45b5-B429-48013A974B37}
    %DeviceManagement_ICE_REV%=01
    %DeviceManagementDisplayName%=HP Imaging Device Functions
    %DeviceManagementUninstallKey%=HP Imaging Device Functions
    %eSupportGUID%={EFD54B7D-744F-4730-8F9C-AAF80E6028BA}
    %eSupport_ICE_REV%=05
    %eSupportDisplayName%=HP Solution Center
    %eSupportUninstallKey%=HP Solution Center & Imaging Support Tools
    %CustomerExperienceGUID%={BBE9EEF0-BBAC-4871-90DC-4CE0EC02D00B}
    %CustomerExperience_ICE_REV%=06
    %CustomerExperienceDisplayName%=HP Customer Participation Program
    %CustomerExperienceUninstallKey%=HPExtendedCapabilities
    %SoftwareUpdate_ICE_REV%=07
    %SoftwareUpdateDisplayName%=HP Update
    %SoftwareUpdateUninstallKey%={8C6027FD-53DC-446D-BB75-CACD7028A134}
    %OCRGUID%={E379D32C-7B7A-48ad-9166-732A48B5A435}
    %OCR_ICE_REV%=11
    %OCRDisplayName%=HP OCR Software
    %OCRUninstallKey%=HPOCR
    %WebPrintGUID%={2D1F2124-29E6-460A-B140-E9DF3BC594CE}
    %WebPrint_ICE_REV%=15
    %WebPrintDisplayName%=HP Smart Web Printing
    %WebPrintUninstallKey%={820F9BE6-0998-4187-BE0C-8192BDDC2FEF}
    %DTSSGUID%={3D74A00B-BBFC-4834-A728-0633F0D91840}
    %DTSS_ICE_REV%=16
    %DTSSDisplayName%=Shop for HP Supplies
    %DTSSUninstallKey%={7902E313-FF0F-4493-ACB1-A8147B78DCD0}
    %DTSSUpgradeCode%={FE9B929E-3BAF-40B1-BFFC-3A078ABAA0C8}
    %PhotosmartEssentialGUID%={7FB920E4-5D4E-4e0f-BB7D-C178E5A11A51}
    %PhotosmartEssential_ICE_REV%=13
    %PhotosmartEssentialDisplayName%=HP Photosmart Essential %PhotosmartEssentialVersion%
    %PhotosmartEssentialUninstallKey%=HP Photosmart Essential
    %PhotosmartEssentialBASEGUID%={E4E30953-546D-477b-9C50-5B3E07A0A58E}
    %PhotosmartEssentialTATTOOGUID%={EAF69D39-7A09-434e-B743-C2CDA5800D75}
    %PhotosmartEssentialNOPODGUID%={3C2E7DE1-4FE5-475e-89D7-BA64C1C7B059}
    %pcihelp%=%sourcepath%Setup\ps_aio_help\
    %pcipath%=%InstallDirx86%Digital Imaging\%CDGuid%\Product\
    %pcitour%=%sourcepath%Setup\Tour\
    %prlhelp%=%InstallDirx86%Digital Imaging\%CDGuid%\Setup\ps_aio_help\
    %prltour%=%InstallDirx86%Digital Imaging\%CDGuid%\Setup\Tour\
    %InstallMainBin%=%InstallDirx86%Digital Imaging\bin\
    [MSI]
    InstallDir=%ProgramFilesx86%%Manufacturer%\
    _TargetDatFile=autorun,scr
    Launchbase=msiexec.exe
    commandline=ICE_SUFFIX=%ICE_SUFFIX%
    [SUI.OPTIN]
    Qualifier=%LangQualifier%
    LaunchBase=%sourcepath%setup\
    1=hpzgat01.exe -on -gate MARS -f %datfile%
    [SUI.OPTOUT]
    Qualifier=%LangQualifier%
    LaunchBase=%sourcepath%setup\
    1=hpzgat01.exe -off -gate MARS -f %datfile%
    [SUI]
    Opt-In_Default=ON
    [LanguageMap]
    _TargetDatFile=autorun,scr
    0x0409=enu
    0x0404=cht
    0x0804=chs
    0x0405=csy
    0x0406=dan
    0x0407=deu
    0x0408=ell
    0x040a=esn
    0x040b=fin
    0x040c=fra
    0x040e=hun
    0x0410=ita
    0x0411=jpn
    0x0412=kor
    0x0413=nld
    0x0414=nob
    0x0415=plk
    0x0416=ptb
    0x0419=rus
    0x041d=sve
    0x041f=trk
    0x0c04=cht
    0x1004=chs
    0x1404=cht
    0x0813=nld
    0x0809=enu
    0x0c09=enu
    0x1009=enu
    0x1409=enu
    0x1809=enu
    0x1c09=enu
    0x2009=enu
    0x2409=enu
    0x2809=enu
    0x2c09=enu
    0x080c=fra
    0x0c0c=fra
    0x100c=fra
    0x140c=fra
    0x180c=fra
    0x0456=esn
    0x0807=deu
    0x0c07=deu
    0x1007=deu
    0x1407=deu
    0x0810=ita
    0x0812=kor
    0x0c0a=esn
    0x080a=esn
    0x100a=esn
    0x140a=esn
    0x180a=esn
    0x1c0a=esn
    0x200a=esn
    0x240a=esn
    0x280a=esn
    0x2c0a=esn
    0x300a=esn
    0x340a=esn
    0x380a=esn
    0x3c0a=esn
    0x400a=esn
    0x440a=esn
    0x480a=esn
    0x4c0a=esn
    0x500a=esn
    0x042d=esn
    0x0403=esn
    0x081d=sve
    0x0422=rus
    0x0816=ptb
    0x040d=heb
    0x041e=xxx
    0x0401=ara
    0x0801=ara
    0x0c01=ara
    0x1001=ara
    0x1401=ara
    0x1801=ara
    0x1c01=ara
    0x2001=ara
    0x2401=ara
    0x2801=ara
    0x2c01=ara
    0x3001=ara
    0x3401=ara
    0x3801=ara
    0x3c01=ara
    0x4001=ara
    [TwoLetterLanguageMap]
    _TargetDatFile=autorun,scr
    ara=ar
    cht=zh
    chs=zh
    csy=cs
    dan=da
    deu=de
    ell=el
    enu=en
    esn=es
    fin=fi
    fra=fr
    heb=he
    hun=hu
    ita=it
    jpn=ja
    kor=ko
    nld=nl
    nob=no
    plk=pl
    ptb=pt
    rus=ru
    sve=sv
    trk=tr
    [PreInstalls]
    1=Kahuna1
    2=Kahuna2
    3=Kahuna3
    4=Kahuna4
    5=Kahuna5
    6=Kahuna6
    7=Kahuna7
    [PreInstalls.Kahuna1]
    CDGUID={5D22B85D-6503-4c4d-8BE1-D5CD9E0F5181}
    1={7AB63E68-A8E2-49EF-A575-CCEC39F66312}
    2={45B6180B-DCAB-4093-8EE8-6164457517F0}
    [PreInstalls.Kahuna2]
    CDGUID={5D32B85D-6503-4c4d-8BE1-D5CD9E0F5181}
    1={45B6180B-DCAB-4093-8EE8-6164457517F0}
    2={19E1E220-E757-43bd-AC1A-EC095CB8A667}
    3={F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}
    [PreInstalls.Kahuna3]
    CDGUID={C6C44651-7C66-4b11-92E8-17565D3D22DD}
    1={45B6180B-DCAB-4093-8EE8-6164457517F0}
    2={15B9DC72-73F9-4d99-9E28-848D66DA8D99}
    3={F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}
    4={0FABD3D7-3036-4e78-B29D-58957ADB0A12}
    [PreInstalls.Kahuna4]
    CDGUID={5E1494D4-3562-4FFB-B35C-600F80F6934C}
    1={45B6180B-DCAB-4093-8EE8-6164457517F0}
    2={15B9DC72-73F9-4d99-9E28-848D66DA8D99}
    3={A1062847-0846-427A-92A1-BB8251A91E91}
    [PreInstalls.Kahuna5]
    CDGUID={0D182A5E-AEE0-42ca-BD1D-4EEB2FFA256D}
    1={A1062847-0846-427A-92A1-BB8251A91E91}
    2={4C04DF1B-6A39-4299-9DD1-1FA60000266E}
    3={AAC4FC36-8F89-4587-8DD3-EBC57C83374D}
    [PreInstalls.Kahuna6]
    CDGUID={D0420D64-8D33-4374-A2B2-9225C7925CA6}
    1={A1062847-0846-427A-92A1-BB8251A91E91}
    2={4C04DF1B-6A39-4299-9DD1-1FA60000266E}
    3={AAC4FC36-8F89-4587-8DD3-EBC57C83374D}
    [PreInstalls.Kahuna7]
    CDGUID={32498B7B-E1F3-4ad5-A23B-F26414E94BE0}
    1={342C7C88-D335-4bc2-8CF1-281857629CE2}
    2={ABA2B37F-AB88-486e-870A-52454A23FEE0}
    3={BA2D9411-DBB4-43e4-9421-780413650A67}
    [SystemRequirements]
    AdminRightRequired=1
    RunIfFailureAsynch=
    RunIfFailureSynch=
    RunIfFailureSynchTimeout=
    RunIfWarningAsynch=
    RunIfWarningSynch=
    RunIfWarningSynchTimeout=
    checkspooler=No
    installspace=916
    maxos=
    mincolors=16
    mincputext=Pentium II, K6, Transmeta 5400
    mindisk=885
    mindisplay=800x600
    minie=6.00.2600.0000
    minmhz=233
    minram=56
    minsysdisk=250
    oslist=500,501,501_64,600,600_64
    reccolors=16
    reccputext=Pentium II, K6, Transmeta 5400
    recdisk=885
    recdisplay=800x600
    recie=6.00.2600.0000
    recmhz=233
    recram=56
    recsysdisk=250
    sectionlist=Buckets
    warnproducttypelist=3
    blockproducttypelist=3
    [SystemRequirements.600]
    MinBuildNumber=6000
    RecBuildNumber=6000
    checkspooler=No
    installspace=916
    maxos=
    mincolors=16
    mincputext=Pentium II, K6, Transmeta 5400
    mindisk=930
    mindisplay=800x600
    minie=6.00.2600.0000
    minmhz=233
    minram=56
    minsysdisk=160
    oslist=500,501,501_64,600,600_64
    reccolors=16
    reccputext=Pentium II, K6, Transmeta 5400
    recdisk=930
    recdisplay=800x600
    recie=6.00.2600.0000
    recmhz=233
    recram=56
    recsysdisk=160
    sectionlist=Buckets
    warnproducttypelist=3
    blockproducttypelist=3
    [SystemRequirements.Min]
    SysReqPlugIn=%sourcepath%setup\hpzchk01.exe
    [OSBlock.400]
    launchbase=Setup\
    1=hpzchk01.exe
    [OSBlock.410]
    launchbase=Setup\
    1=hpzchk01.exe
    [OSBlock.490]
    launchbase=Setup\
    1=hpzchk01.exe
    [RunAs]
    launchbase=Setup\
    Qualifier=%OS%
    [RunAs.500]
    launchbase=Setup\
    1=hpzchk01.exe
    [RunAs.501]
    launchbase=Setup\
    1=hpzchk01.exe
    [RunAs.501_64]
    launchbase=Setup\
    1=hpzchk01.exe
    [Run1]
    launchbase=%sourcepath%setup\
    1=hpzpnp%ICE_SUFFIX%.exe
    2=hpzpsc01.exe -OSUP
    3=hpzrein01.exe
    4=hpzwup01.exe
    5=hpzshl%ICE_SUFFIX%.exe -m WebPrintShield
    6=hpzshl%ICE_SUFFIX%.exe -m DelayedReboot
    qualifier=%os%
    [Run2]
    launchbase=%sourcepath%setup\
    1=hpzopt01.exe
    2=hpqbhp01.exe
    3=hpzpsc01.exe -list ProductReleases -CPE
    4=hpzsui01.exe
    5=hpzshl%ICE_SUFFIX%.exe -m Printer,ICEPreShield,HPSecurity,CompositeDev,MassStorage,CloseManagerofTrayApp
    6=[Run.SetRecovery]
    qualifier=%os%
    [Run3]
    launchbase=%sourcepath%Setup\
    1=[PatchesAvailable]
    2=hpzprl%ICE_SUFFIX%.exe -m PreloadICEEngineToGUIDFolder
    3=hpzprl%ICE_SUFFIX%.exe -m PreloadICEExes
    4=[DPInstRunXML]
    5=[dot4wrp]
    6=[Run.stepbystep]
    7=hpznop01.exe -PostRegisteredMessage WM_START_BITMAP_TIMER
    8=hpzcdl01.exe -storesourcepath
    9=[BucketsAvailable]
    10=[Run.easyinstall]
    11=[Run.CommitFull]
    qualifier=%os%
    [Run.StepByStep]
    1=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall -runifoff
    2=hpzdui%ICE_SUFFIX%.exe -gateoncmdline easyinstall -runifoff
    3=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall –runifoff
    [Run.EasyInstall]
    1=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall
    2=hpzdui%ICE_SUFFIX%.exe -gateoncmdline easyinstall
    3=hpzpnp%ICE_SUFFIX%.exe -clean -gateoncmdline easyinstall
    [Uninstall]
    launchbase=%sourcepath%setup\
    1=hpzscr%ICE_SUFFIX%.exe -datfile %ProductScrubberDatfile% -onestop
    [ARP.SuppressRebootList]
    hpzscr%ICE_SUFFIX%.exe=-r0
    msiexec.exe=Reboot="ReallySuppress"
    [Prescrub.CPE]
    launchbase=%sourcepath%Setup\
    SkipOnReinstall=SW
    [MSI.FX]
    Filename=netfx.msi
    RefCount=No
    Logfilename=%Temp%hpzFx_Log.txt
    CopyToTemp=netfx.msi,netfx1.cab
    [MSI.FXLangPack]
    Filename=Langpacks\%lang%\langpack.msi
    RefCount=No
    Logfilename=%Temp%hpzFx%lang%_Log.txt
    CopyToTemp=Langpacks\%lang%\langpack.msi,Langpacks\%lang%\langpac1.cab
    [MSI.FXLangPack.0x9]
    Filename=None.msi
    RefCount=No
    UI=No
    CopyToTemp=hpzmsi01.exe
    IgnoreReturnCode=Yes
    [MSI.FXLangPack.0x1]
    Filename=None.msi
    RefCount=No
    UI=No
    CopyToTemp=hpzmsi01.exe
    IgnoreReturnCode=Yes
    [MSI.FXLangPack.0xd]
    Filename=None.msi
    RefCount=No
    UI=Yes
    CopyToTemp=hpzmsi01.exe
    IgnoreReturnCode=Yes
    [NetFx]
    SkipIfOS=600,600_64
    1=StopMSIService
    2=Core
    3=LangPack
    [NetFx.StopMSIService]
    1=%sourcepath%setup\hpzwis01.exe -stop
    [NetFx.Core]
    RegValueToLookFor=OCM
    RegKeyToLookFor=SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322
    RegValueShouldBeEqualTo=1
    1=%sourcepath%setup\hpzmsi01.exe -m FX
    [NetFx.LangPack]
    Qualifier=%PrimaryLangQualifier%
    RegValueToLookFor=OCM
    RegKeyToLookFor=SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322\%langid%
    RegValueShouldBeEqualTo=1
    1=%sourcepath%setup\hpzmsi01.exe -m FXLangPack
    [NetFx.LangPack.0x9]
    1=%sourcepath%setup\hpznop01.exe
    [NetFx.LangPack.0x1]
    1=%sourcepath%setup\hpznop01.exe
    [NetFx.LangPack.0xd]
    1=%sourcepath%setup\hpznop01.exe
    [NetFx.LangPack.0xa]
    RegKeyToLookFor=SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322\3082
    [Setup.Text]
    hpznfx01.exe=Installing Microsoft .NET Framework
    hpzdxs01.exe=Installing Microsoft DirectX 9.0
    HPZpsc01.exe=Searching for installed applications
    HPZchk01.exe=Checking System Requirements
    HPZwis01.exe=Updating Windows Installer Service
    HPZpnp01.exe=Checking hardware
    HPZscr01.exe=Uninstalling
    HPZwrp01.exe=Installing Additional Software
    HPZarp01.exe=Creating Add/Remove Programs entries
    HPZrcv01.exe=Setting Recovery Point
    HPZdui01.exe=Connecting device
    HPZshl01.exe=Inspecting system
    HPZopt01.exe=Waiting for user input
    HPZsui01.exe=Waiting for user input
    HPZrein01.exe=Waiting for user input
    HPZtim01.exe=Waiting for user input
    HPZdui40.exe=Connecting device
    HPZpnp40.exe=Checking hardware
    HPZscr40.exe=Uninstalling
    HPZshl40.exe=Inspecting system
    HPZnui01.exe=Installing Network Device
    [Setup.Text.0x804]
    hpznfx01.exe=ÕýÔÚ°²×° Microsoft .NET Framework
    hpzdxs01.exe=ÕýÔÚ°²×° Microsoft DirectX 9.0
    HPZpsc01.exe=²éÕÒÒѰ²×°µÄÓ¦ÓóÌÐò
    HPZchk01.exe=¼ì²éϵͳÐèÇó
    HPZwis01.exe=¸üРWindows Installer ·þÎñ
    HPZpnp01.exe=¼ì²éÓ²¼þ
    HPZscr01.exe=Ð¶ÔØ
    HPZwrp01.exe=°²×°ÆäËûÈí¼þ
    HPZarp01.exe=´´½¨¡°Ìí¼Ó/ɾ³ý³ÌÐò¡±ÏîÄ¿
    HPZrcv01.exe=ÉèÖû¹Ô­µã
    HPZdui01.exe=Á¬½ÓÉ豸
    HPZshl01.exe=¼ì²éϵͳ
    HPZopt01.exe=µÈ´ýÓû§ÊäÈë
    HPZsui01.exe=µÈ´ýÓû§ÊäÈë
    HPZrein01.exe=µÈ´ýÓû§ÊäÈë
    HPZtim01.exe=µÈ´ýÓû§ÊäÈë
    HPZdui40.exe=Á¬½ÓÉ豸
    HPZpnp40.exe=¼ì²éÓ²¼þ
    HPZscr40.exe=Ð¶ÔØ
    HPZshl40.exe=¼ì²éϵͳ
    HPZnui01.exe=°²×°ÍøÂçÉ豸
    [Setup.Text.0x404]
    hpznfx01.exe=¦w¸Ë Microsoft .NET Framework
    hpzdxs01.exe=¦w¸Ë Microsoft DirectX 9.0
    HPZpsc01.exe=·j´M¤w¦w¸ËªºÀ³¥Îµ{¦¡
    HPZchk01.exe=Àˬd¨t²Î»Ý¨D
    HPZwis01.exe=¤É¯Å Windows Installer ªA°È
    HPZpnp01.exe=ÀˬdµwÅé
    HPZscr01.exe=¸Ñ°£¦w¸Ë¤¤
    HPZwrp01.exe=¦w¸Ë¨ä¥L³nÅé
    HPZarp01.exe=«Ø¥ß·s¼W/²¾°£µ{¦¡¶µ¥Ø
    HPZrcv01.exe=³]©w­×´_ÂI
    HPZdui01.exe=³s±µ¸Ë¸m
    HPZshl01.exe=°»´ú¨t²Î
    HPZopt01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
    HPZsui01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
    HPZrein01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
    HPZtim01.exe=µ¥«Ý¨Ï¥ÎªÌ¿é¤J
    HPZdui40.exe=³s±µ¸Ë¸m
    HPZpnp40.exe=ÀˬdµwÅé
    HPZscr40.exe=¸Ñ°£¦w¸Ë¤¤
    HPZshl40.exe=°»´ú¨t²Î
    HPZnui01.exe=¦w¸Ëºô¸ô¸Ë¸m
    [Setup.Text.0x5]
    hpznfx01.exe=Instaluje se Microsoft .NET Framework
    hpzdxs01.exe=Instaluje se Microsoft DirectX 9.0
    HPZpsc01.exe=Vyhledávání nainstalovaných aplikací
    HPZchk01.exe=Kontrola požadavkù na systém
    HPZwis01.exe=Aktualizace služby Windows Installer
    HPZpnp01.exe=Kontrola hardwaru
    HPZscr01.exe=Odinstalace
    HPZwrp01.exe=Instalace dalšího softwaru
    HPZarp01.exe=Vytváøení položek v panelu Pøidat nebo odebrat programy
    HPZrcv01.exe=Nastavení bodu obnovení
    HPZdui01.exe=Pøipojení zaøízení
    HPZshl01.exe=Kontrola systému
    HPZopt01.exe=Èekání na vstup od uživatele
    HPZsui01.exe=Èekání na vstup od uživatele
    HPZrein01.exe=Èekání na vstup od uživatele
    HPZtim01.exe=Èekání na vstup od uživatele
    HPZdui40.exe=Pøipojení zaøízení
    HPZpnp40.exe=Kontrola hardwaru
    HPZscr40.exe=Odinstalace
    HPZshl40.exe=Kontrola systému
    HPZnui01.exe=Instalace síového zaøízení
    [Setup.Text.0x6]
    hpznfx01.exe=Installerer Microsoft .NET Framework
    hpzdxs01.exe=Installerer Microsoft DirectX 9.0
    HPZpsc01.exe=Søger efter allerede installerede programmer
    HPZchk01.exe=Undersøger systemkrav
    HPZwis01.exe=Opdaterer tjenesten Windows Installer
    HPZpnp01.exe=Undersøger hardware
    HPZscr01.exe=Fjerner
    HPZwrp01.exe=Installerer yderligere software
    HPZarp01.exe=Opretter poster i Tilføj/fjern programmer
    HPZrcv01.exe=Indstiller gendannelsespunkt
    HPZdui01.exe=Tilslutter enhed
    HPZshl01.exe=Undersøger system
    HPZopt01.exe=Venter på brugerinput
    HPZsui01.exe=Venter på brugerinput
    HPZrein01.exe=Venter på brugerinput
    HPZtim01.exe=Venter på brugerinput
    HPZdui40.exe=Tilslutter enhed
    HPZpnp40.exe=Undersøger hardware
    HPZscr40.exe=Fjerner
    HPZshl40.exe=Undersøger system
    HPZnui01.exe=Installerer netværksenhed
    [Setup.Text.0x7]
    hpznfx01.exe=Microsoft .NET Framework wird installiert
    hpzdxs01.exe=Microsoft DirectX 9.0 wird installiert
    HPZpsc01.exe=Installierte Anwendungen werden gesucht
    HPZchk01.exe=Systemanforderungen werden geprüft
    HPZwis01.exe=Windows-Installationsdienst wird aktualisiert
    HPZpnp01.exe=Hardware wird geprüft
    HPZscr01.exe=Deinstallieren
    HPZwrp01.exe=Weitere Software wird installiert
    HPZarp01.exe=Einträge zum Hinzufügen/Entfernen von Programmen werden erstellt
    HPZrcv01.exe=Wiederherstellungsdaten werden gespeichert
    HPZdui01.exe=Gerät wird verbunden
    HPZshl01.exe=System wird untersucht
    HPZopt01.exe=Warten auf Benutzereingabe
    HPZsui01.exe=Warten auf Benutzereingabe
    HPZrein01.exe=Warten auf Benutzereingabe
    HPZtim01.exe=Warten auf Benutzereingabe
    HPZdui40.exe=Gerät wird verbunden
    HPZpnp40.exe=Hardware wird geprüft
    HPZscr40.exe=Deinstallieren
    HPZshl40.exe=System wird untersucht
    HPZnui01.exe=Netzwerkgerät wird installiert
    [Setup.Text.0x8]
    hpznfx01.exe=ÅãêáôÜóôáóç Microsoft .NET Framework
    hpzdxs01.exe=ÅãêáôÜóôáóç Microsoft DirectX 9.0
    HPZpsc01.exe=ÁíáæÞôçóç åãêáôåóôçìÝíùí åöáñìïãþí
    HPZchk01.exe=¸ëåã÷ïò ôùí áðáéôÞóåùí ôïõ óõóôÞìáôïò
    HPZwis01.exe=ÁíáâÜèìéóç ôçò õðçñåóßáò Windows Installer
    HPZpnp01.exe=¸ëåã÷ïò õëéêïý
    HPZscr01.exe=ÊáôÜñãçóç åãêáôÜóôáóçò
    HPZwrp01.exe=ÅãêáôÜóôáóç ðñüóèåôïõ ëïãéóìéêïý
    HPZarp01.exe=Äçìéïõñãßá êáôá÷ùñÞóåùí ãéá ôçí åöáñìïãÞ "Ðñïóèáöáßñåóç ÐñïãñáììÜôùí"
    HPZrcv01.exe=Ïñéóìüò óçìåßïõ áíÜêôçóçò
    HPZdui01.exe=Óýíäåóç óõóêåõÞò
    HPZshl01.exe=ÅîÝôáóç óõóôÞìáôïò
    HPZopt01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
    HPZsui01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
    HPZrein01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
    HPZtim01.exe=ÁíáìïíÞ åéóáãùãÞò áðü ôï ÷ñÞóôç
    HPZdui40.exe=Óýíäåóç óõóêåõÞò
    HPZpnp40.exe=¸ëåã÷ïò õëéêïý
    HPZscr40.exe=ÊáôÜñãçóç åãêáôÜóôáóçò
    HPZshl40.exe=ÅîÝôáóç óõóôÞìáôïò
    HPZnui01.exe=ÅãêáôÜóôáóç óõóêåõÞò äéêôýïõ
    [Setup.Text.0x9]
    hpznfx01.exe=Installing Microsoft .NET Framework
    hpzdxs01.exe=Installing Microsoft DirectX 9.0
    HPZpsc01.exe=Searching for installed applications
    HPZchk01.exe=Checking System Requirements
    HPZwis01.exe=Updating Windows Installer Service
    HPZpnp01.exe=Checking hardware
    HPZscr01.exe=Uninstalling
    HPZwrp01.exe=Installing Additional Software
    HPZarp01.exe=Creating Add/Remove Programs entries
    HPZrcv01.exe=Setting Recovery Point
    HPZdui01.exe=Connecting device
    HPZshl01.exe=Inspecting system
    HPZopt01.exe=Waiting for user input
    HPZsui01.exe=Waiting for user input
    HPZrein01.exe=Waiting for user input
    HPZtim01.exe=Waiting for user input
    HPZdui40.exe=Connecting device
    HPZpnp40.exe=Checking hardware
    HPZscr40.exe=Uninstalling
    HPZshl40.exe=Inspecting system
    HPZnui01.exe=Installing Network Device
    [Setup.Text.0xa]
    hpznfx01.exe=Instalando Microsoft .NET Framework
    hpzdxs01.exe=Instalando Microsoft DirectX 9.0
    HPZpsc01.exe=Buscando aplicaciones instaladas
    HPZchk01.exe=Comprobando los requisitos del sistema
    HPZwis01.exe=Actualizando el servicio Windows Installer
    HPZpnp01.exe=Comprobando el hardware
    HPZscr01.exe=Desinstalando
    HPZwrp01.exe=Instalando software adicional
    HPZarp01.exe=Creando entradas para Agregar o quitar programas
    HPZrcv01.exe=Estableciendo punto de recuperación
    HPZdui01.exe=Conectando dispositivo
    HPZshl01.exe=Inspeccionando el sistema
    HPZopt01.exe=Esperando datos del usuario
    HPZsui01.exe=Esperando datos del usuario
    HPZrein01.exe=Esperando datos del usuario
    HPZtim01.exe=Esperando datos del usuario
    HPZdui40.exe=Conectando dispositivo
    HPZpnp40.exe=Comprobando el hardware
    HPZscr40.exe=Desinstalando
    HPZshl40.exe=Inspeccionando el sistema
    HPZnui01.exe=Instalando el dispositivo de red
    [Setup.Text.0xb]
    hpznfx01.exe=Ohjelma asentaa Microsoft .NET Framework -ohjelmaa
    hpzdxs01.exe=Ohjelma asentaa Microsoft DirectX 9.0 -ohjelmaa
    HPZpsc01.exe=Etsitään asennettuja sovelluksia
    HPZchk01.exe=Tarkastetaan järjestelmävaatimuksia
    HPZwis01.exe=Päivitetään Windows Installer -palvelua
    HPZpnp01.exe=Tarkastetaan laitteistoa
    HPZscr01.exe=Asennusta poistetaan
    HPZwrp01.exe=Asennetaan muita ohjelmia
    HPZarp01.exe=Luodaan Lisää tai poista sovellus -ikkunan tietoja
    HPZrcv01.exe=Määritetään palautuspistettä
    HPZdui01.exe=Kytketään laitetta
    HPZshl01.exe=Tarkastetaan järjestelmää
    HPZopt01.exe=Odotetaan käyttäjän syötettä
    HPZsui01.exe=Odotetaan käyttäjän syötettä
    HPZrein01.exe=Odotetaan käyttäjän syötettä
    HPZtim01.exe=Odotetaan käyttäjän syötettä
    HPZdui40.exe=Kytketään laitetta
    HPZpnp40.exe=Tarkastetaan laitteistoa
    HPZscr40.exe=Asennusta poistetaan
    HPZshl40.exe=Tarkastetaan järjestelmää
    HPZnui01.exe=Asennetaan verkkolaitetta
    [Setup.Text.0xc]
    hpznfx01.exe=Installation de Microsoft .NET Framework
    hpzdxs01.exe=Installation de Microsoft DirectX 9.0
    HPZpsc01.exe=Recherche des applications installées
    HPZchk01.exe=Vérification de la configuration système requise
    HPZwis01.exe=Mise à jour du service Windows Installer
    HPZpnp01.exe=Vérification du matériel
    HPZscr01.exe=Désinstallation
    HPZwrp01.exe=Installation de logiciel supplémentaire
    HPZarp01.exe=Création d'entrées dans la boîte de dialogue Ajout/Suppression de programmes
    HPZrcv01.exe=Définition du point de récupération
    HPZdui01.exe=Connexion du périphérique
    HPZshl01.exe=Inspection du système
    HPZopt01.exe=Attente d'une intervention de l'utilisateur
    HPZsui01.exe=Attente d'une intervention de l'utilisateur
    HPZrein01.exe=Attente d'une intervention de l'utilisateur
    HPZtim01.exe=Attente d'une intervention de l'utilisateur
    HPZdui40.exe=Connexion du périphérique
    HPZpnp40.exe=Vérification du matériel
    HPZscr40.exe=Désinstallation
    HPZshl40.exe=Inspection du système
    HPZnui01.exe=Installation du périphérique réseau
    [Setup.Text.0xe]
    hpznfx01.exe=Microsoft .NET Framework telepítése
    hpzdxs01.exe=Microsoft DirectX 9.0 telepítése
    HPZpsc01.exe=Telepített alkalmazások keresése
    HPZchk01.exe=Rendszerkövetelmények ellenõrzése
    HPZwis01.exe=Windows telepítõszolgáltatás frissítése
    HPZpnp01.exe=Hardver ellenõrzése
    HPZscr01.exe=Eltávolítás
    HPZwrp01.exe=További programok telepítése
    HPZarp01.exe=Elem létrehozása a Programok telepítése/törlése részben
    HPZrcv01.exe=Helyreállítási pont beállítása
    HPZdui01.exe=Kapcsolódás az eszközhöz
    HPZshl01.exe=Rendszer elemzése
    HPZopt01.exe=Várakozás felhasználói adatbevitelre
    HPZsui01.exe=Várakozás felhasználói adatbevitelre
    HPZrein01.exe=Várakozás felhasználói adatbevitelre
    HPZtim01.exe=Várakozás felhasználói adatbevitelre
    HPZdui40.exe=Kapcsolódás az eszközhöz
    HPZpnp40.exe=Hardver ellenõrzése
    HPZscr40.exe=Eltávolítás
    HPZshl40.exe=Rendszer elemzése
    HPZnui01.exe=Hálózati eszköz telepítése
    [Setup.Text.0x10]
    hpznfx01.exe=Installazione di Microsoft .NET Framework
    hpzdxs01.exe=Installazione di Microsoft DirectX 9.0
    HPZpsc01.exe=Ricerca delle applicazioni installate
    HPZchk01.exe=Verifica dei requisiti di sistema
    HPZwis01.exe=Aggiornamento del servizio Windows Installer
    HPZpnp01.exe=Verifica dell'hardware
    HPZscr01.exe=Disinstallazione
    HPZwrp01.exe=Installazione del software supplementare
    HPZarp01.exe=Creazione delle voci di Installazione applicazioni
    HPZrcv01.exe=Impostazione del punto di ripristino
    HPZdui01.exe=Collegamento della periferica
    HPZshl01.exe=Analisi del sistema
    HPZopt01.exe=Attesa input utente
    HPZsui01.exe=Attesa input utente
    HPZrein01.exe=Attesa input utente
    HPZtim01.exe=Attesa input utente
    HPZdui40.exe=Collegamento della periferica
    HPZpnp40.exe=Verifica dell'hardware
    HPZscr40.exe=Disinstallazione
    HPZshl40.exe=Analisi del sistema
    HPZnui01.exe=Installazione della periferica di rete
    [Setup.Text.0x11]
    hpznfx01.exe=Microsoft .NET Framework ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ä‚¢‚Ü‚·
    hpzdxs01.exe=Microsoft DirectX 9.0 ‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ä‚¢‚Ü‚·
    HPZpsc01.exe=ƒCƒ“ƒXƒg[ƒ‹‚³‚ê‚Ä‚¢‚éƒAƒvƒŠƒP[ƒVƒ‡ƒ“‚ðŒŸõ‚µ‚Ä‚¢‚Ü‚·
    HPZchk01.exe=ƒVƒXƒeƒ€•K—vðŒ‚̃`ƒFƒbƒN’†
    HPZwis01.exe=Windows ƒCƒ“ƒXƒg[ƒ‰ ƒT[ƒrƒX‚ÌXV’†
    HPZpnp01.exe=ƒn[ƒhƒEƒFƒA‚̃`ƒFƒbƒN’†
    HPZscr01.exe=ƒAƒ“ƒCƒ“ƒXƒg[ƒ‹’†
    HPZwrp01.exe=‚»‚Ì‘¼‚̃\ƒtƒgƒEƒFƒA‚ðƒCƒ“ƒXƒg[ƒ‹‚µ‚Ä‚¢‚Ü‚·
    HPZarp01.exe=’ljÁ^휃vƒƒOƒ‰ƒ€ ƒGƒ“ƒgƒŠ‚ð쬂µ‚Ä‚¢‚Ü‚·
    HPZrcv01.exe=‰ñ•œƒ|ƒCƒ“ƒg‚ÌÝ’è’†
    HPZdui01.exe=ƒfƒoƒCƒX‚ÌÚ‘±’†
    HPZshl01.exe=ƒVƒXƒeƒ€ŒŸ¸’†
    HPZopt01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
    HPZsui01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
    HPZrein01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
    HPZtim01.exe=ƒ†[ƒU[‚©‚ç‚Ì“ü—Í‚ð‘Ò‚Á‚Ä‚¢‚Ü‚·
    HPZdui40.exe=ƒfƒoƒCƒX‚ÌÚ‘±’†
    HPZpnp40.exe=ƒn[ƒhƒEƒFƒA‚̃`ƒFƒbƒN’†
    HPZscr40.exe=ƒAƒ“ƒCƒ“ƒXƒg[ƒ‹’†
    HPZshl40.exe=ƒVƒXƒeƒ€ŒŸ¸’†
    HPZnui01.exe=ƒlƒbƒgƒ[ƒN ƒfƒoƒCƒX‚̃Cƒ“ƒXƒg[ƒ‹
    [Setup.Text.0x12]
    hpznfx01.exe=Microsoft .NET Framework ¼³Ä¡
    hpzdxs01.exe=Microsoft DirectX 9.0 ¼³Ä¡
    HPZpsc01.exe=¼³Ä¡ÇÑ ÀÀ¿ë ÇÁ·Î±×·¥À» ã´Â Áß
    HPZchk01.exe=½Ã½ºÅÛ ¿ä±¸ »çÇ× È®ÀÎ Áß
    HPZwis01.exe=Windows ¼³Ä¡ ¼­ºñ½º ¾÷µ¥ÀÌÆ®ÇÏ´Â Áß
    HPZpnp01.exe=Çϵå¿þ¾î¸¦ °Ë»çÇÏ´Â Áß
    HPZscr01.exe=Á¦°Å Áß
    HPZwrp01.exe=Ãß°¡ ¼ÒÇÁÆ®¿þ¾î ¼³Ä¡ Áß
    HPZarp01.exe=ÇÁ·Î±×·¥ Ç׸ñ Ãß°¡/Á¦°Å ¸¸µå´Â Áß
    HPZrcv01.exe=º¹±¸ Æ÷ÀÎÆ® ¼³Á¤ Áß
    HPZdui01.exe=ÀåÄ¡ ¿¬°á Áß
    HPZshl01.exe=½Ã½ºÅÛ °Ë»ç Áß
    HPZopt01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
    HPZsui01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
    HPZrein01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
    HPZtim01.exe=»ç¿ëÀÚ ÀÔ·Â ´ë±â Áß
    HPZdui40.exe=ÀåÄ¡ ¿¬°á Áß
    HPZpnp40.exe=Çϵå¿þ¾î¸¦ °Ë»çÇÏ´Â Áß
    HPZscr40.exe=Á¦°Å Áß
    HPZshl40.exe=½Ã½ºÅÛ °Ë»ç Áß
    HPZnui01.exe=³×Æ®¿öÅ© ÀåÄ¡ ¼³Ä¡ Áß
    [Setup.Text.0x13]
    hpznfx01.exe='Microsoft .NET Framework' installeren
    hpzdxs01.exe='Microsoft DirectX 9.0' installeren
    HPZpsc01.exe=Bezig met zoeken naar geïnstalleerde toepassingen
    HPZchk01.exe=Bezig met controleren van systeemvereisten
    HPZwis01.exe=Bezig met bijwerken van Windows Installer-service
    HPZpnp01.exe=Bezig met controleren van hardware
    HPZscr01.exe=Bezig met ongedaan maken van installatie
    HPZwrp01.exe=Bezig met installeren van aanvullende software
    HPZarp01.exe=Bezig met aanmaken van items voor Software
    HPZrcv01.exe=Bezig met maken van herstelpunt
    HPZdui01.exe=Bezig met aansluiten van apparaat
    HPZshl01.exe=Bezig met systeemcontrole
    HPZopt01.exe=Wachten op invoer van gebruiker
    HPZsui01.exe=Wachten op invoer van gebruiker
    HPZrein01.exe=Wachten op invoer van gebruiker
    HPZtim01.exe=Wachten op invoer van gebruiker
    HPZdui40.exe=Bezig met aansluiten van apparaat
    HPZpnp40.exe=Bezig met controleren van hardware
    HPZscr40.exe=Bezig met ongedaan maken van installatie
    HPZshl40.exe=Bezig met systeemcontrole
    HPZnui01.exe=Bezig met installeren van netwerkapparaat
    [Setup.Text.0x14]
    hpznfx01.exe=Installerer 'Microsoft .NET Framework'
    hpzdxs01.exe=Installerer 'Microsoft DirectX 9.0'
    HPZpsc01.exe=Søker etter installerte programmer
    HPZchk01.exe=Kontrollerer systemkrav
    HPZwis01.exe=Oppdaterer Windows-installeringstjeneste
    HPZpnp01.exe=Kontrollerer maskinvare
    HPZscr01.exe=Avinstallerer
    HPZwrp01.exe=Installerer tilleggsprogramvare
    HPZarp01.exe=Oppretter oppføringer for Legg til / fjern programmer
    HPZrcv01.exe=Angir gjenopprettingspunkt
    HPZdui01.exe=Kobler til enhet
    HPZshl01.exe=Inspiserer system
    HPZopt01.exe=Venter på brukerinndata
    HPZsui01.exe=Venter på brukerinndata
    HPZrein01.exe=Venter på brukerinndata
    HPZtim01.exe=Venter på brukerinndata
    HPZdui40.exe=Kobler til enhet
    HPZpnp40.exe=Kontrollerer maskinvare
    HPZscr40.exe=Avinstallerer
    HPZshl40.exe=Inspiserer system
    HPZnui01.exe=Installere nettverksenhet
    [Setup.Text.0x15]
    hpznfx01.exe=Instalacja 'Microsoft .NET Framework'
    hpzdxs01.exe=Instalacja 'Microsoft DirectX 9.0'
    HPZpsc01.exe=Trwa wyszukiwanie zainstalowanych aplikacji
    HPZchk01.exe=Trwa sprawdzanie wymagañ systemowych
    HPZwis01.exe=Trwa aktualizowanie us³ugi Instalator Windows
    HPZpnp01.exe=Trwa sprawdzanie sprzêtu
    HPZscr01.exe=Trwa odinstalowywanie
    HPZwrp01.exe=Trwa instalowanie dodatkowego oprogramowania
    HPZarp01.exe=Trwa tworzenie wpisów aplikacji Dodaj/Usuñ programy
    HPZrcv01.exe=Trwa ustawianie punktu odzyskiwania danych
    HPZdui01.exe=Trwa pod³¹czanie urz¹dzenia
    HPZshl01.exe=Trwa inspekcja systemu
    HPZopt01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
    HPZsui01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
    HPZrein01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
    HPZtim01.exe=Trwa oczekiwanie na wprowadzenie danych przez u¿ytkownika
    HPZdui40.exe=Trwa pod³¹czanie urz¹dzenia
    HPZpnp40.exe=Trwa sprawdzanie sprzêtu
    HPZscr40.exe=Trwa odinstalowywanie
    HPZshl40.exe=Trwa inspekcja systemu
    HPZnui01.exe=Trwa instalowanie urz¹dzenia sieciowego
    [Setup.Text.0x16]
    hpznfx01.exe=Instalando o Microsoft .NET Framework
    hpzdxs01.exe=Instalando o Microsoft DirectX 9.0
    HPZpsc01.exe=Procurando aplicativos instalados
    HPZchk01.exe=Verificando exigências do sistema
    HPZwis01.exe=Atualizando o serviço Windows Installer
    HPZpnp01.exe=Verificando hardware
    HPZscr01.exe=Desinstalando
    HPZwrp01.exe=Instalando software adicional
    HPZarp01.exe=Criando entradas em Adicionar ou Remover Programas
    HPZrcv01.exe=Definindo ponto de recuperação
    HPZdui01.exe=Conectando dispositivo
    HPZshl01.exe=Inspecionando sistema
    HPZopt01.exe=Aguardando entrada do usuário
    HPZsui01.exe=Aguardando entrada do usuário
    HPZrein01.exe=Aguardando entrada do usuário
    HPZtim01.exe=Aguardando entrada do usuário
    HPZdui40.exe=Conectando dispositivo
    HPZpnp40.exe=Verificando hardware
    HPZscr40.exe=Desinstalando
    HPZshl40.exe=Inspecionando sistema
    HPZnui01.exe=Instalando dispositivo de rede
    [Setup.Text.0x19]
    hpznfx01.exe=Óñòàíîâêà Microsoft .NET Framework
    hpzdxs01.exe=Óñòàíîâêà Microsoft DirectX 9.0
    HPZpsc01.exe=Ïîèñê óñòàíîâëåííûõ ïðèëîæåíèé
    HPZchk01.exe=Ïðîâåðêà òðåáîâàíèé ê ñèñòåìå
    HPZwis01.exe=Îáíîâëåíèå ñëóæáû óñòàíîâêè Windows
    HPZpnp01.exe=Ïðîâåðêà àïïàðàòíîãî îáåñïå÷åíèÿ
    HPZscr01.exe=Óäàëåíèå
    HPZwrp01.exe=Óñòàíîâêà äîïîëíèòåëüíîãî ïðîãðàììíîãî îáåñïå÷åíèÿ
    HPZarp01.exe=Ñîçäàíèå çàïèñåé â îêíå Óñòàíîâêà è óäàëåíèå ïðîãðàìì
    HPZrcv01.exe=Óñòàíîâêà òî÷êè âîññòàíîâëåíèÿ
    HPZdui01.exe=Ñîåäèíåíèå ñ óñòðîéñòâîì
    HPZshl01.exe=Ïðîâåðêà ñèñòåìû
    HPZopt01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
    HPZsui01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
    HPZrein01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
    HPZtim01.exe=Îæèäàíèå äåéñòâèé ïîëüçîâàòåëÿ
    HPZdui40.exe=Ñîåäèíåíèå ñ óñòðîéñòâîì
    HPZpnp40.exe=Ïðîâåðêà àïïàðàòíîãî îáåñïå÷åíèÿ
    HPZscr40.exe=Óäàëåíèå
    HPZshl40.exe=Ïðîâåðêà ñèñòåìû
    HPZnui01.exe=Óñòàíîâêà ñåòåâîãî óñòðîéñòâà
    [Setup.Text.0x1d]
    hpznfx01.exe=Installerar Microsoft .NET Framework
    hpzdxs01.exe=Installerar Microsoft DirectX 9.0
    HPZpsc01.exe=Söker efter installerade program
    HPZchk01.exe=Kontrollerar systemkrav
    HPZwis01.exe=Uppdaterar tjänsten Windows Installer
    HPZpnp01.exe=Kontrollerar maskinvara
    HPZscr01.exe=Avinstallerar
    HPZwrp01.exe=Installerar ytterligare programvara
    HPZarp01.exe=Skapa poster för Lägg till/Ta bort program
    HPZrcv01.exe=Skapar återställningspunkt
    HPZdui01.exe=Ansluter enhet
    HPZshl01.exe=Kontrollerar system
    HPZopt01.exe=Väntar på användarindata
    HPZsui01.exe=Väntar på användarindata
    HPZrein01.exe=Väntar på användarindata
    HPZtim01.exe=Väntar på användarindata
    HPZdui40.exe=Ansluter enhet
    HPZpnp40.exe=Kontrollerar maskinvara
    HPZscr40.exe=Avinstallerar
    HPZshl40.exe=Kontrollerar system
    HPZnui01.exe=Installera nätverksenhet
    [Setup.Text.0x1f]
    hpznfx01.exe=Microsoft .NET Framework Yükleniyor
    hpzdxs01.exe=Microsoft DirectX 9.0 Yükleniyor
    HPZpsc01.exe=Yüklü uygulamalar aranýyor
    HPZchk01.exe=Sistem Gereksinimleri Kontrol Ediliyor
    HPZwis01.exe=Windows Yükleyici Hizmeti Güncelleþtiriliyor
    HPZpnp01.exe=Donaným kontrol ediliyor
    HPZscr01.exe=Yükleme kaldýrýlýyor
    HPZwrp01.exe=Ek Yazýlým Yükleniyor
    HPZarp01.exe=Program Ekle/Kaldýr giriþleri oluþturuluyor
    HPZrcv01.exe=Geri Dönüþ Noktasý Ayarlanýyor
    HPZdui01.exe=Aygýt baðlanýyor
    HPZshl01.exe=Sistem denetleniyor
    HPZopt01.exe=Kullanýcý giriþi bekleniyor
    HPZsui01.exe=Kullanýcý giriþi bekleniyor
    HPZrein01.exe=Kullanýcý giriþi bekleniyor
    HPZtim01.exe=Kullanýcý giriþi bekleniyor
    HPZdui40.exe=Aygýt baðlanýyor
    HPZpnp40.exe=Donaným kontrol ediliyor
    HPZscr40.exe=Yükleme kaldýrýlýyor
    HPZshl40.exe=Sistem denetleniyor
    HPZnui01.exe=Að Aygýtý Yükleniyor
    [Setup.Text.0x1]
    hpznfx01.exe=ÌÇÑí ÊËÈíÊ Microsoft .NET Framework
    hpzdxs01.exe=ÌÇÑí ÊËÈíÊ Microsoft DirectX 9.0
    HPZpsc01.exe=ÇáÈÍË Úä ÊØÈíÞÇÊ ãËÈÊÉ
    HPZchk01.exe=ÝÍÕ ãÊØáÈÇÊ ÇáäÙÇã
    HPZwis01.exe=ÊÍÏíË ÎÏãÉ ãËÈøÊ Windows
    HPZpnp01.exe=ÝÍÕ ÇáÃÌåÒÉ
    HPZscr01.exe=ÅáÛÇÁ ÇáÊËÈíÊ
    HPZwrp01.exe=ÊËÈíÊ ÈÑÇãÌ ÅÖÇÝíÉ
    HPZarp01.exe=ÅäÔÇÁ ÅÏÎÇáÇÊ 'ÅÖÇÝÉ/ÅÒÇáÉ ÈÑÇãÌ'
    HPZrcv01.exe=ÖÈØ äÞØÉ ÇÓÊÑÏÇÏ
    HPZdui01.exe=ÊæÕíá ÌåÇÒ
    HPZshl01.exe=ÝÍÕ ÇáäÙÇã
    HPZopt01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
    HPZsui01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
    HPZrein01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
    HPZtim01.exe=ÇáÇäÊÙÇÑ Åáì ÅÏÎÇá ÇáãÓÊÎÏã
    HPZdui40.exe=ÊæÕíá ÌåÇÒ
    HPZpnp40.exe=ÝÍÕ ÇáÃÌåÒÉ
    HPZscr40.exe=ÅáÛÇÁ ÇáÊËÈíÊ
    HPZshl40.exe=ÝÍÕ ÇáäÙÇã
    HPZnui01.exe=ÊËÈíÊ ÌåÇÒ ÇáÔÈßÉ
    [Setup.Text.0xd]
    hpznfx01.exe=îú÷éï Microsoft .NET Framework
    hpzdxs01.exe=îú÷éï Microsoft DirectX 9.0
    HPZpsc01.exe=îçôù ééùåîéí îåú÷ðéí
    HPZchk01.exe=áåã÷ ãøéùåú îòøëú
    HPZwis01.exe=îòãëï àú ùéøåú Windows Installerþ
    HPZpnp01.exe=áåã÷ çåîøä
    HPZscr01.exe=îñéø äú÷ðä
    HPZwrp01.exe=îú÷éï úåëðåú ðåñôåú
    HPZarp01.exe=éåöø òøëé äåñôä/äñøä ùì úåëðéåú
    HPZrcv01.exe=îâãéø ð÷åãú ùçæåø
    HPZdui01.exe=îçáø àú ääú÷ï
    HPZshl01.exe=áåçï àú äîòøëú
    HPZopt01.exe=îîúéï ì÷ìè ùì äîùúîù
    HPZsui01.exe=îîúéï ì÷ìè ùì äîùúîù
    HPZrein01.exe=îîúéï ì÷ìè ùì äîùúîù
    HPZtim01.exe=îîúéï ì÷ìè ùì äîùúîù
    HPZdui40.exe=îçáø àú ääú÷ï
    HPZpnp40.exe=áåã÷ çåîøä
    HPZscr40.exe=îñéø äú÷ðä
    HPZshl40.exe=áåçï àú äîòøëú
    HPZnui01.exe=îú÷éï äú÷ï øùú
    [MSI.SelfInstallingPortMonitor]
    InstallDir=%System%
    Filename=%sourcepath%setup\SIPM\HP_Standard_Port_Monitor.msi
    RefCount=No
    UI=No
    IgnoreNewerVersion=No
    SkipIfSilent=No
    SkipOnReinstall=DRV
    Logfilename=%Temp%%DIVISION%MSI_PortMonitor.log
    TRANSFORMS=SIPM\%langid%.MST
    [MSI.SelfInstallingPortMonitor_64]
    InstallDir=%System%
    Filename=%sourcepath%setup\SIPM_64\HP Standard Port Monitor.msi
    RefCount=No
    UI=No
    IgnoreNewerVersion=No
    SkipIfSilent=No
    SkipOnReinstall=DRV
    Logfilename=%Temp%%DIVISION%MSI_PortMonitor.log
    TRANSFORMS=SIPM_64\%langid%.MST
    [InstallPortMonitor.500]
    1=hpzmsi01.exe -m SelfInstallingPortMonitor
    [InstallPortMonitor.501]
    1=hpzmsi01.exe -m SelfInstallingPortMonitor
    [InstallPortMonitor.600]
    1=hpzmsi01.exe -m SelfInstallingPortMonitor
    [InstallPortMonitor.501_64]
    1=hpzmsi01.exe -m SelfInstallingPortMonitor_64
    [InstallPortMonitor.502_64]
    1=hpzmsi01.exe -m SelfInstallingPortMonitor_64
    [InstallPortMonitor.600_64]
    1=hpzmsi01.exe -m SelfInstallingPortMonitor_64
    [Recovery.LogAnalysis]
    CollectLogs=Yes
    [Recovery.Startup]
    1=%Recovery%setup\hpzrcv01.exe -f ..\%autorunName% -recover
    [Recovery.Recover]
    1=%Recovery%Setup\hpzscr%ICE_SUFFIX%.exe -datfile .\%ProductScrubberDatfile% -d MsiUninstaller -unattended -forcereboot
    [Recovery.SetupQuit]
    launchbase=%sourcepath%Setup\
    1=hpzrcv01.exe -unsetrecovery
    [Uninstall.ERROR_FAILURE_CLEANUP]
    launchbase=%sourcepath%Setup\
    1=hpzrcv01.exe -recover -logs
    [Uninstall.ERROR_FAILURE_CLEANUP.Run4]
    launchbase=%sourcepath%Setup\
    1=hpzrcv01.exe -recover Run4 -logs
    [Recovery.Run4.Recover]
    1=%Recovery%Setup\hpzscr%ICE_SUFFIX%.exe -datfile %DeviceInstanceRollbackFile% -unattended -forcereboot
    [Recovery.MSIOnly.Startup]
    1=%recovery%setup\hpzrcv01.exe -f ..\%autorunName% -recover MSIOnly -logs
    [Recovery.MSIOnly.Recover]
    SWOnly=Yes
    1=%Recovery%Setup\hpzscr%ICE_SUFFIX%.exe -datfile %MsiRollbackDatFile% -unattended -forcereboot
    [Recovery.MSIOnly.Error_Failure_Cleanup]
    1=hpzrcv01.exe -recover MSIOnly -logs
    [Run.SetRecovery]
    launchbase=%sourcepath%setup\
    1=hpzprl%ICE_SUFFIX%.exe -m PreloadRecoveryMechanism
    2=hpzrcv01.exe -setrecovery
    [Run.CommitProduct]
    launchbase=%sourcepath%setup\
    1=hpzmsi01.exe -commit
    2=..\%setupName% -commitGuid %CDGuid%
    3=hpzrcv01.exe -unsetrecovery
    4=hpzrcv01.exe -setrecovery MSIOnly
    [Run.CommitFull]
    launchbase=%sourcepath%setup\
    1=hpzmsi01.exe -commit
    2=hpzrcv01.exe -unsetrecovery
    [FilesThatForceReboot]
    1=mscoree.dll
    2=MICROS~1.NET\FRAMEW~1\V11~1.432
    3=Microsoft.NET\Framework\v1.1.4322
    [WUP]
    SecondsToWaitForConnection=30
    SecondsToWaitForDownloadComplete=600
    [WUP.OptIn]
    1=ProductAssistantOpted
    2=ProductAssistantNever
    3=HPSUNotify
    4=HPSUDays
    [Wup.OptOut]
    1=ProductAssistantOpted
    2=ProductAssistantNever
    3=HPSUNotify
    4=HPSUDays
    [Wup.ProductAssistantOpted]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\Product Assistant
    Value=OptInCompleted
    OptInData=1
    OptOutData=1
    [Wup.ProductAssistantOpted.501_64]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\Product Assistant
    [Wup.ProductAssistantOpted.502_64]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\Product Assistant
    [Wup.ProductAssistantOpted.600_64]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\Product Assistant
    [Wup.ProductAssistantNever]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\HP Software Update\Product Assistant
    Value=Never
    OptOutData=1
    OptInData=0
    [Wup.ProductAssistantNever.501_64]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\HP Software Update\Product Assistant
    [Wup.ProductAssistantNever.502_64]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\HP Software Update\Product Assistant
    [Wup.ProductAssistantNever.600_64]
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\HP Software Update\Product Assistant
    [Wup.HPSUNotify]
    Key=HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\HP Software Update
    Value=Notify
    OptInData=1
    OptOutData=0
    [WUP.HPSUNotify.501_64]
    Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
    [Wup.HPSUNotify.502_64]
    Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
    [Wup.HPSUNotify.600_64]
    Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
    [Wup.HPSUDays]
    Key=HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\HP Software Update
    Value=nDays
    OptInData=7
    OptOutData=30
    [WUP.HPSUDays.501_64]
    Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
    [Wup.HPSUDays.502_64]
    Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
    [Wup.HPSUDays.600_64]
    Key=HKEY_LOCAL_MACHINE\Software\Wow6432Node\Hewlett-Packard\HP Software Update
    [Shield.ICEPreShield]
    1=SynTPEnh
    2=QTTask
    3=.NETUninstall
    4=CommonAdminTools
    5=MsiExec
    6=PlugPlay
    7=LocalSoftware
    8=LocalSystem
    9=EnumRegKey
    10=Config.Msi
    11=ICE RegKey
    12=ClassesRoot
    13=softpubDll
    14=wintrustDll
    15=initpkiDll
    16=cryptextDll
    17=dssenhDll
    18=rsaenhDll
    19=gpkcspDll
    20=sccbaseDll
    21=slbcspDll
    22=cryptdlgDll
    23=DevicePathRegValue
    24=Wow64LocalSoftware
    25=Wow64ClassRoot
    26=CryptSvc
    27=Wow64softpubDll
    28=Wow64wintrustDll
    29=Wow64dssenhDll
    30=Wow64rsaenhDll
    31=Wow64gpkcspDll
    32=Wow64sccbaseDll
    33=Wow64slbcspDll
    34=Wow64cryptdlgDll
    [Shield.DevicePathRegValue.500]
    Data=%SystemRoot%\inf
    ReplaceWith=%SystemRoot%\inf
    Type=EXPAND_SZ
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Missing
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    Value=DevicePath
    BlockIfFail=Yes
    [Shield.DevicePathRegValue.501]
    Data=%SystemRoot%\inf
    ReplaceWith=%SystemRoot%\inf
    Type=EXPAND_SZ
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Missing
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    Value=DevicePath
    BlockIfFail=Yes
    [Shield.DevicePathRegValue.501_64]
    Data=%SystemRoot%\inf
    ReplaceWith=%SystemRoot%\inf
    Type=EXPAND_SZ
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Missing
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    Value=DevicePath
    BlockIfFail=Yes
    [Shield.DevicePathRegValue.600]
    Data=%SystemRoot%\inf
    ReplaceWith=%SystemRoot%\inf
    Type=EXPAND_SZ
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Missing
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    Value=DevicePath
    BlockIfFail=Yes
    [Shield.DevicePathRegValue.600_64]
    Data=%SystemRoot%\inf
    ReplaceWith=%SystemRoot%\inf
    Type=EXPAND_SZ
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Missing
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    Value=DevicePath
    BlockIfFail=Yes
    [Shield.CloseIZApps]
    1=hpqselsk
    2=hpqcopy
    3=hpqgalry
    4=hpqiscfg
    5=hpqimvac
    6=hpqpos
    7=hpqvapa
    [Shield.SynTPEnh]
    IssueType=Process
    MaxVersion=0x0005000000000893
    MinVersion=0x0005000000000893
    Manufacturer=HP
    Action=Autofix
    BlockIfFail=Yes
    [Shield.QTTask]
    IssueType=Process
    MaxVersion=0x0006000100000000
    MinVersion=0x0000000000000000
    Manufacturer=Apple
    Action=Autofix
    BlockIfFail=Yes
    [Shield..NETUninstall]
    IssueType=RebootFile
    Manufacturer=Microsoft
    Action=Autofix
    1=mscoree.dll
    2=MICROS~1.NET\FRAMEW~1\V11~1.432
    3=Microsoft.NET\Framework\v1.1.4322
    Return=Reboot
    BlockIfFail=No
    [Shield.CommonAdminTools]
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Contains
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
    Value=Common Administrative Tools
    Data=<Common Administrative Tools>.All Users\
    ReplaceWith=%ALLUSERSPROFILE%\Start Menu\Programs\Administrative Tools
    Type=EXPAND_SZ
    BlockIfFail=Yes
    [Shield.MsiExec]
    IssueType=Service
    ServiceName=MSIServer
    Manufacturer=Microsoft
    Action=FIX
    Condition=DISABLED
    DisplayName=Windows Installer
    BlockIfFail=Yes
    [Shield.PlugPlay]
    IssueType=Service
    ServiceName=PlugPlay
    Manufacturer=Microsoft
    Action=FIX
    Condition=STOPPED
    DisplayName=Plug and Play
    BlockIfFail=Yes
    [Shield.LocalSoftware.500]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.LocalSoftware.501]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.LocalSoftware.501_64]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.LocalSoftware.600]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.LocalSoftware.600_64]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.Wow64LocalSoftware.501_64]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.Wow64LocalSoftware.600_64]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node
    DisplayName=LocalSoftware
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.LocalSystem.500]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SYSTEM
    DisplayName=LocalSystem
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    [Shield.LocalSystem.501]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SYSTEM
    DisplayName=LocalSystem
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    [Shield.LocalSystem.501_64]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SYSTEM
    DisplayName=LocalSystem
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    [Shield.LocalSystem.600]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SYSTEM
    DisplayName=LocalSystem
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    [Shield.LocalSystem.600_64]
    Manufacturer=Microsoft
    IssueType=RegKey
    Action=Autofix
    Condition=NotWriteable
    Key=HKEY_LOCAL_MACHINE\SYSTEM
    DisplayName=LocalSystem
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    [Shield.EnumRegKey.500]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=Enum
    Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
    Condition=NotWriteable
    Action=AutoFix
    BlockIfFail=Yes
    Recurse=Yes
    OverwriteDacl=No
    CheckAccess=SystemAccess
    SetAccess=SystemAccess
    Timeout=10
    [Shield.EnumRegKey.501]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=Enum
    Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
    Condition=NotWriteable
    Action=AutoFix
    BlockIfFail=Yes
    Recurse=Yes
    OverwriteDacl=No
    CheckAccess=SystemAccess
    SetAccess=SystemAccess
    Timeout=10
    [Shield.EnumRegKey.501_64]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=Enum
    Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
    Condition=NotWriteable
    Action=AutoFix
    BlockIfFail=Yes
    Recurse=Yes
    OverwriteDacl=No
    CheckAccess=SystemAccess
    SetAccess=SystemAccess
    Timeout=10
    [Shield.Config.Msi]
    IssueType=Folder
    Manufacturer=Microsoft Corporation
    FolderName=%WindowsDrive%Config.Msi
    Action=AUTOFIX
    Condition=~EXIST
    HIDDEN=Y
    [Shield.ICE RegKey]
    IssueType=RegKey
    Manufacturer=HP
    DisplayName=ICE
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\ICE
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=Yes
    OverwriteDacl=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    Timeout=10
    [Shield.ClassesRoot.500]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.ClassesRoot.501]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.ClassesRoot.501_64]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.ClassesRoot.600]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.ClassesRoot.600_64]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.Wow64ClassRoot.501_64]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.Wow64ClassRoot.600_64]
    IssueType=RegKey
    Manufacturer=Microsoft
    DisplayName=HKEY_CLASSES_ROOT
    Key=HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes
    Condition=NotWriteable
    Action=Autofix
    BlockIfFail=Yes
    Recurse=No
    OverwriteDacl=No
    SetOnlyIfInvalid=Yes
    CheckAccess=CommonSidList
    SetAccess=CommonSidList
    CheckCreatedKey=Yes
    [Shield.DXQVPFix]
    1=QVP32
    [Shield.QVP32]
    Manufacturer=Microsoft
    IssueType=RegData
    Condition=Contains
    Action=Autofix
    Key=HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Value=DXDllRegExe
    Data=dxdllreg.exe
    ReplaceWith=%system%dxdllreg.exe
    BlockIfFail=Yes
    [Shield.CompositeDev]
    1=USBInf
    2=certclas
    3=USBCCGP
    [Shield.USBCheck]
    1=USBInf
    2=USBPrint
    3=USBStor
    4=USBScan
    5=NTPrint
    6=certclas
    7=USBCCGP
    [Shield.Printer]
    1=PrintSpooler
    2=ReadOnlyPNFs
    3=USBPrint
    4=NTPrint
    5=certclas
    6=PrintCoinstaller
    [Shield.PnP.Printer]
    1=USBPrint
    [Shield.MassStorage]
    1=Roxio
    2=USBStor
    3=certclas
    4=hpusbfd
    [Shield.PnP.MassStorage]
    1=USBStor
    [Shield.Scanner]
    1=ReadOnlyPNFs
    2=USBScan
    3=certclas
    [Shield.PnP.Scanner]
    1=USBScan
    [Shield.Camera]
    1=ReadOnlyPNFs
    2=certclas
    [Shield.PnPFiles]
    1=USBInf
    2=certclas
    3=USBCCGP
    [Shield.USBInf.500]
    DisplayName=USB.inf
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=usb.inf
    DriverSysName=usbhub.sys
    SectionToInstall=Composite.Dev.NT
    MinVersion=5000008870001
    DriverSysMinVersion=5000008850001
    Manufacturer=Microsoft
    [Shield.USBInf.501]
    DisplayName=USB.inf
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=usb.inf
    DriverSysName=usbccgp.sys
    SectionToInstall=Composite.Dev.NT
    MinVersion=500010A280000
    DriverSysMinVersion=500010A280000
    Manufacturer=Microsoft
    [Shield.USBInf.501_64]
    DisplayName=USB.inf
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=usb.inf
    DriverSysName=usbccgp.sys
    SectionToInstall=Composite.Dev.NT
    MinVersion=500010A280000
    DriverSysMinVersion=500010A280000
    Manufacturer=Microsoft
    [Shield.USBPrint.500]
    DisplayName=USBPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=usbprint.inf
    DriverSysName=usbprint.sys
    SectionToInstall=USBPRINT_Inst.NT
    MinVersion=5000008870001
    DriverSysMinVersion=5000008740001
    Manufacturer=Microsoft
    [Shield.USBPrint.501]
    DisplayName=USBPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=usbprint.inf
    DriverSysName=usbprint.sys
    SectionToInstall=USBPRINT_Inst.NT
    MinVersion=500010A280000
    DriverSysMinVersion=500010A280000
    Manufacturer=Microsoft
    [Shield.USBPrint.501_64]
    DisplayName=USBPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=usbprint.inf
    DriverSysName=usbprint.sys
    SectionToInstall=USBPRINT_Inst.NT
    MinVersion=500010A280000
    DriverSysMinVersion=500010A280000
    Manufacturer=Microsoft
    [Shield.NTPrint.500]
    DisplayName=NTPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=ntprint.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=0
    Manufacturer=Microsoft
    [Shield.NTPrint.501]
    DisplayName=NTPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=ntprint.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=0
    Manufacturer=Microsoft
    [Shield.NTPrint.501_64]
    DisplayName=NTPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=ntprint.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=0
    Manufacturer=Microsoft
    [Shield.NTPrint.600]
    DisplayName=NTPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=ntprint.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=0
    Manufacturer=Microsoft
    [Shield.NTPrint.600_64]
    DisplayName=NTPrint
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=ntprint.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=0
    Manufacturer=Microsoft
    [Shield.certclas.500]
    DisplayName=Certclas.inf
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=certclas.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=5000008870001
    Manufacturer=Microsoft
    [Shield.CertClas.501]
    DisplayName=Certclas.inf
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=Certclas.inf
    DriverSysName=
    SectionToInstall=
    MinVersion=5000109E70000
    Manufacturer=Microsoft
    [Shield.CertClas.501_64]
    DisplayName=Certclas.inf
    IssueType=SystemDriver
    Condition=~Exists
    DriverInfName=Certclas.inf
    Dr
    0
  • 1
  • 2