INFECTION !!

k2000VP -
flo-91 Messages postés 5973 Statut Contributeur sécurité - 12 déc. 2009 à 10:51

Bonjour,
Voila je pense etre infecter car ces dernier temps mon pc narrete pas de bugger pour des trucs tout basique qui soit reduire la fenetre cliquer sur un lien fermer un programe etc et autre mais vraiment pour des petits et lorsqu'il plante il ne retrouve plus son droit chemin donc je suis obliger soit de femer la session (parfois sa marche parfois non) soit completement redemarrer le pc je précise que j'ai un Asus K70IO-TY020C7
avec 4GO mémoire vive 500GO 2,1 GHz .... et je suis sous vista voila le rapport de RSIT donc pour ceux qui peuvent maider merci

log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by Yaramis Michel at 2009-12-11 23:28:46
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 192 GB (81%) free of 238 GB
Total RAM: 3582 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:29:22, on 11/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program files\P4G\BatteryLife.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Yaramis Michel\Desktop\RSIT.exe
C:\Program Files\trend micro\Yaramis Michel.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: FancyStart daemon.lnk = ?
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe

--
End of file - 7961 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL [2009-08-26 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-04-18 1593344]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-24 7289376]
"P2Go_Menu"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-04-21 540576]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2009-07-18 47672]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2008-09-30 237568]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 13789728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"=C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-04-07 3405048]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db163c6e-dc2d-11de-a988-0026187eaa9f}]
shell\AutoRun\command - F:\ej10fkdo.bat
shell\open\command - F:\ej10fkdo.bat

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-11 23:28:48 ----D---- C:\Program Files\trend micro
2009-12-11 23:28:46 ----D---- C:\rsit
2009-12-11 23:28:21 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\Malwarebytes
2009-12-11 23:28:15 ----D---- C:\ProgramData\Malwarebytes
2009-12-11 23:28:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-09 10:09:00 ----A---- C:\Windows\smrpro.INI
2009-12-09 10:08:43 ----D---- C:\Program Files\Admiresoft
2009-12-09 10:06:20 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\GetRightToGo
2009-12-09 00:25:27 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 00:25:18 ----A---- C:\Windows\system32\httpapi.dll
2009-12-08 23:52:00 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\Free Sound Recorder
2009-12-08 23:45:21 ----D---- C:\Program Files\Mp3 My Mp3 2.0
2009-12-08 22:12:14 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\COWON
2009-12-08 21:56:35 ----D---- C:\Lyrics
2009-12-08 21:47:58 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\MiniLyrics
2009-12-08 21:46:22 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\InstallShield
2009-12-08 21:46:01 ----D---- C:\Program Files\Minilyrics
2009-12-08 21:31:09 ----A---- C:\Windows\system32\winhttp.dll
2009-12-08 21:31:01 ----A---- C:\Windows\system32\mshtml.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\wininet.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\urlmon.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\occache.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\iertutil.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\ieframe.dll
2009-12-08 21:30:59 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-08 21:30:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-08 21:30:58 ----A---- C:\Windows\system32\ieui.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\iesetup.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\iernonce.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\iepeers.dll
2009-12-08 21:30:58 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-08 21:30:05 ----A---- C:\Windows\system32\rastls.dll
2009-11-29 23:20:28 ----A---- C:\Windows\system32\vbzlib1.dll
2009-11-29 23:20:27 ----D---- C:\Program Files\DsNET Corp
2009-11-29 19:23:18 ----D---- C:\Program Files\TVAnts
2009-11-28 17:38:20 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\AVS4YOU
2009-11-28 17:38:20 ----D---- C:\ProgramData\AVS4YOU
2009-11-28 17:37:05 ----D---- C:\Program Files\Common Files\AVSMedia
2009-11-28 17:37:05 ----D---- C:\Program Files\AVS4YOU
2009-11-28 17:37:05 ----A---- C:\Windows\system32\msxml3a.dll
2009-11-28 17:37:05 ----A---- C:\Windows\system32\msvcr70.dll
2009-11-28 17:37:05 ----A---- C:\Windows\system32\msvcp70.dll
2009-11-28 17:37:05 ----A---- C:\Windows\system32\mfc70.dll
2009-11-28 17:37:05 ----A---- C:\Windows\system32\GdiPlus.dll
2009-11-28 16:09:22 ----D---- C:\Program Files\DivX
2009-11-26 22:45:54 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\WinRAR
2009-11-26 22:32:38 ----D---- C:\Program Files\WinRAR
2009-11-26 03:01:07 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 17:06:33 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 17:06:32 ----A---- C:\Windows\system32\msxml3.dll
2009-11-21 00:45:40 ----D---- C:\ProgramData\ALM
2009-11-19 18:53:27 ----D---- C:\Program Files\Awave Studio
2009-11-16 19:39:39 ----D---- C:\Windows\pss
2009-11-12 23:24:22 ----D---- C:\Program Files\Common Files\Control Panels
2009-11-12 23:22:34 ----A---- C:\Windows\system32\NPSWF32_FlashUtil.exe
2009-11-12 23:22:34 ----A---- C:\Windows\system32\NPSWF32.dll
2009-11-12 23:17:24 ----D---- C:\Program Files\Bonjour
2009-11-12 23:13:32 ----D---- C:\Program Files\Common Files\Macrovision Shared

======List of files/folders modified in the last 1 months======

2009-12-11 23:29:00 ----D---- C:\Windows\Prefetch
2009-12-11 23:28:48 ----RD---- C:\Program Files
2009-12-11 23:28:47 ----D---- C:\Windows\Temp
2009-12-11 23:28:16 ----D---- C:\Windows\system32\drivers
2009-12-11 23:28:15 ----HD---- C:\ProgramData
2009-12-11 19:22:38 ----SHD---- C:\System Volume Information
2009-12-11 17:44:05 ----D---- C:\Windows\System32
2009-12-11 17:44:05 ----D---- C:\Windows\inf
2009-12-11 17:44:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-11 17:37:02 ----A---- C:\Windows\system32\acovcnt.exe
2009-12-11 17:36:58 ----SD---- C:\Windows\Downloaded Program Files
2009-12-10 22:04:57 ----SHD---- C:\Windows\Installer
2009-12-09 16:59:05 ----SD---- C:\Users\Yaramis Michel\AppData\Roaming\Microsoft
2009-12-09 10:26:18 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\Download Manager
2009-12-09 10:09:00 ----D---- C:\Windows
2009-12-09 01:36:29 ----D---- C:\Windows\rescache
2009-12-09 00:43:49 ----D---- C:\Windows\winsxs
2009-12-09 00:33:30 ----D---- C:\Windows\system32\catroot
2009-12-09 00:28:21 ----D---- C:\Windows\system32\migration
2009-12-09 00:28:21 ----D---- C:\Windows\system32\fr-FR
2009-12-09 00:28:21 ----D---- C:\Program Files\Windows Mail
2009-12-09 00:28:21 ----D---- C:\Program Files\Internet Explorer
2009-12-09 00:27:57 ----D---- C:\ProgramData\Microsoft Help
2009-12-09 00:25:51 ----D---- C:\Windows\system32\catroot2
2009-12-09 00:14:45 ----D---- C:\Windows\Debug
2009-12-09 00:11:44 ----D---- C:\Program Files\Common Files
2009-12-09 00:10:51 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\BITS
2009-12-08 21:47:12 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-03 21:49:42 ----D---- C:\Downloads
2009-12-02 22:22:58 ----D---- C:\Program Files\Adobe
2009-12-02 22:22:23 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\Adobe
2009-12-01 22:42:49 ----RSD---- C:\Windows\Fonts
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-30 22:18:11 ----D---- C:\Program Files\ASUS
2009-11-28 18:02:59 ----D---- C:\Users\Yaramis Michel\AppData\Roaming\vlc
2009-11-26 20:32:38 ----D---- C:\Windows\system32\Tasks
2009-11-21 08:33:30 ----D---- C:\ProgramData\NVIDIA
2009-11-21 00:44:04 ----D---- C:\Program Files\Common Files\Adobe
2009-11-21 00:20:08 ----D---- C:\ProgramData\Adobe
2009-11-12 21:03:40 ----D---- C:\Program Files\adslTV

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys [2009-08-26 259632]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1007020.00B\ccHPx86.sys [2009-10-03 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-11-04 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-10-28 343088]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1007020.00B\SRTSP.SYS [2009-08-26 308272]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1007020.00B\SRTSPX.SYS [2009-08-26 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-08-26 25648]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS [2009-08-26 217136]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-11-04 102448]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-04-21 90112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-24 2346016]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-12-03 38224]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2008-12-24 14392]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091211.002\NAVENG.SYS [2009-11-04 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091211.002\NAVEX15.SYS [2009-11-04 1323568]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-01-22 52768]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-02 9786752]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-25 15872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-03-17 140288]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-10-03 124976]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1007020.00B\SYMFW.SYS [2009-08-26 89904]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS [2009-08-26 48688]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [2009-08-26 117640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 211488]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-17 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

info.txt

info.txt logfile of random's system information tool 1.06 2009-12-11 23:29:24

======Uninstall list======

2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Acoustica Mixcraft 3.1-->C:\PROGRA~1\ACOUST~2\Mixcraft3.exe uninstall
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{5D2398DF-3022-4820-93BA-F1175FBEA9CA}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS3-->MsiExec.exe /I{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Setup-->MsiExec.exe /I{1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Ajouter ou supprimer Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b5d5789539ea1f004a4defceea74312\Setup.exe
AmIcoSingLun-->C:\Program Files\InstallShield Installation Information\{BF91B300-EEBC-4223-96F3-0FCBF7241B50}\setup.exe -runfromtemp -l0x0409
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
ASUS FancyStart-->MsiExec.exe /I{A9FEB6D7-9C52-49FC-B956-7AB275B78890}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
Awave Studio v10-->C:\PROGRA~1\AWAVES~1\UNWISE.EXE C:\PROGRA~1\AWAVES~1\INSTALL.LOG
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
ETDWare PS/2-x86 7.0.5.3 WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Free 3GP Video Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free 3GP Video Converter\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Minilyrics(remove only)-->"C:\Program Files\Minilyrics\uninst-ml.exe"
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Multimedia Card Reader-->C:\Program Files\InstallShield Installation Information\{DA41F9E9-B878-467F-95E7-27E4D1943533}\setup.exe -runfromtemp -l0x0409
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.2.11\InstStub.exe /X
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
SRS Premium Sound-->MsiExec.exe /X{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}
Super Mp3 Recorder Professional v6.2-->"C:\Program Files\Admiresoft\Super Mp3 Recorder Professional\unins000.exe"
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\Setup.exe" -l0x9
WinZip 12.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Michel
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB935509_1(Update) à l’état Permanent(Permanent)
Record Number: 28541
Source Name: Microsoft-Windows-Servicing
Time Written: 20091004205739.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: Michel
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB935509(Update) à l’état Permanent(Permanent)
Record Number: 28540
Source Name: Microsoft-Windows-Servicing
Time Written: 20091004205739.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: Michel
Event Code: 4375
Message: Windows Servicing a échou

Afficher la suite

A voir également:

11 réponses

Réponse 1 / 11

Utilisateur anonyme

Bonjour ,

nathandre ::

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db163c6e-dc2d-11de-a988-0026187eaa9f}]
shell\AutoRun\command - F:\ej10fkdo.bat
shell\open\command - F:\ej10fkdo.bat

et ceci alors ?

Je te signal que flo a bien vu l infection ::

https://forums.commentcamarche.net/forum/affich-15572660-infection#4

Bonsoir, à premiere vue, infection usb, fait ceci :

Arrete de perturber les topics ( c est pas la premiere fois que je te vois faire ) en postant comme une star que tu n es pas .

A bon entendeur salut .

flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120

Salut,

Arrete de perturber les topics ( c est pas la premiere fois que je te vois faire ) en postant comme une star que tu n es pas .

Je ne veux pas que cela soi pris ainsi, je fais juste de mon miieux pour introduire la suite et lui dire ce qui ne va pas.

Je ne veux pas etre vu comme ceci, désolé si tu penses ainsi =(

Réponse 2 / 11

Oxygenique Messages postés 83 Statut Membre 2

Bonsoir,

Redémarre en mode sans echec et lance ton av ou anti spyware ( je te conseil spybot )

Réponse 3 / 11

franzi3000 Messages postés 133 Statut Membre 1

c'est pas un virus

Réponse 4 / 11

flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120

Bonsoir, à premiere vue, infection usb, fait ceci :

/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

>Usbfix<

>Télécharge USBFIX de Chiquitine29, C_xx ici :

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe

>/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

> Double clic sur le raccourci UsbFix présent sur le bureau .

>Choisir l'option 1 (Recherche) et laisser travailler l'outil

Ensuite poste le rapport UsbFix.txt qui apparaîtra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 11

Utilisateur anonyme

bonsoir
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db163c6e-dc2d-11de-a988-0026187eaa9f}]
shell\AutoRun\command - F:\ej10fkdo.bat
shell\open\command - F:\ej10fkdo.bat

et ceci alors ?

Réponse 6 / 11

k2000vp

flo-91 slt et voila le rapport de UsbFix

############################## | UsbFix V6.061 |

User : Yaramis Michel (Administrateurs) # MICHEL
Update on 10/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 09:51:01 | 12/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 232,88 Go (187,56 Go free) [VistaOS] # NTFS
D:\ -> Disque fixe local # 221,16 Go (221,12 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
G:\ -> Disque amovible # 3,67 Go (3,08 Go free) [MICHEL USB] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe 404
C:\Windows\system32\csrss.exe 476
C:\Windows\system32\csrss.exe 528
C:\Windows\system32\wininit.exe 536
C:\Windows\system32\services.exe 580
C:\Windows\system32\winlogon.exe 604
C:\Windows\system32\lsass.exe 640
C:\Windows\system32\lsm.exe 648
C:\Windows\system32\svchost.exe 784
C:\Windows\system32\nvvsvc.exe 832
C:\Windows\system32\svchost.exe 860
C:\Windows\System32\svchost.exe 1048
C:\Windows\System32\svchost.exe 1084
C:\Windows\system32\svchost.exe 1096
C:\Windows\system32\svchost.exe 1192
C:\Windows\system32\SLsvc.exe 1216
C:\Windows\system32\svchost.exe 1264
C:\Windows\system32\nvvsvc.exe 1332
C:\Windows\system32\svchost.exe 1488
C:\Windows\system32\WLANExt.exe 1612
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe 1624
C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe 1692
C:\Program Files\ATKGFNEX\GFNEXSrv.exe 1712
C:\Windows\system32\taskeng.exe 1760
C:\Windows\System32\spoolsv.exe 1808
C:\Windows\system32\svchost.exe 1844
C:\Program Files\Bonjour\mDNSResponder.exe 240
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 284
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 664
C:\Windows\system32\svchost.exe 1112
C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe 1288
C:\Windows\system32\svchost.exe 1476
C:\Windows\System32\svchost.exe 204
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2092
C:\Windows\system32\SearchIndexer.exe 2128
C:\Windows\system32\DllHost.exe 2660
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe 3060
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 3144
C:\Windows\system32\Dwm.exe 3180
C:\Windows\system32\taskeng.exe 3212
C:\Program files\P4G\BatteryLife.exe 3312
C:\Windows\system32\taskeng.exe 3320
C:\Windows\Explorer.EXE 3336
C:\Program Files\ASUS\ASUS Live Update\ALU.exe 3400
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe 3420
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe 3756
C:\Program Files\ASUS\ATK Hotkey\HControl.exe 3764
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe 3800
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe 3808
C:\Program Files\ASUS\Splendid\ACMON.exe 3816
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe 3852
C:\Program Files\ASUS\ATK Hotkey\WDC.exe 3872
C:\Windows\System32\ACEngSvr.exe 3888
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 796
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe 1092
C:\Program Files\Elantech\ETDCtrl.exe 2700
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe 2672
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe 1272
C:\Program Files\ASUS\ATK Media\DMedia.exe 3000
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe 3372
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe 2784
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe 3596
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe 3696
C:\Windows\ehome\ehtray.exe 3944
C:\Program Files\Windows Media Player\wmpnscfg.exe 4004
C:\Program Files\Windows Media Player\wmpnetwk.exe 3120
C:\Windows\ehome\ehmsas.exe 1028
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1632
C:\Program Files\Windows Live\Contacts\wlcomm.exe 5716
C:\Program Files\Windows Live\Mail\wlmail.exe 736
C:\Program Files\Internet Explorer\iexplore.exe 6004
C:\Program Files\Internet Explorer\iexplore.exe 6068
C:\Windows\regedit.exe 4712
C:\Windows\system32\WUDFHost.exe 5704
C:\Windows\system32\wbem\wmiprvse.exe 4188

################## | Fichiers # Dossiers infectieux |

################## | Registre # Clés infectieuses |

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{db163c6e-dc2d-11de-a988-0026187eaa9f}
shell\AutoRun\command =F:\ej10fkdo.bat
shell\open\Command =F:\ej10fkdo.bat

################## | Cracks / Keygens / Serials |

"C:\Users\Yaramis Michel\Documents\adobe_suite_cs3\Master Collection\BS\keygen_master.exe"
17/09/2009 10:54 |Size 33792 |Crc32 08bfe59f |Md5 add33009127c1d1f3e56215b6a4e4d9c

"C:\Users\Yaramis Michel\Documents\Downloads\AcousticaMixcraftKeygen.exe"
11/07/2007 13:08 |Size 158720 |Crc32 3a47a31a |Md5 996bb454fa3a1fc2a5cf3a65fabd2c38

################## | ! Fin du rapport # UsbFix V6.061 ! |

Réponse 7 / 11

k2000vp

Slt nathandre jsuis censé faire quoi ou plutot de données quoi sur
shell\AutoRun\command - F:\ej10fkdo.bat
shell\open\command - F:\ej10fkdo.bat ?

Réponse 8 / 11

flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120

Bien, la suite :

>Supprime ces cracks ( vecteurs d'infections ) :

"C:\Users\Yaramis Michel\Documents\adobe_suite_cs3\Master Collection\BS\keygen_master.exe"
17/09/2009 10:54 |Size 33792 |Crc32 08bfe59f |Md5 add33009127c1d1f3e56215b6a4e4d9c

"C:\Users\Yaramis Michel\Documents\Downloads\AcousticaMixcraftKeygen.exe"
11/07/2007 13:08 |Size 158720 |Crc32 3a47a31a |Md5 996bb454fa3a1fc2a5cf3a65fabd2c38

Puis :

>Relance Usbfix :

/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

>Usbfix<

>/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

> Double clic sur le raccourci UsbFix présent sur le bureau .

>Choisir l'option 2 (Suppression) et laisser travailler l'outil

Ensuite poste le rapport UsbFix.txt qui apparaîtra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

Réponse 9 / 11

flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120

Nathandre a voulu montrer aux autres qui te disaient qu'il n'y avait pas de virus, que tu avais une infection type usb ( shell autorun... ), Usbfix semble l'avoir détecté, fait la suite :)

Réponse 10 / 11

k2000VP

Merci Flo c sympa dta part donc en gros je dois juste supper les keygens ?
et donc concernant "[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db163c6e-dc2d-11de-a988-0026187eaa9f}]
shell\AutoRun\command - F:\ej10fkdo.bat
shell\open\command - F:\ej10fkdo.bat " j'ai a m'en préocuper ou pas ? =)

Réponse 11 / 11

flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120

Tu fais ce qui est mis post 7, tu supprime les cracks et tu relances usbfix option 2 pour la suppression puis tu poste e nouveau rapport de usbfix.

Discussions similaires

infection

Infection

problème infection ?

infection sur Windows 8.1 / Scan FRST ?

Discussions similaires

Newsletters