Virus shield 2009
lolo
-
ep44 Messages postés 7415 Date d'inscription Statut Contributeur Dernière intervention -
ep44 Messages postés 7415 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour,
j'ai attrapper "virus shield 2009'
aidez moi impossible de lancer toolbarsd meme en mode sans echec
qd j ele lance j'ai un msg qui m'indique que windows ne trouve tolbar
merci pour votre aide
j'ai attrapper "virus shield 2009'
aidez moi impossible de lancer toolbarsd meme en mode sans echec
qd j ele lance j'ai un msg qui m'indique que windows ne trouve tolbar
merci pour votre aide
A voir également:
- Virus shield 2009
- Msn 2009 - Télécharger - Messagerie
- Virus mcafee - Accueil - Piratage
- Telecharger splitcam ancienne version 2009 - Télécharger - Messagerie
- Telecharger encarta junior 2009 gratuitement français ✓ - Forum Téléchargement
- Softonic virus ✓ - Forum Virus
6 réponses
Bonjour,
Pour commencer
Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
* Double-clique sur RSIT.exe afin de lancer RSIT.
* Clique sur Continue à l'écran Disclaimer.
* Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
--> Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
Note : Les deux rapports sont également sauvegardés C:\rsit
Pour commencer
Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
* Double-clique sur RSIT.exe afin de lancer RSIT.
* Clique sur Continue à l'écran Disclaimer.
* Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
--> Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
Note : Les deux rapports sont également sauvegardés C:\rsit
voila l 1er fichier :
nfo.txt logfile of random's system information tool 1.06 2009-06-06 22:15:21
======Uninstall list======
-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
Alexandra Ledermann 6-->C:\Program Files\UbiSoft\Lexis Numérique\Alexandra Ledermann 6\Desinst.exe
Apple Software Update-->MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Baghdad Central (Desert Gunner) (remove only)-->"C:\Program Files\Fusion Games\Baghdad Central (Desert Gunner)\Uninstall.exe"
Belkin 802.11g Wireless PCI Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59C2635E-336A-4CDF-8936-994F989E67D1}\Setup.exe"
Bigben PC controller-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFE1AA90-5B5E-4907-95E6-F55923555B16}\setup.exe" -l0x9 -removeonly
BitTorrent-->"C:\Program Files\BitTorrent\uninstall.exe"
Browser Address Error Redirector-->regsvr32 /u /s "C:\APPS\BAE\BAE.dll"
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DD PlayCam-->C:\WINDOWS\unvise32.exe C:\Program Files\DD PlayCam\1.0\Thempty.log
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA SPORTS online 2007-->C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
Exact Audio Copy 0.95b4-->C:\Program Files\Exact Audio Copy\uninst.exe
FA-18 Operation Desert Storm-->C:\WINDOWS\iun6002.exe "C:\Program Files\FA-18 Operation Desert Storm\irunin.ini"
Favorit-->"c:\documents and settings\parents\local settings\application data\kkcqg.exe" -uninstall
FileZilla Client 3.2.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
Furnish Pro-->C:\WINDOWS\unvise32.exe C:\Program Files\Furnish Pro\Furnish Pro uninstal.log
Garmin PC Basemap v2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C865B036-B1D9-417F-BA37-E0D5D391B79F}\setup.exe" -l0x9
Garmin Training Center 3.4.3-->MsiExec.exe /X{CEAEEFA6-DEBC-4B16-8F04-84C81440CA32}
Garmin Training Center-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A0F7389A-9A1A-41C6-820A-1C31A27C4495} /l1036
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
GSpot 2.21 Fr-->"C:\Program Files\GSpot221\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
IsoBuster 2.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
IsoBuster Toolbar-->C:\PROGRA~1\ISOBUS~1\UNWISE.EXE /U C:\PROGRA~1\ISOBUS~1\INSTALL.LOG
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
Micro Application - Faire-part 2007 +-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B14F9A9-4735-4DA6-B47C-7D4E5766C354}\setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
MotionBased Agent-->MsiExec.exe /I{70C4EFA5-F8B8-4015-9378-FCAA9000DF19}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixie 1.4.1-->"C:\Program Files\Pixie\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QUAD Registry Cleaner v.1.5.69-->C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\uninst.exe
QuickTime-->MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
SpyHunter-->"C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Ulead PhotoImpact 10 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c
Ulead VideoStudio 9.0 SE DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}\setup.exe" -l0x40c
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VideoCAM Trek-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}\Setup.exe" -l0x40c
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless LAN Network Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8AD5732-FE33-43DE-B3B9-9E06C13A4615}\Setup.exe" -l0x9
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
======Hosts File======
206.53.61.77 google.ae
206.53.61.77 google.as
206.53.61.77 google.at
206.53.61.77 google.az
206.53.61.77 google.ba
206.53.61.77 google.be
206.53.61.77 google.bg
206.53.61.77 google.bs
206.53.61.77 google.ca
206.53.61.77 google.cd
======Security center information======
AV: Virus Shield 2009
AV: avast! antivirus 4.8.1335 [VPS 090605-0]
FW: Norton Internet Worm Protection (disabled)
FW: Virus Shield 2009
======System event log======
Computer Name: emma
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 129059
Source Name: Service Control Manager
Time Written: 20090517073604.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: emma
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 129058
Source Name: Service Control Manager
Time Written: 20090517073456.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Services Terminal Server.
Record Number: 129057
Source Name: Service Control Manager
Time Written: 20090517073456.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: emma
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 129056
Source Name: Service Control Manager
Time Written: 20090517073421.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.
Record Number: 129055
Source Name: Service Control Manager
Time Written: 20090517073420.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: emma
Event Code: 102
Message: MsnMsgr (2880) \\.\C:\Documents and Settings\parents\Local Settings\Application Data\Microsoft\Messenger\f.fre.d@hotmail.fr\SharingMetadata\Working\database_7038_E95E_38E9_23B6\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 40530
Source Name: ESENT
Time Written: 20090412191132.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 100
Message: MsnMsgr (2880) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 40529
Source Name: ESENT
Time Written: 20090412191132.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 40528
Source Name: usnjsvc
Time Written: 20090412191130.000000+120
Event Type:
User:
Computer Name: emma
Event Code: 0
Message:
Record Number: 40527
Source Name: gusvc
Time Written: 20090412165720.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 40526
Source Name: SecurityCenter
Time Written: 20090412165552.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\;%PIXIEHOME%\bin;C:\Program Files\Smart Projects\IsoBuster
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
"PIXIEHOME"=C:\Program Files\Pixie
"SHADERS"=%PIXIEHOME%\shaders
-----------------EOF-----------------
nfo.txt logfile of random's system information tool 1.06 2009-06-06 22:15:21
======Uninstall list======
-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
Alexandra Ledermann 6-->C:\Program Files\UbiSoft\Lexis Numérique\Alexandra Ledermann 6\Desinst.exe
Apple Software Update-->MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Baghdad Central (Desert Gunner) (remove only)-->"C:\Program Files\Fusion Games\Baghdad Central (Desert Gunner)\Uninstall.exe"
Belkin 802.11g Wireless PCI Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59C2635E-336A-4CDF-8936-994F989E67D1}\Setup.exe"
Bigben PC controller-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFE1AA90-5B5E-4907-95E6-F55923555B16}\setup.exe" -l0x9 -removeonly
BitTorrent-->"C:\Program Files\BitTorrent\uninstall.exe"
Browser Address Error Redirector-->regsvr32 /u /s "C:\APPS\BAE\BAE.dll"
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DD PlayCam-->C:\WINDOWS\unvise32.exe C:\Program Files\DD PlayCam\1.0\Thempty.log
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA SPORTS online 2007-->C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
Exact Audio Copy 0.95b4-->C:\Program Files\Exact Audio Copy\uninst.exe
FA-18 Operation Desert Storm-->C:\WINDOWS\iun6002.exe "C:\Program Files\FA-18 Operation Desert Storm\irunin.ini"
Favorit-->"c:\documents and settings\parents\local settings\application data\kkcqg.exe" -uninstall
FileZilla Client 3.2.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
Furnish Pro-->C:\WINDOWS\unvise32.exe C:\Program Files\Furnish Pro\Furnish Pro uninstal.log
Garmin PC Basemap v2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C865B036-B1D9-417F-BA37-E0D5D391B79F}\setup.exe" -l0x9
Garmin Training Center 3.4.3-->MsiExec.exe /X{CEAEEFA6-DEBC-4B16-8F04-84C81440CA32}
Garmin Training Center-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A0F7389A-9A1A-41C6-820A-1C31A27C4495} /l1036
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
GSpot 2.21 Fr-->"C:\Program Files\GSpot221\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
IsoBuster 2.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
IsoBuster Toolbar-->C:\PROGRA~1\ISOBUS~1\UNWISE.EXE /U C:\PROGRA~1\ISOBUS~1\INSTALL.LOG
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
Micro Application - Faire-part 2007 +-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B14F9A9-4735-4DA6-B47C-7D4E5766C354}\setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
MotionBased Agent-->MsiExec.exe /I{70C4EFA5-F8B8-4015-9378-FCAA9000DF19}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixie 1.4.1-->"C:\Program Files\Pixie\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QUAD Registry Cleaner v.1.5.69-->C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\uninst.exe
QuickTime-->MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
SpyHunter-->"C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Ulead PhotoImpact 10 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c
Ulead VideoStudio 9.0 SE DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}\setup.exe" -l0x40c
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VideoCAM Trek-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}\Setup.exe" -l0x40c
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless LAN Network Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8AD5732-FE33-43DE-B3B9-9E06C13A4615}\Setup.exe" -l0x9
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
======Hosts File======
206.53.61.77 google.ae
206.53.61.77 google.as
206.53.61.77 google.at
206.53.61.77 google.az
206.53.61.77 google.ba
206.53.61.77 google.be
206.53.61.77 google.bg
206.53.61.77 google.bs
206.53.61.77 google.ca
206.53.61.77 google.cd
======Security center information======
AV: Virus Shield 2009
AV: avast! antivirus 4.8.1335 [VPS 090605-0]
FW: Norton Internet Worm Protection (disabled)
FW: Virus Shield 2009
======System event log======
Computer Name: emma
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 129059
Source Name: Service Control Manager
Time Written: 20090517073604.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: emma
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 129058
Source Name: Service Control Manager
Time Written: 20090517073456.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Services Terminal Server.
Record Number: 129057
Source Name: Service Control Manager
Time Written: 20090517073456.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: emma
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 129056
Source Name: Service Control Manager
Time Written: 20090517073421.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.
Record Number: 129055
Source Name: Service Control Manager
Time Written: 20090517073420.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: emma
Event Code: 102
Message: MsnMsgr (2880) \\.\C:\Documents and Settings\parents\Local Settings\Application Data\Microsoft\Messenger\f.fre.d@hotmail.fr\SharingMetadata\Working\database_7038_E95E_38E9_23B6\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 40530
Source Name: ESENT
Time Written: 20090412191132.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 100
Message: MsnMsgr (2880) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 40529
Source Name: ESENT
Time Written: 20090412191132.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 40528
Source Name: usnjsvc
Time Written: 20090412191130.000000+120
Event Type:
User:
Computer Name: emma
Event Code: 0
Message:
Record Number: 40527
Source Name: gusvc
Time Written: 20090412165720.000000+120
Event Type: Informations
User:
Computer Name: emma
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 40526
Source Name: SecurityCenter
Time Written: 20090412165552.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\;%PIXIEHOME%\bin;C:\Program Files\Smart Projects\IsoBuster
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
"PIXIEHOME"=C:\Program Files\Pixie
"SHADERS"=%PIXIEHOME%\shaders
-----------------EOF-----------------
voila pour le 2em fichier :
Logfile of random's system information tool 1.06 (written by random/random)
Run by parents at 2009-06-07 10:42:26
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 237 GB (80%) free of 297 GB
Total RAM: 1022 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:40, on 07/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\B54 Wireless Monitor\WLService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\B54 Wireless Monitor\WLanCfgG.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\documents and settings\parents\local settings\application data\kkcqg.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
J:\RSIT.exe
C:\Program Files\trend micro\parents.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=fp-yie8
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [kkcqg] "c:\documents and settings\parents\local settings\application data\kkcqg.exe" kkcqg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEBADC0A-B2D0-471E-A0A6-DFB0361826F6}: NameServer = 212.27.40.240,212.27.40.241
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Program Files\B54 Wireless Monitor\WLService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by parents at 2009-06-07 10:42:26
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 237 GB (80%) free of 297 GB
Total RAM: 1022 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:40, on 07/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\B54 Wireless Monitor\WLService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\B54 Wireless Monitor\WLanCfgG.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\documents and settings\parents\local settings\application data\kkcqg.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
J:\RSIT.exe
C:\Program Files\trend micro\parents.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=fp-yie8
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [kkcqg] "c:\documents and settings\parents\local settings\application data\kkcqg.exe" kkcqg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEBADC0A-B2D0-471E-A0A6-DFB0361826F6}: NameServer = 212.27.40.240,212.27.40.241
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Program Files\B54 Wireless Monitor\WLService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
ok plusieurs infections
commence par ceci stp
Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Déconnecte toi d'internet et ferme toutes tes applications.
* Désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,
* Double-clic sur combofix.exe, il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
* /! Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne /!
* Attends que Combofix ait terminé, un rapport sera créé.
* réactive ton parefeu, ton antivirus, la garde de ton antispyware
* copie/colle le rapport, le rapport se trouve dans : C:Combofix.txt
* Réactive tes protections en temps réel, Antivirus, Antispywares, avant de te reconnecter à internet.
commence par ceci stp
Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Déconnecte toi d'internet et ferme toutes tes applications.
* Désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,
* Double-clic sur combofix.exe, il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
* /! Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne /!
* Attends que Combofix ait terminé, un rapport sera créé.
* réactive ton parefeu, ton antivirus, la garde de ton antispyware
* copie/colle le rapport, le rapport se trouve dans : C:Combofix.txt
* Réactive tes protections en temps réel, Antivirus, Antispywares, avant de te reconnecter à internet.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ComboFix 09-06-06.03 - parents 07/06/2009 11:14.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.522 [GMT 2:00]
Lancé depuis: c:\documents and settings\parents\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090606-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Virus Shield 2009 *On-access scanning enabled* (Updated) {C27BC89E-717E-412E-8C31-7A49444A3FE9}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Virus Shield 2009 *enabled* {BE17CC0F-04BB-4482-BA15-75317B49AFFD}
.
Les fichiers ci-dessous ont été désactivés pendant l'exécution:
c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\parents\Application Data\Microsoft\Internet Explorer\Quick Launch\Virus Shield 2009.lnk
c:\documents and settings\parents\Local Settings\Application Data\kkcqg.dat
c:\documents and settings\parents\Local Settings\Application Data\kkcqg.exe
c:\documents and settings\parents\Local Settings\Application Data\kkcqg_nav.dat
c:\documents and settings\parents\Local Settings\Application Data\kkcqg_navps.dat
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\windows\system32\_000005_.tmp.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-07 au 2009-06-07 ))))))))))))))))))))))))))))))))))))
.
2009-06-07 06:06 . 2009-06-07 06:06 -------- d-----w- C:\ToolBar SD
2009-06-06 21:42 . 2009-06-06 21:42 304 ----a-w- c:\documents and settings\parents\exc.dat
2009-06-06 20:21 . 2009-06-06 20:21 -------- d-----w- c:\program files\CCleaner
2009-06-06 20:14 . 2009-06-07 08:42 -------- d-----w- c:\program files\trend micro
2009-06-06 20:14 . 2009-06-06 20:15 -------- d-----w- C:\rsit
2009-06-06 19:40 . 2009-06-06 19:40 -------- d-----w- c:\program files\Enigma Software Group
2009-06-06 11:55 . 2009-06-06 12:00 -------- d-sh--w- c:\documents and settings\parents\Application Data\Virus Shield 2009
2009-06-06 11:55 . 2009-06-06 11:55 -------- d-sh--w- c:\documents and settings\All Users\Application Data\ProtectSystem
2009-06-06 11:54 . 2009-06-06 11:55 2097152 ----a-w- c:\documents and settings\All Users\Application Data\54005fc\VS5400.exe
2009-06-06 11:54 . 2009-06-06 21:42 -------- d-sh--w- c:\documents and settings\All Users\Application Data\54005fc
2009-05-31 07:47 . 2009-05-31 07:46 737280 ----a-w- c:\windows\iun6002.exe
2009-05-31 07:47 . 2009-05-31 08:51 -------- d-----w- c:\program files\FA-18 Operation Desert Storm
2009-05-21 15:42 . 2009-05-21 15:46 -------- d-----w- c:\program files\RegCleaner
2009-05-18 10:34 . 2009-05-18 10:34 -------- d-----w- c:\program files\AIDA32 - Personal System Information
2009-05-18 10:32 . 2009-05-18 10:32 -------- d-----w- c:\program files\SiSoftware
2009-05-16 13:59 . 2009-05-16 13:59 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-05-16 13:58 . 2009-05-16 13:58 -------- d-----w- c:\documents and settings\parents\Local Settings\Application Data\Downloaded Installations
2009-05-12 18:16 . 2009-05-12 18:16 -------- d-----w- c:\documents and settings\emma2000\Local Settings\Application Data\Conduit
2009-05-12 18:16 . 2009-06-01 11:31 -------- d-----w- c:\documents and settings\emma2000\Local Settings\Application Data\IsoBuster
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-07 07:39 . 2009-05-03 13:13 -------- d-----w- c:\documents and settings\parents\Application Data\BitTorrent
2009-05-31 07:10 . 2009-05-04 01:25 72328877 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\CoD4MW-1.4-PatchSetup.exe
2009-05-29 05:07 . 2009-05-07 19:33 -------- d-----w- c:\program files\IsoBuster
2009-05-24 06:57 . 2006-11-25 15:46 -------- d-----w- c:\program files\X10 Hardware
2009-05-18 10:33 . 2009-05-18 10:33 2311 ----a-w- c:\documents and settings\All Users\Application Data\xmlE8.tmp
2009-05-18 10:33 . 2009-05-18 10:33 13295 ----a-w- c:\documents and settings\All Users\Application Data\xmlE7.tmp
2009-05-18 10:33 . 2009-05-18 10:33 8519 ----a-w- c:\documents and settings\All Users\Application Data\xmlE6.tmp
2009-05-16 14:00 . 2006-11-25 15:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-07 19:33 . 2009-05-07 19:33 -------- d-----w- c:\program files\Conduit
2009-05-07 19:33 . 2009-05-07 19:33 -------- d-----w- c:\program files\Smart Projects
2009-05-07 05:26 . 2009-05-04 12:12 -------- d-----w- c:\documents and settings\parents\Application Data\FileZilla
2009-05-06 19:01 . 2009-05-06 19:01 -------- d-----w- c:\program files\FileZilla FTP Client
2009-05-05 20:59 . 2009-05-04 14:51 -------- d-----w- c:\documents and settings\parents\Application Data\vlc
2009-05-04 15:10 . 2009-05-04 14:50 -------- d-----w- c:\program files\Freeplayer
2009-05-04 10:42 . 2009-05-03 23:45 1009496 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\HamachiSetup-1.0.2.5-en.exe
2009-05-04 10:42 . 2009-05-03 21:35 3581384 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\daemon-4112-lite.exe
2009-05-04 10:42 . 2009-05-03 21:29 3017216 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\Crack\iw3sp.exe
2009-05-03 13:13 . 2009-05-03 13:13 -------- d-----w- c:\program files\BitTorrent
2009-04-28 04:43 . 2004-09-23 17:12 77278 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-28 04:43 . 2004-09-23 17:12 474734 ----a-w- c:\windows\system32\perfh00C.dat
2009-04-18 10:59 . 2009-04-18 10:59 -------- d-----w- c:\documents and settings\emma2000\Application Data\DivX
2009-04-14 15:44 . 2009-04-14 15:44 -------- d-----w- c:\documents and settings\emma2000\Application Data\Yahoo!
2009-04-12 14:58 . 2009-04-12 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-04-12 14:47 . 2009-04-12 14:47 -------- d-----w- c:\program files\Yahoo!
2009-04-12 14:47 . 2009-04-12 14:47 -------- d-----w- c:\documents and settings\parents\Application Data\Yahoo!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2009-05-29 05:07 2094616 ----a-w- c:\program files\IsoBuster\tbIso0.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-08 68856]
"BitTorrent"="c:\program files\BitTorrent\bittorrent.exe" [2006-12-04 43008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"EULA"="c:\apps\PB_TB\EULALauncher.exe" [2006-09-29 18944]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-23 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-11-09 26112]
"SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2009-04-02 868352]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Belkin 802.11g Wireless PCI Card Configuration Utility.lnk - c:\program files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe [2007-3-2 327765]
D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aAvgApi.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AAWTray.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Ad-Aware.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\adaware.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\advxdwin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\agentw.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alertsvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alevir.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alogserv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\amon9x.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\antivirus.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusXP.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ants.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apimonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aplica32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\arr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atcon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atguard.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atro55en.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atupdater.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atwatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\au.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\auto-protect.nav80try.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autotrace.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autoupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avciman.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgemc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgrsx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv9.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgtray.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkpop.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkservice.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkwctl9.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwinnt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupsrv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxmonitor9x.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxmonitornt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxquar.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\backweb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bargains.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bd_professional.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\beagle.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\belt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bidef.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bidserver.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bipcp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bipcpevalsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bisp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blink.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blss.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bootconf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bootwarn.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\borg2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bpc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\brasil.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bs120.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bundle.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bvt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccpxysvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cdp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfgwiz.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\clean.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cleanpc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\click.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmd32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmesys.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmgrdian.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmon016.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\connectionmonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\control]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpf9x206.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpfnt206.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ctrl.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cwnb181.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cwntdwmo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\datemanager.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dcomx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defalert.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defscangui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\deputy.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dllcache.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dllreg.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\doors.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpfsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpps2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwatson.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dssagent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\efpeadm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\emsw.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\escanhnt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\escanv95.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ethereal.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\etrustcipe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\evpn.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\exantivirus-cnet.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\exe.avxw.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\expert.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\explore.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fast.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fch32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fih32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\firewall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fnrb32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fp-win_trial.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\frmwrk32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsaa.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav530stbyb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav530wtbyb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav95.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsgk32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsm32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsmb32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gator.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbmenu.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbpoll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\generics.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gmt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guarddog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hacktracersetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hbinst.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hbsrv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hotactio.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hotpatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htlog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htpatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hwpe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hxdl.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hxiul.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iamstats.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\idle.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iedll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iedriver.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplorer.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ifw2000.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\inetlnfo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\infus.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\infwin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\init.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\intdel.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\intren.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\istsvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jammer.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jdbgmrg.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavlite40eng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavpers40eng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kazza.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\keenvalue.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-pf-213-en-win.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-wrl-421-en-win.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-wrp-421-en-win.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\killprocesssetup161.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\launcher.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldnetmon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldpro.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldpromenu.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lnetinfo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\loader.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\localnet.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lockdown.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lordpe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luau.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luinit.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luspt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mapisvc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcmnhdlr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\McSACore.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mctool.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsrte.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\md.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfin32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfw2en.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfweng3.02d30.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgavrtcl.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgavrte.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\minilog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mmod.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\monitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mostat.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpfagent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpfservice.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mrflux.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msapp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSASCui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msbb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msblast.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscache.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msccn32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscman.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msconfig]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdos.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msiexec16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msinfo32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mslaugh.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmgt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmsgri32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mssmmc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mssys.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvxd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mu0311ad.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mwatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nav.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navap.navapsvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navdx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nc2000.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ncinst4.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ndd32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\neomonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\neowatchlog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netarmor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netd32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netinfo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netmon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netscanpro.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netspyhunter-1.2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netstat.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netutils.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\norton_internet_secu_3.0_407.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\notstart.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npf40_tw_98_nt_me_2k.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npfmessenger.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nprotect.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npscheck.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npssvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nsched32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nssys32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nstask32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nsupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntrtscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntvdm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntxconfig.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvarch16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvsvc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwinst4.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwservice.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwtool16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\onsrvr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\optimize.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ostronet.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\otfix.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpostinstall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpostproinstall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\padmin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\panixk.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\patch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pav.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavFnSvr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavproxy.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavprsrv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcip10117_0.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pdsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\periscope.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\perswf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pf2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pfwadmin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pgmonitr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pingscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\platin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pop3trap.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\poproxy.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\popscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\portdetective.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\portmonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\powerscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppinupdt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pptbc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppvstop.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prizesurfer.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prmt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prmvr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\procdump.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\processmonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\procexplorerv1.0.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\programauditor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\proport.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\protectx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PskSvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pspf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\purge.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qconsole.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qserver.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rapapp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rav8win32eng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ray.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rb32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rcsync.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\realmon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\reged.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rrguard.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rshell.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rtvscn95.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rulaunch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\run32dll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rundll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rundll16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ruxdll32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sahagent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\save.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\savenow.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sbserv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scam32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setupvameeval.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup_flowprotector_us.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sfc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sgssfw32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sh.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shellspyinstall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shn.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\showbehind.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sms.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smss32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\soap.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sofi.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sperm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoler.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoolcv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoolsv32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spyxx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srexe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.522 [GMT 2:00]
Lancé depuis: c:\documents and settings\parents\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090606-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Virus Shield 2009 *On-access scanning enabled* (Updated) {C27BC89E-717E-412E-8C31-7A49444A3FE9}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Virus Shield 2009 *enabled* {BE17CC0F-04BB-4482-BA15-75317B49AFFD}
.
Les fichiers ci-dessous ont été désactivés pendant l'exécution:
c:\program files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\parents\Application Data\Microsoft\Internet Explorer\Quick Launch\Virus Shield 2009.lnk
c:\documents and settings\parents\Local Settings\Application Data\kkcqg.dat
c:\documents and settings\parents\Local Settings\Application Data\kkcqg.exe
c:\documents and settings\parents\Local Settings\Application Data\kkcqg_nav.dat
c:\documents and settings\parents\Local Settings\Application Data\kkcqg_navps.dat
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\windows\system32\_000005_.tmp.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-07 au 2009-06-07 ))))))))))))))))))))))))))))))))))))
.
2009-06-07 06:06 . 2009-06-07 06:06 -------- d-----w- C:\ToolBar SD
2009-06-06 21:42 . 2009-06-06 21:42 304 ----a-w- c:\documents and settings\parents\exc.dat
2009-06-06 20:21 . 2009-06-06 20:21 -------- d-----w- c:\program files\CCleaner
2009-06-06 20:14 . 2009-06-07 08:42 -------- d-----w- c:\program files\trend micro
2009-06-06 20:14 . 2009-06-06 20:15 -------- d-----w- C:\rsit
2009-06-06 19:40 . 2009-06-06 19:40 -------- d-----w- c:\program files\Enigma Software Group
2009-06-06 11:55 . 2009-06-06 12:00 -------- d-sh--w- c:\documents and settings\parents\Application Data\Virus Shield 2009
2009-06-06 11:55 . 2009-06-06 11:55 -------- d-sh--w- c:\documents and settings\All Users\Application Data\ProtectSystem
2009-06-06 11:54 . 2009-06-06 11:55 2097152 ----a-w- c:\documents and settings\All Users\Application Data\54005fc\VS5400.exe
2009-06-06 11:54 . 2009-06-06 21:42 -------- d-sh--w- c:\documents and settings\All Users\Application Data\54005fc
2009-05-31 07:47 . 2009-05-31 07:46 737280 ----a-w- c:\windows\iun6002.exe
2009-05-31 07:47 . 2009-05-31 08:51 -------- d-----w- c:\program files\FA-18 Operation Desert Storm
2009-05-21 15:42 . 2009-05-21 15:46 -------- d-----w- c:\program files\RegCleaner
2009-05-18 10:34 . 2009-05-18 10:34 -------- d-----w- c:\program files\AIDA32 - Personal System Information
2009-05-18 10:32 . 2009-05-18 10:32 -------- d-----w- c:\program files\SiSoftware
2009-05-16 13:59 . 2009-05-16 13:59 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-05-16 13:58 . 2009-05-16 13:58 -------- d-----w- c:\documents and settings\parents\Local Settings\Application Data\Downloaded Installations
2009-05-12 18:16 . 2009-05-12 18:16 -------- d-----w- c:\documents and settings\emma2000\Local Settings\Application Data\Conduit
2009-05-12 18:16 . 2009-06-01 11:31 -------- d-----w- c:\documents and settings\emma2000\Local Settings\Application Data\IsoBuster
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-07 07:39 . 2009-05-03 13:13 -------- d-----w- c:\documents and settings\parents\Application Data\BitTorrent
2009-05-31 07:10 . 2009-05-04 01:25 72328877 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\CoD4MW-1.4-PatchSetup.exe
2009-05-29 05:07 . 2009-05-07 19:33 -------- d-----w- c:\program files\IsoBuster
2009-05-24 06:57 . 2006-11-25 15:46 -------- d-----w- c:\program files\X10 Hardware
2009-05-18 10:33 . 2009-05-18 10:33 2311 ----a-w- c:\documents and settings\All Users\Application Data\xmlE8.tmp
2009-05-18 10:33 . 2009-05-18 10:33 13295 ----a-w- c:\documents and settings\All Users\Application Data\xmlE7.tmp
2009-05-18 10:33 . 2009-05-18 10:33 8519 ----a-w- c:\documents and settings\All Users\Application Data\xmlE6.tmp
2009-05-16 14:00 . 2006-11-25 15:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-07 19:33 . 2009-05-07 19:33 -------- d-----w- c:\program files\Conduit
2009-05-07 19:33 . 2009-05-07 19:33 -------- d-----w- c:\program files\Smart Projects
2009-05-07 05:26 . 2009-05-04 12:12 -------- d-----w- c:\documents and settings\parents\Application Data\FileZilla
2009-05-06 19:01 . 2009-05-06 19:01 -------- d-----w- c:\program files\FileZilla FTP Client
2009-05-05 20:59 . 2009-05-04 14:51 -------- d-----w- c:\documents and settings\parents\Application Data\vlc
2009-05-04 15:10 . 2009-05-04 14:50 -------- d-----w- c:\program files\Freeplayer
2009-05-04 10:42 . 2009-05-03 23:45 1009496 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\HamachiSetup-1.0.2.5-en.exe
2009-05-04 10:42 . 2009-05-03 21:35 3581384 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\daemon-4112-lite.exe
2009-05-04 10:42 . 2009-05-03 21:29 3017216 ----a-w- c:\documents and settings\parents\Application Data\BitTorrent\incomplete\abbb735b-c17d\Crack\iw3sp.exe
2009-05-03 13:13 . 2009-05-03 13:13 -------- d-----w- c:\program files\BitTorrent
2009-04-28 04:43 . 2004-09-23 17:12 77278 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-28 04:43 . 2004-09-23 17:12 474734 ----a-w- c:\windows\system32\perfh00C.dat
2009-04-18 10:59 . 2009-04-18 10:59 -------- d-----w- c:\documents and settings\emma2000\Application Data\DivX
2009-04-14 15:44 . 2009-04-14 15:44 -------- d-----w- c:\documents and settings\emma2000\Application Data\Yahoo!
2009-04-12 14:58 . 2009-04-12 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-04-12 14:47 . 2009-04-12 14:47 -------- d-----w- c:\program files\Yahoo!
2009-04-12 14:47 . 2009-04-12 14:47 -------- d-----w- c:\documents and settings\parents\Application Data\Yahoo!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2009-05-29 05:07 2094616 ----a-w- c:\program files\IsoBuster\tbIso0.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-08 68856]
"BitTorrent"="c:\program files\BitTorrent\bittorrent.exe" [2006-12-04 43008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"EULA"="c:\apps\PB_TB\EULALauncher.exe" [2006-09-29 18944]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-23 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-11-09 26112]
"SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2009-04-02 868352]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Belkin 802.11g Wireless PCI Card Configuration Utility.lnk - c:\program files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe [2007-3-2 327765]
D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aAvgApi.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AAWTray.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Ad-Aware.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\adaware.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\advxdwin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\agentw.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alertsvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alevir.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\alogserv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\amon9x.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\antivirus.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AntivirusXP.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ants.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apimonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aplica32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\arr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atcon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atguard.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atro55en.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atupdater.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\atwatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\au.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\auto-protect.nav80try.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autotrace.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autoupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avciman.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgemc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgrsx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv9.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgtray.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkpop.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkservice.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avkwctl9.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwinnt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avwupsrv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxmonitor9x.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxmonitornt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avxquar.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\backweb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bargains.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bd_professional.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\beagle.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\belt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bidef.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bidserver.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bipcp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bipcpevalsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bisp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blink.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\blss.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bootconf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bootwarn.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\borg2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bpc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\brasil.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bs120.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bundle.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bvt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccpxysvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cdp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfgwiz.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\clean.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cleanpc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\click.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmd32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmesys.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmgrdian.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmon016.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\connectionmonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\control]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpf9x206.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cpfnt206.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ctrl.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cwnb181.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cwntdwmo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\datemanager.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dcomx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defalert.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defscangui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\deputy.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dllcache.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dllreg.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\doors.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpfsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dpps2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwatson.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dssagent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\efpeadm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\emsw.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\escanhnt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\escanv95.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ethereal.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\etrustcipe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\evpn.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\exantivirus-cnet.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\exe.avxw.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\expert.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\explore.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fast.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fch32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fih32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\firewall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fnrb32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fp-win_trial.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\frmwrk32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsaa.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav530stbyb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav530wtbyb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav95.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsgk32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsm32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsmb32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gator.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbmenu.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gbpoll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\generics.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gmt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guarddog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hacktracersetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hbinst.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hbsrv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hotactio.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hotpatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htlog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htpatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hwpe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hxdl.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hxiul.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iamstats.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\idle.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iedll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iedriver.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplorer.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ifw2000.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\inetlnfo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\infus.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\infwin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\init.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\intdel.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\intren.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\istsvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jammer.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jdbgmrg.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavlite40eng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavpers40eng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kazza.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\keenvalue.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-pf-213-en-win.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-wrl-421-en-win.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kerio-wrp-421-en-win.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\killprocesssetup161.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\launcher.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldnetmon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldpro.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldpromenu.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ldscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lnetinfo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\loader.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\localnet.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lockdown.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lordpe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luau.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luinit.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\luspt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mapisvc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcmnhdlr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\McSACore.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mctool.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsrte.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\md.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfin32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfw2en.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mfweng3.02d30.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgavrtcl.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgavrte.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mgui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\minilog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mmod.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\monitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mostat.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpfagent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpfservice.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mrflux.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msapp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSASCui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msbb.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msblast.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscache.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msccn32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscman.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msconfig]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdos.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msiexec16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msinfo32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mslaugh.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmgt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmsgri32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mssmmc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mssys.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvxd.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mu0311ad.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mwatch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nav.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navap.navapsvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navdx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nc2000.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ncinst4.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ndd32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\neomonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\neowatchlog.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netarmor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netd32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netinfo.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netmon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netscanpro.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netspyhunter-1.2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netstat.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netutils.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\norton_internet_secu_3.0_407.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\notstart.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npf40_tw_98_nt_me_2k.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npfmessenger.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nprotect.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npscheck.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\npssvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nsched32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nssys32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nstask32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nsupdate.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntrtscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntvdm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ntxconfig.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nui.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvarch16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nvsvc32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwinst4.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwservice.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nwtool16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\onsrvr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\optimize.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ostronet.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\otfix.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpostinstall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpostproinstall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\padmin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\panixk.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\patch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pav.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavFnSvr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavproxy.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavprsrv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcip10117_0.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pcscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pdsetup.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\periscope.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\perswf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pf2.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pfwadmin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pgmonitr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pingscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\platin.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pop3trap.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\poproxy.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\popscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\portdetective.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\portmonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\powerscan.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppinupdt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pptbc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppvstop.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prizesurfer.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prmt.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prmvr.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\procdump.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\processmonitor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\procexplorerv1.0.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\programauditor.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\proport.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\protectx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PskSvc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pspf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\purge.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qconsole.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qserver.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rapapp.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rav8win32eng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ray.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rb32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rcsync.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\realmon.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\reged.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rrguard.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rshell.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rtvscn95.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rulaunch.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\run32dll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rundll.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rundll16.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ruxdll32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sahagent.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\save.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\savenow.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sbserv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scam32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setupvameeval.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup_flowprotector_us.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sfc.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sgssfw32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sh.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shellspyinstall.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shn.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\showbehind.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sms.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\smss32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\soap.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sofi.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sperm.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spf.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoler.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoolcv.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spoolsv32.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spyxx.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srexe.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srng.exe]
"Debugger"=rundll32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file
Bonsoir,
ton rapport n'est pas complet, pour la suite fait ce qui suit
Télécharge LOP S&D d'Eric71 ici https://sites.google.com/site/eric71mespages/lop.sd.fr
Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )
( Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
@+
ton rapport n'est pas complet, pour la suite fait ce qui suit
Télécharge LOP S&D d'Eric71 ici https://sites.google.com/site/eric71mespages/lop.sd.fr
Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )
( Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
@+
