sans doute virsu worm bagle sous vista - Sécurité - Virus
Ceci répond-il à votre question ? Oui | Non
Se connecter | Inscription
 

Ajouter une réponse



 Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : sans doute virsu worm bagle sous vista
 
nyfani
Profil : IDNaute
Plus d'informations
n°299021
06-04-2008 à 16:52:32

bonjour à tous
j'ai depuis ce matin un petit soucis
après avoir essayé d'installer un logiciel que j'avais téléchargé sur Emule ( oui je sais c'est mal :s)
j'ai un un crash de mon pc et depuis:
- il ne repère plus le wifi de ma live box ( ms accepte de se connecter par le cable réseau par contre)
- j'ai un message d'erreur comme quoi 0x800106ba de windows défender n'arrvie pas à s'intaller
- mes antivirus et spyware ne fonctionnent plus et je n'arrive pas à les réinstaller ou à les lancer erreur type concernant le le fichier win 32


bref je crois que c'est biebn les symptomes du fameux ver

la seule chose que j'ai réussi à faire tourner c'est le fameux combofix
dont voici le rapport:

Citation :

ComboFix 08-04-04.1 - Fanny 2008-04-06 16:27:17.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2179 [GMT 2:00]
Endroit: C:\Users\Fanny\Desktop\Combo-Fix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\ban_list.txt
C:\Windows\system32\drivers\hldrrr.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\mdelk.exe
C:\Windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-06 to 2008-04-06 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier cr‚‚ dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-06 13:51 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-06 13:51 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-06 13:26 --------- d-----w C:\Program Files\Azureus
2008-04-06 12:33 --------- d-----w C:\Program Files\Magic Workstation
2008-04-06 10:29 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-06 09:36 --------- d-----w C:\ProgramData\NVIDIA
2008-04-06 09:32 27,335 ----a-w C:\Users\Fanny\AppData\Roaming\nvModes.dat
2008-04-04 09:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-04 08:57 --------- d-----w C:\ProgramData\PIXELA
2008-04-02 07:06 --------- d-----w C:\Program Files\World of Warcraft
2008-03-29 17:45 1,146,232 ----a-w C:\Windows\System32\aswBoot.exe
2008-03-29 17:35 20,560 ----a-w C:\Windows\system32\drivers\aswFsBlk.sys
2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-29 17:31 75,856 ----a-w C:\Windows\system32\drivers\aswSP.sys
2008-03-29 17:29 23,152 ----a-w C:\Windows\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\Windows\system32\drivers\aswTdi.sys
2008-03-29 17:23 95,608 ----a-w C:\Windows\System32\AvastSS.scr
2008-03-12 16:40 --------- d-----w C:\Program Files\Windows Mail
2008-03-08 10:29 --------- d-----w C:\ProgramData\Roxio
2008-03-08 10:10 --------- d-----w C:\Users\Fanny\AppData\Roaming\Azureus
2008-03-04 18:58 --------- d-----w C:\ProgramData\Azureus
2008-02-27 21:28 --------- d-----w C:\Program Files\Windows Live
2008-02-26 18:55 --------- d-----w C:\ProgramData\Dell
2008-02-21 18:20 --------- d-----w C:\Program Files\Turbine
2008-02-20 07:55 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-18 19:24 --------- d-----w C:\Program Files\QuickTime
2008-02-13 19:33 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 19:33 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 19:29 806,400 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 19:29 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 19:29 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 19:29 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 19:29 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 19:29 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 19:29 217,144 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 19:29 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 19:29 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 19:29 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 19:29 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-13 19:29 110,136 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 19:28 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 19:28 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 19:28 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 19:28 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 19:28 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 19:28 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 19:22 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 19:22 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 19:22 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 19:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-13 19:21 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2008-01-26 19:35 100 ----a-w C:\Users\Fanny\AppData\Roaming\wklnhst.dat
2008-01-15 20:08 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-01-15 20:08 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-01-15 20:08 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-01-15 20:08 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-01-15 20:08 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-01-15 20:08 299,008 ----a-w C:\Windows\System32\wlansec.dll
2008-01-15 20:08 289,280 ----a-w C:\Windows\System32\wlanmsm.dll
2008-01-15 20:08 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-01-15 20:08 2,923,520 ----a-w C:\Windows\explorer.exe
2008-01-15 20:08 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-01-15 18:49 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-01-15 18:49 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-01-15 18:49 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-01-15 18:49 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-01-15 18:48 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-01-15 18:48 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-01-15 18:48 33,624 ----a-w C:\Windows\System32\wups.dll
2008-01-15 18:47 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-01-15 18:47 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-01-11 08:34 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-01-11 08:34 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-01-11 08:34 229,888 ----a-w C:\Windows\System32\msshsq.dll
2008-01-11 08:34 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-01-11 08:34 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2008-01-11 08:33 750,080 ----a-w C:\Windows\System32\qmgr.dll
2008-01-11 08:31 974,336 ----a-w C:\Windows\System32\crypt32.dll
2008-01-11 08:31 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2008-01-11 08:31 633,856 ----a-w C:\Windows\System32\user32.dll
2008-01-11 08:31 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-01-11 08:28 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-01-11 08:28 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2008-01-11 08:28 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-01-11 08:28 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-01-11 08:28 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2008-01-11 08:26 98,304 ----a-w C:\Windows\System32\mssitlb.dll
2008-01-11 08:25 53,760 ----a-w C:\Windows\System32\Mcx2Svc.dll
2008-01-11 08:25 22,632 ----a-w C:\Windows\System32\streamci.dll
2008-01-11 08:25 160,872 ----a-w C:\Windows\System32\halmacpi.dll
2008-01-11 08:25 134,760 ----a-w C:\Windows\System32\halacpi.dll
2008-01-11 08:25 134,144 ----a-w C:\Windows\System32\rdpdd.dll
2008-01-11 00:43 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@={F2F31467-B1AC-4df0-AE79-FD5FA085E22B}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@={A3E208F7-0E3A-4182-A7A6-B169D5D691AA}

[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-03-28 21:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-03-28 21:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:34 2159104 C:\Windows\System32\oobefldr.dll]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 11:23 202544]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-11 10:27 1006264]
"ECenter"="C:\Dell\E-Center\EULALauncher.exe" [2007-05-25 08:03 17920]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-09-07 10:50 159744]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-08-28 07:51 36864]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-28 07:56 405504]
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-01-11 02:55 77824]
"PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [2007-03-28 21:23 49168]
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 18:43 118784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 15:00 174872]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37 81920]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22 221184]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 18:10 184320]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-01-11 03:15 1838592]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 11:24 16384]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 13:35 221184]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-04 22:24 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-04 22:24 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-10-04 22:24 81920]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-10-04 22:24 86016]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-04-06 16:04 79224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-17 21:04:04 113664]
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 19:55:50 703280]
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe [2007-09-07 18:27:08 1180952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
C:\Windows\system32\psqlpwd.dll 2007-03-28 21:46 90112 C:\Windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.lhacm"= lhacm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-256780048-1144662282-1260741898-1000]
"EnableNotificationsRef"=dword:00000004

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1882FADA-34BC-4628-B94B-D033AD205BAF}"= C:\Program Files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema
"{942E0CBC-D748-4CFE-BDA3-4FC5DA1180E1}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{B9DD49A7-6B97-47F3-9F76-36317672E49F}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{CB6A5EF1-9BA8-4E71-BC93-00424419E3E3}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{CE86784D-21F5-48AE-A54E-4526692ABFEB}"= UDP:C:\Users\Fanny\Downloads\WoW-frFR-Installer-downloader.exe:WoW-frFR-Installer-downloader
"{21BE3848-17B4-4F6D-A23B-D99CD6C9AE4E}"= TCP:C:\Users\Fanny\Downloads\WoW-frFR-Installer-downloader.exe:WoW-frFR-Installer-downloader
"{171EE57C-7418-4223-8116-83EFBFEFFB9B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{9E5B2367-B4F8-47A0-940D-B664E920530C}C:\\program files\\world of warcraft\\repair.exe"= UDP:C:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{225CFE1C-5ED4-4116-858F-263B30D59F15}C:\\program files\\world of warcraft\\repair.exe"= TCP:C:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"TCP Query User{E638AE48-17C3-48FD-85B3-75C8428B79BA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{5C36B6C6-D7A8-4B7D-A06B-B0CFE064F32B}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{22D19B92-972B-4407-8227-C4CCEF12E52D}"= UDP:4661:edk
"{31A87F83-38DE-40FC-9129-4F17CD34D9A1}"= UDP:24539:emule
"{F54B544E-099B-4416-9893-EA80866EA027}"= TCP:6632:emule udp
"TCP Query User{8002FFC4-0720-4E4C-97DD-71ED5AB132B0}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{E8AC3C63-73B4-4F90-A3BC-93E57D8C811E}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{74FFB3EB-63D4-44D9-ACE1-55E27BEDA7FE}C:\\program files\\turbine\\dungeons & dragons online - stormreach\\dndclient.exe"= UDP:C:\program files\turbine\dungeons & dragons online - stormreach\dndclient.exe:dndclient
"UDP Query User{AAA6E7DE-694F-42EF-AEC4-F00B719216DA}C:\\program files\\turbine\\dungeons & dragons online - stormreach\\dndclient.exe"= TCP:C:\program files\turbine\dungeons & dragons online - stormreach\dndclient.exe:dndclient
"TCP Query User{641CFBCD-E76B-4B97-B767-28288D00A639}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{36C0EEAC-BD94-4F67-ABBB-213129C7C184}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{AE0BB5DB-7688-4221-8099-7C5A9558F782}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{51111FCC-477F-4B64-B64E-82502511033B}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{3773E0DA-40BD-4718-9CC0-4BAF0D441057}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{4F87BE18-7131-4A43-82C9-F1FCED23BE46}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-09-28 07:56]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 11:23]
R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45]
R3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 03:37]
R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 01:13]
R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 01:13]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 17:03]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-28 07:51]
R3 TcUsb;TC USB Kernel Driver;C:\Windows\system32\Drivers\tcusb.sys [2007-03-28 21:15]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 10:51]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
S4 iaNvStor;Intel(R) Turbo Memory Controller;C:\Windows\system32\drivers\ianvstor.sys [2007-09-07 11:27]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2106f77e-c3d8-11dc-9f82-001e4cdc488c}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 16:35:58
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\STacSV.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\DllHost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-06 16:39:37 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-06 14:39:28
Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application.
.
2008-04-06 10:29:53 --- E O F ---



je n'arrive pas à faire plus
et j'ai peur que d'être connecté même pour poster ici soit dangereux
et bien sur sous vista je ne sais pas comment lancer le mode sans échec...

si vous pouviez m'aider ça serait super cool
merci d'avance

Liens

Angeldark
Profil : Helper
Plus d'informations
n°299037
06-04-2008 à 17:02:46

Bonjour,

Après passage de Combofix, c'est toujours pareil ?


---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF
nyfani
Profil : IDNaute
Plus d'informations
n°299122
06-04-2008 à 18:03:57

oui toujours pareil
impossible de lancer lance avast
j'aipas reessayé d'installer spybot j'ai tjs les même messages d'erreurs

nyfani
Profil : IDNaute
Plus d'informations
n°299124
06-04-2008 à 18:08:18

ah finalement j'ai réussi a lancer spybot
je fais le scan et je vous tiens au courant
merci encore pour vos réponses

nyfani
Profil : IDNaute
Plus d'informations
n°299140
06-04-2008 à 18:42:56

voici le rappor de spybot :

--- Search result list ---
Win32.Bagle.hi: [SBI $C58F5889] Service Système (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa

Win32.Bagle.hi: [SBI $0F412E05] Service Système (Clé du registre, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa


--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-04-06 TeaTimer.exe (3.44.0.0)
2008-04-06 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-04-02 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-04-02 Includes\DialerC.sbi (*)
2008-04-02 Includes\HeavyDuty.sbi (*)
2008-03-19 Includes\Hijackers.sbi (*)
2008-04-02 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-04-02 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-03-26 Includes\Malware.sbi (*)
2008-04-02 Includes\MalwareC.sbi (*)
2008-03-26 Includes\PUPS.sbi (*)
2008-04-02 Includes\PUPSC.sbi (*)
2008-04-02 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-04-02 Includes\SecurityC.sbi (*)
2008-04-02 Includes\Spybots.sbi (*)
2008-04-02 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-04-02 Includes\Trojans.sbi (*)
2008-04-02 Includes\TrojansC.sbi (*)
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6000) (6.0.6000)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB929729)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)


--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F

Located: HK_LM:Run, Apoint
command: C:\Program Files\DellTPad\Apoint.exe
file: C:\Program Files\DellTPad\Apoint.exe
size: 159744
MD5: 5EF24621ABCE6965E32A365CA613A544

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 79224
MD5: 43721AA65759332BD92041CB9CEAF0CB

Located: HK_LM:Run, DELL Webcam Manager
command: "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
file: C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
size: 118784
MD5: DAC9B43BBFA0359E252DDB0CB91DEA6D

Located: HK_LM:Run, dscactivate
command: "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
file: C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
size: 16384
MD5: 267B3A856E9F4DB1CABD4E6DB71E07D2

Located: HK_LM:Run, ECenter
command: C:\Dell\E-Center\EULALauncher.exe
file: C:\Dell\E-Center\EULALauncher.exe
size: 17920
MD5: D6B7814AA0D1412F0EA77845C0AF7B51

Located: HK_LM:Run, Google Desktop Search
command: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
file: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 1838592
MD5: 1C23CA2BEB4FA0A92B87164C35212B11

Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 174872
MD5: F371C6DF9A810EF2E6E4FA60ACBB5C33

Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: 9ABF687071C649609BF7E177062A9008

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: FF3BF05021BFECC92DB81B8257EEB026

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NVHotkey
command: rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NvSvc
command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, OEM02Mon.exe
command: C:\Windows\OEM02Mon.exe
file: C:\Windows\OEM02Mon.exe
size: 36864
MD5: 23242FD6C7D4C61807E84FD3A79248C4

Located: HK_LM:Run, PCMService
command: "C:\Program Files\Dell\MediaDirect\PCMService.exe"
file: C:\Program Files\Dell\MediaDirect\PCMService.exe
size: 184320
MD5: 8289C20BECBEA1348F7FF4D08F4C4F19

Located: HK_LM:Run, PSQLLauncher
command: "C:\Program Files\Protector Suite QL\launcher.exe" /startup
file: C:\Program Files\Protector Suite QL\launcher.exe
size: 49168
MD5: 6163A347F988E9C94C94ACB9818485DD

Located: HK_LM:Run, RoxWatchTray
command: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
file: C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
size: 221184
MD5: 1AAD451CCBECE62987591B35AE8037A8

Located: HK_LM:Run, SigmatelSysTrayApp
command: %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
file: C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
size: 405504
MD5: 485A4912B2D639694F836451A2B30435

Located: HK_LM:Run, SunJavaUpdateSched
command: "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
file: c:\Program Files\Java\jre1.6.0\bin\jusched.exe
size: 77824
MD5: 8F5E772B91A10AC97415B760FF21A94F

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1006264
MD5: 9AD9E2FB2811123DA13DE84CC154AB77

Located: HK_LM:Run, Windows Mobile Device Center
command: %windir%\WindowsMobile\wmdc.exe
file: C:\Windows\WindowsMobile\wmdc.exe
size: 648072
MD5: 96B3C4E20F02CA16AA1E3E425BFFCC8B

Located: HK_CU:Run, Sidebar
where: S-1-5-19...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-19...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, Sidebar
where: S-1-5-20...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-20...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, DellSupportCenter
where: S-1-5-21-256780048-1144662282-1260741898-1000...
command: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
file: C:\Program Files\Dell Support Center\bin\sprtcmd.exe
size: 202544
MD5: 852AB81EDE166A0B25046DD7F4CD3FFA

Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-256780048-1144662282-1260741898-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125440
MD5: 2E0953919779A44BF9DFB7B07C58535A

Located: HK_CU:Run, eMuleAutoStart
where: S-1-5-21-256780048-1144662282-1260741898-1000...
command: C:\Program Files\eMule\emule.exe -AutoStart
file: C:\Program Files\eMule\emule.exe
size: 5308416
MD5: 45D1648724123669962DBA211D2C64AA

Located: HK_CU:Run, MsnMsgr
where: S-1-5-21-256780048-1144662282-1260741898-1000...
command: "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
size: 5724184
MD5: 97384875B6D03831B2D1820AB8952F67

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-256780048-1144662282-1260741898-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 688128
MD5: 919E6D451E1B409B1A2962CCAFAB6EAB

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-21-256780048-1144662282-1260741898-1000...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Démarrage (tous utilisateurs), Adobe Gamma Loader.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: C2FF17734176CD15221C10044EF0BA1A

Located: Démarrage (tous utilisateurs), BTTray.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
file: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 703280
MD5: 3FAC23D4B003C1BF7A8F355CF3A504B6

Located: Démarrage (tous utilisateurs), QuickSet.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Dell\QuickSet\quickset.exe
file: C:\Program Files\Dell\QuickSet\quickset.exe
size: 1180952
MD5: 9CEC7BEA826BA4F01AC93D51E3F2B221

Located: WinLogon, psfus
command: C:\Windows\system32\psqlpwd.dll
file: C:\Windows\system32\psqlpwd.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: c:\Program Files\Java\jre1.6.0\bin\
Long name: ssv.dll
Short name:
Date (created): 11/01/2008 02:55:24
Date (last access): 11/01/2008 02:55:24
Date (last write): 11/01/2008 02:55:24
Filesize: 501384
Attributes: archive
MD5: C647547F1BB66FA0BE237CAFC49EA5F9
CRC32: C4215F57
Version: 6.0.0.104

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 20/09/2007 11:30:18
Date (last access): 15/01/2008 22:58:24
Date (last write): 20/09/2007 11:30:18
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar1.dll
Short name: GOOGLE~1.DLL
Date (created): 11/01/2008 03:14:58
Date (last access): 11/01/2008 03:14:58
Date (last write): 11/01/2008 03:14:58
Filesize: 2583352
Attributes: readonly archive
MD5: 1CC10053E1FAA2C68428D9CE43B32245
CRC32: D83E78AD
Version: 4.0.1602.12068

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\
Long name: swg.dll
Short name:
Date (created): 11/01/2008 03:15:00
Date (last access): 11/01/2008 03:15:00
Date (last write): 11/01/2008 03:15:00
Filesize: 325048
Attributes: archive
MD5: 1DC47CA76A0FFEAA25B45DE5706F2115
CRC32: E2052360
Version: 2.0.301.7164

{CA6319C0-31B7-401E-A518-A07C3DB8F777} (Browser Address Error Redirector)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Browser Address Error Redirector
CLSID name: CBrowserHelperObject Object
Path: C:\Program Files\Dell\BAE\
Long name: BAE.dll
Short name:
Date (created): 09/11/2006 11:56:48
Date (last access): 11/01/2008 03:14:58
Date (last write): 09/11/2006 11:56:48
Filesize: 98304
Attributes: archive
MD5: 1A4F60EF6DA38621F1091B0CB0FA2C09
CRC32: 54D81822
Version: 1.2.0.3



--- ActiveX list ---
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control)
DPF name:
CLSID name: QuickTime Plugin Control
Installer: C:\Windows\Downloaded Program Files\QTPlugin.inf
Codebase: http://appldnld.apple.com.edgesuit [...] plugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name:
Date (created): 18/02/2008 21:24:12
Date (last access): 18/02/2008 21:24:12
Date (last write): 18/02/2008 21:24:12
Filesize: 750896
Attributes: archive
MD5: 02D754B790F277B5B088B5FBE2692908
CRC32: AE2617C3
Version: 7.4.1.14

{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\Windows\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/down [...] ontrol.cab
Path: C:\Windows\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 20/03/2008 18:06:36
Date (last access): 20/03/2008 18:06:36
Date (last write): 20/03/2008 18:06:36
Filesize: 1480232
Attributes: archive
MD5: E058C4821D48E0A67F6069CB50818D44
CRC32: 3513AE02
Version: 1.7.69.2

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/j [...] s-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: c:\Program Files\Java\jre1.6.0\bin\
Long name: npjpi160.dll
Short name:
Date (created): 11/01/2008 02:55:24
Date (last access): 11/01/2008 02:55:24
Date (last write): 11/01/2008 02:55:24
Filesize: 132744
Attributes: archive
MD5: A0F84B2A1901E47A625FE6E68EF4053E
CRC32: 46A49529
Version: 6.0.0.104

{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/j [...] s-i586.cab
Path: c:\Program Files\Java\jre1.6.0\bin\
Long name: npjpi160.dll
Short name:
Date (created): 11/01/2008 02:55:24
Date (last access): 11/01/2008 02:55:24
Date (last write): 11/01/2008 02:55:24
Filesize: 132744
Attributes: archive
MD5: A0F84B2A1901E47A625FE6E68EF4053E
CRC32: 46A49529
Version: 6.0.0.104

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/j [...] s-i586.cab
Path: c:\Program Files\Java\jre1.6.0\bin\
Long name: npjpi160.dll
Short name:
Date (created): 11/01/2008 02:55:24
Date (last access): 11/01/2008 02:55:24
Date (last write): 11/01/2008 02:55:24
Filesize: 132744
Attributes: archive
MD5: A0F84B2A1901E47A625FE6E68EF4053E
CRC32: 46A49529
Version: 6.0.0.104



--- Process list ---
PID: 2064 (1032) C:\Windows\system32\Dwm.exe
size: 83456
MD5: E87B968F3D49117445893EB0503FE34F
PID: 2156 ( 892) C:\Windows\Explorer.EXE
size: 2923520
MD5: 6D06CD98D954FE87FB2DB8108793B399
PID: 2544 (2156) C:\Program Files\DellTPad\Apoint.exe
size: 159744
MD5: 5EF24621ABCE6965E32A365CA613A544
PID: 2552 (2156) C:\Windows\OEM02Mon.exe
size: 36864
MD5: 23242FD6C7D4C61807E84FD3A79248C4
PID: 2564 (2156) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
size: 405504
MD5: 485A4912B2D639694F836451A2B30435
PID: 2576 (2156) C:\Windows\WindowsMobile\wmdc.exe
size: 648072
MD5: 96B3C4E20F02CA16AA1E3E425BFFCC8B
PID: 2584 (2156) C:\Program Files\Java\jre1.6.0\bin\jusched.exe
size: 77824
MD5: 8F5E772B91A10AC97415B760FF21A94F
PID: 2636 (2156) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 174872
MD5: F371C6DF9A810EF2E6E4FA60ACBB5C33
PID: 2656 (2156) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: FF3BF05021BFECC92DB81B8257EEB026
PID: 2664 (2156) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
size: 221184
MD5: 1AAD451CCBECE62987591B35AE8037A8
PID: 2672 (2156) C:\Program Files\Dell\MediaDirect\PCMService.exe
size: 184320
MD5: 8289C20BECBEA1348F7FF4D08F4C4F19
PID: 2684 (2156) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 1838592
MD5: 1C23CA2BEB4FA0A92B87164C35212B11
PID: 2852 (2156) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 2860 (2156) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 2908 (2808) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 2948 (2156) C:\Windows\ehome\ehtray.exe
size: 125440
MD5: 2E0953919779A44BF9DFB7B07C58535A
PID: 2992 (2156) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
size: 202544
MD5: 852AB81EDE166A0B25046DD7F4CD3FFA
PID: 3016 (2156) C:\Program Files\eMule\emule.exe
size: 5308416
MD5: 45D1648724123669962DBA211D2C64AA
PID: 3048 (2156) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 703280
MD5: 3FAC23D4B003C1BF7A8F355CF3A504B6
PID: 3060 (2156) C:\Program Files\Dell\QuickSet\quickset.exe
size: 1180952
MD5: 9CEC7BEA826BA4F01AC93D51E3F2B221
PID: 3492 (2544) C:\Program Files\DellTPad\ApMsgFwd.exe
size: 50736
MD5: 42370C1DE2B83844B253478DB8A907D5
PID: 3616 ( 884) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 693E4C15CEE5D6487D7913A2701B5E40
PID: 3984 (1044) C:\Windows\system32\taskeng.exe
size: 166400
MD5: 1226E9FAE5B8508801EC974E3C9D9C14
PID: 2216 (2684) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 1838592
MD5: 1C23CA2BEB4FA0A92B87164C35212B11
PID: 1212 (2592) C:\Program Files\Protector Suite QL\psqltray.exe
size: 53776
MD5: 90FFD1796BB4DD45825FE7A9E9FFF0F7
PID: 1116 ( 884) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
size: 1583920
MD5: 651F4BDAAA7D657D001DD86793CE8BEE
PID: 2764 (2896) C:\Program Files\DellTPad\Apntex.exe
size: 49152
MD5: 8D78BE3690DB07A2FD03D2A6B61E3DCD
PID: 2384 (2544) C:\Program Files\DellTPad\HidFind.exe
size: 40960
MD5: C574C551637734B13278898FE2D12D15
PID: 4404 (2664) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
size: 10752
MD5: C551D15D5D0F875D7BF0BC4FBB6EB2D9
PID: 5144 (2156) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 9143C721DD6482374EFB35BC35944324
PID: 5452 ( 884) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
size: 118336
MD5: 7FA0AA2F3DABA5BEB2C4AC1EEC054EFA
PID: 2344 (5164) C:\Windows\system32\conime.exe
size: 68608
MD5: 05CB3DA78A4BBD9B799A5957F9D101CC
PID: 5652 (2156) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 488 ( 4) smss.exe
size: 62976
PID: 552 ( 540) csrss.exe
size: 7680
PID: 616 ( 540) wininit.exe
size: 95744
PID: 628 ( 608) csrss.exe
size: 7680
PID: 660 ( 616) services.exe
size: 279552
PID: 672 ( 616) lsass.exe
size: 7680
PID: 680 ( 616) lsm.exe
size: 210944
PID: 808 ( 608) winlogon.exe
size: 308224
PID: 884 ( 660) svchost.exe
size: 22016
PID: 944 ( 660) svchost.exe
size: 22016
PID: 988 ( 660) svchost.exe
size: 22016
PID: 1032 ( 660) svchost.exe
size: 22016
PID: 1044 ( 660) svchost.exe
size: 22016
PID: 1188 ( 988) audiodg.exe
size: 88064
PID: 1256 ( 660) SLsvc.exe
size: 2605568
PID: 1292 ( 660) svchost.exe
size: 22016
PID: 1424 (1116) upeksvr.exe
PID: 1520 ( 660) svchost.exe
size: 22016
PID: 1828 ( 660) spoolsv.exe
size: 124928
PID: 1856 ( 660) svchost.exe
size: 22016
PID: 1608 ( 660) AEstSrv.exe
size: 73728
PID: 1544 ( 660) svchost.exe
size: 22016
PID: 1880 ( 660) IAANTmon.exe
PID: 1940 ( 660) MDM.EXE
PID: 1908 ( 660) svchost.exe
size: 22016
PID: 776 ( 660) RoxWatch9.exe
PID: 2172 ( 660) sprtsvc.exe
PID: 2188 ( 660) stacsv.exe
size: 102400
PID: 3084 ( 660) svchost.exe
size: 22016
PID: 3120 ( 660) svchost.exe
size: 22016
PID: 3144 ( 660) svchost.exe
size: 22016
PID: 3236 ( 660) SearchIndexer.exe
size: 287744
PID: 3556 ( 660) RoxMediaDB9.exe
PID: 3660 (1044) taskeng.exe
size: 166400
PID: 3704 ( 660) svchost.exe
size: 22016
PID: 3712 ( 884) WmiPrvSE.exe
PID: 5932 ( 660) usnsvc.exe
PID: 4696 ( 660) SDWinSec.exe
PID: 4900 ( 660) svchost.exe
size: 22016


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 06/04/2008 18:42:00

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/red [...] r=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://les-pieds-geles.xooit.com/index.php
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1 [...] chasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1 [...] chcust.htm


--- Winsock Layered Service Provider list ---
Namespace Provider 3: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 4: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 5: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:



--- Uninstall list ---
(AddressBook)

Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Advanced Audio FX Engine (Advanced Audio FX Engine)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x40c /remove

Advanced Video FX Engine (Advanced Video FX Engine)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x40c /remove

avast! Antivirus 4.8 (avast!)
version (major): 4
version (minor): 8
install location: C:\PROGRA~1\ALWILS~1\Avast4
install source: C:\Users\Fanny\DOWNLO~1
uninstall cmd: C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
publisher: Alwil Software
help link: http://www.avast.com

(Connection Manager)

Laptop Integrated Webcam Driver (1.04.01.1011) (Creative OEM002)
uninstall cmd: C:\Windows\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt -langid 0x040C

Dell Webcam Center (Dell Webcam Center)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x40c /remove

Dell Webcam Manager (Dell Webcam Manager)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x40c /remove

(DirectDrawEx)

DVD Shrink 3.2 (DVD Shrink_is1)
install location: C:\Program Files\DVD Shrink\
uninstall cmd: "C:\Program Files\DVD Shrink\unins000.exe"
publisher: DVD Shrink
help link: http://www.dvdshrink.org

(DXM_Runtime)

eMule (eMule)
uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

(Fontcore)

Google Desktop - (Google Desktop)
uninstall cmd: C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
publisher: Google
help link: http://desktop.google.com/help.html?hl=fr

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

Microsoft .NET Framework 1.1 Hotfix (KB929729) (M929729)
uninstall cmd: "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\Windows\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(MobileOptionPack)

(MPlayer2)

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI

(SchedulingAgent)

9.0.115.0 (ShockwaveFlash)

TeamSpeak 2 RC2 2.0.32.60 (Teamspeak 2 RC2_is1)
uninstall cmd: "C:\Program Files\Teamspeak2_RC2\unins000.exe"
publisher: Dominating Bytes Design
help link: http://www.teamspeak.org

VideoLAN VLC media player 0.8.6d 0.8.6d (VLC media player)
uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN Team

World of Warcraft (World of Warcraft)
uninstall cmd: C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

Wow Cartographe 1.07 1.07 (Wow Cartographe)
uninstall cmd: C:\Program Files\WowCartographe\uninst.exe

Zuma Deluxe RA (Zuma Deluxe RA)
uninstall cmd: C:\PROGRA~1\ZUMADE~1\UNWISE.EXE C:\PROGRA~1\ZUMADE~1\INSTALL.LOG

Roxio Creator Tools 3.3.0 ({0394CDC8-FABD-4ed8-B104-03393876DFDF})
version: 50528256
version (major): 3
version (minor): 3
install date: 20080111
uninstall cmd: MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
publisher: Roxio

Roxio Creator Data 3.3.0 ({0D397393-9B50-4c52-84D5-77E344289F87})
version: 50528256
version (major): 3
version (minor): 3
install date: 20080111
uninstall cmd: MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
publisher: Roxio

Live! Cam Avatar 1.0 ({1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995})
version: 16777216
install date: 20080111
install location: C:\Program Files\Creative\Creative Live! Cam\Live! Cam Avatar
install source: C:\DELL\ty104\Avatar\AVSetup.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x040c -removeonly /remove
publisher: Creative Technology Ltd.
help link: http://www.reallusion.com/contentstore/ctim/

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

Roxio Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
install date: 20080111
uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Roxio

Java(TM) SE Runtime Environment 6 1.6.0.0 ({3248F0A8-6813-11D6-A77B-00B0D0160000})
version: 17170432
version (major): 1
version (minor): 6
install date: 20080111
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: c:\Program Files\Java\jre1.6.0\README.txt

Sonic Activation Module 1.0 ({35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0})
version: 16777216
version (major): 1
install date: 20080111
uninstall cmd: MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
publisher: Sonic Solutions

Orange Preload 6.1.5.7 ({38496EC2-78B7-412A-9398-FC6B7DB8E182})
version: 100728837
version (major): 6
version (minor): 1
install date: 20080111
install location: C:\Program Files\Orange\GLOBAL\Sung\
uninstall cmd: MsiExec.exe /I{38496EC2-78B7-412A-9398-FC6B7DB8E182}
publisher: Orange
comments: Orange Preload (6.1.5.7)
was created Mon Aug 21 2006 at 9:38:17am.

Simple way to subscribe to your ISP
Packaged by Orange ().

SUPPORTED on On any Windows Computer.
contact: Orange
help link: http://www.orange.com/
readme: file:///C:\Program Files\MAKEMSI Package Documentation\Orange\Orange\KT6SETUP.hta

Guide de l'utilisateur ({5CD29180-A95E-11D3-A4EB-00C04F7BDB2C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"

({5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977})

Roxio Creator Copy 3.3.0 ({619CDD8A-14B6-43a1-AB6C-0F4EE48CE048})
version: 50528256
version (major): 3
version (minor): 3
install date: 20080111
uninstall cmd: MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
publisher: Roxio

Browser Address Error Redirector 1.00.0000 ({62230596-37E5-4618-A329-0D21F529A86F})
version: 16777216
version (major): 1
install date: 20080111
install location: C:\Program Files\Dell\BAE\
uninstall cmd: MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
publisher: Dell

Live! Cam Avatar Creator 4.6.0817.1 ({65D0C510-D7B6-4438-9FC8-E6B91115AB0D})
version: 67108864
install date: 20080111
install location: C:\Program Files\Creative\Creative Live! Cam\Live! Cam Avatar Creator
install source: C:\DELL\ty104\AvatarCr\AVCSetup.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x040c -removeonly /remove
publisher: Creative Technology Ltd.
help link: http://www.reallusion.com/contentstore/ctim/

Roxio Express Labeler 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA})
version: 33619968
version (major): 2
version (minor): 1
install date: 20080111
uninstall cmd: MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
publisher: Roxio

Microsoft Works 08.05.0822 ({6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C})
version: 134546230
version (major): 8
version (minor): 5
install date: 20080111
uninstall cmd: MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
publisher: Microsoft Corporation
comments: Microsoft Works 8.0 installation.
help link: http://go.microsoft.com/fwlink/?LinkId=6831
help telephone:

Roxio Creator Audio 3.3.0 ({83FFCFC7-88C6-41c6-8752-958A45325C82})
version: 50528256
version (major): 3
version (minor): 3
install date: 20080111
uninstall cmd: MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
publisher: Roxio

Roxio Creator BDAV Plugin 3.3.0 ({880AF49C-34F7-4285-A8AD-8F7A3D1C33DC})
version: 50528256
version (major): 3
version (minor): 3
install date: 20080111
uninstall cmd: MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
publisher: Roxio

1.00 ({88564CEF-20A5-4EF2-A05F-309F2EBA9B06})
version: 16777216
install location: C:\Program Files\Creative Live! Cam\AudioFX
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x40c

Microsoft Silverlight 1.0.30109.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
version: 16807325
version (major): 1
estimated size: 3214
install date: 20080406
install source: c:\temp\ext8202\
uninstall cmd: MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkID=91955

Microsoft Office Professional Edition 2003 11.0.8173.0 ({9011040C-6000-11D3-8CFE-0150048383C9})
version: 184557549
version (major): 11
estimated size: 922730
install date: 20080322
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

Gestionnaire pour appareils Windows Mobile 6.1.6965.0 ({904CCF62-818D-4675-BC76-D37EB399F917})
version: 100735797
version (major): 6
version (minor): 1
estimated size: 28165
install date: 20080111
install source: C:\Windows\WindowsMobile\
uninstall cmd: MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
publisher: Microsoft Corporation

Intel(R) Matrix Storage Manager ({9068B2BE-D93A-4C0A-861C-5E35E2C0E09E})
uninstall cmd: C:\Windows\System32\Imsmudlg.exe

Guide de mise en route Dell 1.00.0000 ({9954484F-6EE4-4040-94E3-4B380646F867})
version: 16777216
version (major): 1
install date: 20080111
install location: C:\Program Files\Dell\Dell Welcome\
uninstall cmd: MsiExec.exe /I{9954484F-6EE4-4040-94E3-4B380646F867}
publisher: Dell Inc.

OutlookAddinSetup 1.0.0 ({9BDEF074-020E-458D-ADC5-8FF68E0C9B56})
version: 16777216
version (major): 1
estimated size: 1005
install date: 20080111
install source: C:\dell\HX174\
uninstall cmd: MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}
publisher: CyberLink
contact: CyberLink

MediaDirect 4.7 ({9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745})
version: 67567616
install date: 20080111
install location: C:\Program Files\Dell\MediaDirect
install source: C:\dell\HX174\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\setup.exe -runfromtemp -l0x040c -cluninstall
publisher: Dell

Dell Touchpad 7.1.102.7 ({9F72EF8B-AEC9-4CA5-B483-143980AFD6FD})
uninstall cmd: C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
publisher: Alps Electric

WIDCOMM Bluetooth Software 6.0.1.3100 6.0.1.3100 ({A13E07E1-A423-44FB-9DEE-B24C75C1BAF2})
version: 100663297
version (major): 6
install date: 20080111
uninstall cmd: MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
publisher: Dell
help link: Support.Dell.com
help telephone:

1.00 ({A1A5BA3E-9ABF-4037-820B-6151022B8ACB})
version: 16777216
install location: C:\Program Files\Dell\Dell Webcam Center
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x40c

Protector Suite QL 5.6 5.6.2.3447 ({A2289997-10A3-48F2-AA03-99180D761661})
version: 84279298
version (major): 5
version (minor): 6
install date: 20080111
uninstall cmd: MsiExec.exe /I{A2289997-10A3-48F2-AA03-99180D761661}
publisher: UPEK Inc.
help link: http://www.upek.com/

Galerie de photos Windows Live 12.0.1329.0201 ({A70FA218-6598-4AC9-813D-63597C5DD068})
version: 201327921
version (major): 12
estimated size: 21137
install date: 20080227
install source: C:\Windows\SoftwareDistribution\Download\3a0ec7b3c737fb664542cf342f6fe212\img\
uninstall cmd: MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
publisher: Microsoft Corporation
help link: http://photogallery.live.com/

2.00 ({A82F10CB-18B5-4EAC-AEF2-FA49CD565626})
version: 33554432
install location: C:\Program Files\Creative\Shared Files
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c

Adobe Reader 8.1.2 - Français 8.1.2 ({AC76BA86-7AD7-1036-7B44-A81200000003})
version: 134283266
version (major): 8
version (minor): 1
estimated size: 101009
install date: 20080220
install source: C:\Users\Fanny\AppData\Local\Adobe\Updater5\Install\reader8rdr-fr_FR\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
publisher: Adobe Systems Incorporated
comments:
contact: Support clientèle
help link: http://www.adobe.fr/support/main.html
readme: [INSTALLDIR]Reader\Lisezmoi.htm

Assistant de connexion Windows Live 4.200.520.1 ({AFA4E5FD-ED70-4D92-99D0-162FD56DC986})
version: 80216584
version (major): 4
version (minor): 200
estimated size: 1333
install date: 20080115
install source: C:\Program Files\Common Files\WindowsLiveInstaller\MsiSources\
uninstall cmd: MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
publisher: Microsoft Corporation

Spybot - Search & Destroy 1.5.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20080406
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support

Windows Live Messenger 8.5.1302.1018 ({BADF6744-3787-48F6-B8C9-4C4995401D65})
version: 134546710
version (major): 8
version (minor): 5
estimated size: 31294
install date: 20080115
install source: C:\Program Files\Common Files\WindowsLiveInstaller\MsiSources\
uninstall cmd: MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
publisher: Microsoft Corporation

MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF})
version: 68429432
version (major): 4
version (minor): 20
estimated size: 1296
install date: 20080115
install source: c:\d6519ba0366bc29d069b8c043cae48\
uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/936181

QuickSet 8.2.17 ({C4972073-2BFE-475D-8441-564EA97DA161})
version: 134348817
version (major): 8
version (minor): 2
install date: 20080111
install location: C:\Program Files\Dell\QuickSet\