Heu...hélas oui
J'ai fait un essai en éteignant la machine. Après le démarrage je me suis connecté sur Internet via FF. Après quelques secondes j'ai un nouvel onglet qui s'est ouvert avec un site de jeu de casino : "http://fr.888.com"
Voici les deux rapports RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by guy at 2010-01-31 18:11:15
Microsoft Windows XP Professional Service Pack 2
System drive C: has 161 GB (74%) free of 218 GB
Total RAM: 1023 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:44, on 31/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\Programme\Eset\nod32kui.exe
C:\Programme\Comodo\Firewall\CPF.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Programme\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programme\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\PSIService.exe
C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Raxco\PerfectDisk10\PDEngine.exe
C:\PROGRAMME\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE
C:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRAMME\UTORRENT\UTORRENT.EXE
C:\Dokumente und Einstellungen\guy \Desktop\RSIT.exe
C:\Outils\guy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: t-com.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cabO16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) -
http://www.cyberlink.com/winxp/CheckDVD.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v ... 2325786494O17 - HKLM\System\CCS\Services\Tcpip\..\{388D20A8-304B-4C2B-A91F-D8D6F9095206}: NameServer = 217.0.43.161 217.0.43.177
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - T-Systems Enterprise Services GmbH - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programme\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: T-DSL Manager (TDslMgrService) - T-Systems - C:\Programme\T-DSL Manager\DslMgrSvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 6465 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for guy.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-28 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-28 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"nod32kui"=C:\Programme\Eset\nod32kui.exe [2006-11-05 917504]
"COMODO Firewall Pro"=C:\Programme\Comodo\Firewall\CPF.exe [2008-01-31 1115728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-06 8523776]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!CleanupNetMeetingDispDriver]
msconf.dll,CleanupNetMeetingDispDriver 0 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [2006-11-06 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cloneur Expert Monitor]
C:\Programme\Micro Application\Cloneur Expert\TrueImageMonitor.exe [2006-11-06 443116]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]
C:\WINDOWS\Dit.exe [2004-04-02 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe]
dxdllreg.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\East-Tec Eraser 2006]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\East-Tec Eraser 2009]
C:\Programme\East-Tec Eraser 2009\etsecureerase.exe [2009-07-08 1376928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Programme\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Programme\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InnoSetupRegFile.0000000001]
C:\WINDOWS\is-CGNQ7.exe [2009-12-05 696832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Programme\LogMeIn\x86\LogMeInSystray.exe [2007-09-12 63048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVCOMS.EXE [2002-12-10 127022]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-10 185344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2007-11-06 8523776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Programme\Spybot\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Programme\uTorrent\uTorrent.exe [2009-12-10 289584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]
C:\Dokumente und Einstellungen\guy\Startmenü\Programme\Autostart
Stardock ObjectDock.lnk - C:\Programme\Stardock\ObjectDock\ObjectDock.exe
t-com.lnk -
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe"="C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{503face7-da2e-11dd-9908-001109b33ea2}]
shell\AutoRun\command - Q:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fdf410d-4c6b-11d9-9fd4-806d6172696f}]
shell\AutoRun\command - hh start.chm
======List of files/folders created in the last 1 months======
2010-01-31 12:01:26 ----D---- C:\WINDOWS\BDOSCAN8
2010-01-31 11:41:29 ----DC---- C:\_OTM
2010-01-30 17:26:26 ----DC---- C:\rsit
2010-01-29 14:33:01 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\QuickScan
2010-01-29 05:14:03 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Adobe
2010-01-28 18:58:46 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
2010-01-28 18:58:43 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\java.exe
2010-01-27 18:11:26 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Real
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-01-26 17:26:15 ----D---- C:\Programme\Blu-ray to DVD Pro
2010-01-24 11:44:36 ----D---- C:\Programme\TomTom DesktopSuite
2010-01-24 10:28:22 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
2010-01-24 10:27:51 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\TomTom
2010-01-24 10:26:49 ----D---- C:\Programme\TomTom International B.V
2010-01-24 10:26:29 ----D---- C:\Programme\TomTom HOME 2
2010-01-23 11:36:19 ----D---- C:\Programme\DxO Labs
2010-01-23 06:34:49 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\DxO Labs
2010-01-23 06:31:27 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PACE Anti-Piracy
2010-01-23 06:31:27 ----D---- C:\Programme\Gemeinsame Dateien\PACE Anti-Piracy
2010-01-23 06:31:27 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\PACE Anti-Piracy
2010-01-06 16:04:17 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\FastStone
2010-01-06 16:03:32 ----D---- C:\Programme\FastStone Image Viewer
2010-01-06 12:21:29 ----D---- C:\Programme\Gemeinsame Dateien\PC Tools
======List of files/folders modified in the last 1 months======
2010-01-31 18:11:44 ----RD---- C:\Outils
2010-01-31 18:11:38 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\uTorrent
2010-01-31 18:10:43 ----D---- C:\WINDOWS\Temp
2010-01-31 18:07:21 ----D---- C:\Programme\Mozilla Thunderbird
2010-01-31 18:05:47 ----D---- C:\WINDOWS\Registration
2010-01-31 18:05:26 ----D---- C:\WINDOWS
2010-01-31 18:04:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-31 17:53:39 ----D---- C:\WINDOWS\Prefetch
2010-01-31 17:47:11 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-01-31 17:20:33 ----D---- C:\Programme\PhotoFiltre Studio X
2010-01-31 17:20:08 ----D---- C:\Programme\Raxco
2010-01-31 15:30:22 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-31 15:30:00 ----RSD---- C:\WINDOWS\assembly
2010-01-31 14:26:15 ----SHD---- C:\WINDOWS\Installer
2010-01-31 14:26:15 ----DC---- C:\Config.Msi
2010-01-31 12:50:20 ----SH---- C:\WINDOWS\S4A8F3FEE.tmp
2010-01-31 12:49:59 ----D---- C:\WINDOWS\VistaMizer
2010-01-31 12:49:59 ----D---- C:\WINDOWS\system32\drivers
2010-01-31 12:01:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-31 12:01:26 ----HD---- C:\WINDOWS\inf
2010-01-31 12:01:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-31 11:27:00 ----RSHC---- C:\boot.ini
2010-01-31 08:52:58 ----D---- C:\WINDOWS\Downloaded Installations
2010-01-31 07:35:07 ----D---- C:\Programme\Mozilla Firefox
2010-01-31 07:27:00 ----D---- C:\WINDOWS\system32\config
2010-01-31 07:18:27 ----ADC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-01-31 07:01:35 ----D---- C:\Programme\DivX
2010-01-31 06:54:18 ----RD---- C:\Programme
2010-01-30 11:58:49 ----A---- C:\WINDOWS\ChssBase.ini
2010-01-29 17:49:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-29 17:31:02 ----D---- C:\WINDOWS\Config
2010-01-29 15:43:44 ----AD---- C:\WINDOWS\system32
2010-01-29 08:23:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-01-29 06:32:00 ----D---- C:\Programme\LogMeIn
2010-01-28 19:20:52 ----A---- C:\WINDOWS\win.ini
2010-01-28 19:20:52 ----A---- C:\WINDOWS\system.ini
2010-01-28 19:07:09 ----D---- C:\Programme\Java
2010-01-28 18:58:43 ----D---- C:\Programme\Gemeinsame Dateien
2010-01-28 18:58:07 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-28 18:38:48 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS
2010-01-27 18:11:15 ----D---- C:\Programme\Radio Fr Solo
2010-01-27 18:05:44 ----D---- C:\Programme\Real Alternative
2010-01-27 17:37:47 ----A---- C:\WINDOWS\Radio_Fr.ini
2010-01-27 05:35:27 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-27 05:00:47 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DVD Shrink
2010-01-27 00:23:50 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Skype
2010-01-27 00:03:18 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\skypePM
2010-01-25 17:41:51 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\dvdcss
2010-01-24 20:40:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-24 14:00:21 ----RSD---- C:\WINDOWS\Fonts
2010-01-24 14:00:21 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2010-01-24 14:00:15 ----D---- C:\Programme\Microsoft Office
2010-01-24 14:00:05 ----D---- C:\Programme\MSECACHE
2010-01-24 07:47:16 ----ASDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2010-01-24 07:47:16 ----AD---- C:\Programme\Gemeinsame Dateien\System
2010-01-23 09:28:19 ----D---- C:\WINDOWS\I386
2010-01-23 09:25:24 ----SD---- C:\WINDOWS\Tasks
2010-01-23 08:54:16 ----D---- C:\WINDOWS\Driver Cache
2010-01-14 04:52:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-10 10:11:20 ----A---- C:\WINDOWS\Muxman.ini
2010-01-06 15:57:13 ----D---- C:\WINDOWS\WinSxS
2010-01-06 11:06:54 ----A---- C:\WINDOWS\wininit.ini
2010-01-06 07:47:26 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Corel
2010-01-04 18:19:37 ----D---- C:\Temp
2010-01-04 18:07:03 ----A---- C:\WINDOWS\MyDrivers.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-11-04 43488]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2008-01-31 75520]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Programme\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 lusbaudio;Logitech USB Microphone; C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 34816]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2009-06-08 71696]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Programme\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2006-11-06 28928]
R3 3xHybrid;Pinnacle PCTV 300i Stereo DVB-T; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-21 949888]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2002-10-29 40960]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-04-05 13872]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-04-26 135168]
R3 HidIr;Microsoft Infrarot-HID-Treiber; C:\WINDOWS\system32\DRIVERS\hidir.sys [2004-08-10 17024]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2004-08-10 46208]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-09-12 10144]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-06 7429088]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-11-07 47360]
R3 QCEmerald;Logitech QuickCam Web(PID_0850); C:\WINDOWS\system32\DRIVERS\LVCE.sys [2002-06-10 44544]
R3 TSMPacket;T-DSL Manager Service; C:\WINDOWS\system32\DRIVERS\tsmpkt.sys [2006-12-01 13184]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S2 WBUSB;Winbond Generic USB Controller; C:\WINDOWS\System32\Drivers\WBUSB.sys [2003-10-03 13356]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; C:\WINDOWS\system32\drivers\Ad-Watch Real-Time Scanner.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Registry Filter.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 hcwPP2;Hauppauge WinTV PVR PCI II (26xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2004-08-27 116736]
S3 HdAudAddService;Microsoft UAA-Funktionstreiber für den High Definition Audio-Dienst; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-09-18 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-09-18 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-09-18 21488]
S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\T-COM\DSLCheck\PCANDIS5.SYS []
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-05-01 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [2006-11-06 155648]
R2 CmdAgent;Comodo Application Agent; C:\Programme\Comodo\Firewall\cmdagent.exe [2008-01-31 361040]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-10-01 195584]
R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-01-28 153376]
R2 MBAMService;MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
R2 NOD32krn;NOD32 Kernel Service; C:\Programme\Eset\nod32krn.exe [2006-11-05 495616]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-06 155716]
R2 PDAgent;PDAgent; C:\Programme\Raxco\PerfectDisk10\PDAgent.exe [2009-07-23 931080]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 ScsiAccess;ScsiAccess; C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe [2009-10-12 181312]
R2 TomTomHOMEService;TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-08 604488]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
R3 PDEngine;PDEngine; C:\Programme\Raxco\PerfectDisk10\PDEngine.exe [2009-07-23 1033480]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 268800]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HotSpotFSvc;Hotspot Manager; C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe [2006-12-12 212992]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPodService;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2004-05-06 401408]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-09-18 65795]
S3 TDslMgrService;T-DSL Manager; C:\Programme\T-DSL Manager\DslMgrSvc.exe [2006-12-18 266240]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-08 361288]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S4 InCDsrv;InCD Helper; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Programme\LogMeIn\x86\RaMaint.exe [2009-09-28 116032]
S4 LogMeIn;LogMeIn; C:\Programme\LogMeIn\x86\LogMeIn.exe [2007-09-12 63040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-01-31 18:11:48
======Uninstall list======
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
-->C:\WINDOWS\system32\RunDll32.Exe C:\WINDOWS\system32\SetupAPI.Dll,InstallHinfSection DefaultUninstall.NTx86 4 C:\WINDOWS\INF\thdudf.Inf
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.44 beta-->"C:\Programme\7-Zip\Uninstall.exe"
AC3Filter (remove only)-->C:\Programme\AC3Filter\uninstall.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Agenda 2.4.2-->"C:\Programme\LedPC Application\Agenda\unins000.exe"
Ant Movie Catalog-->"C:\Programme\Ant Movie Catalog\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Autoplay Repair 2.2.2-->"C:\Programme\Autoplay Repair\uninstall.exe"
AVIcodec (remove only)-->"C:\Programme\AVIcodec\uninst.exe"
BadCopy Pro-->C:\PROGRA~1\Jufsoft\BadCopy\UNWISE.EXE C:\PROGRA~1\Jufsoft\BadCopy\INSTALL.LOG
Blu-ray to DVD Pro ver 2.32-->"C:\Programme\Blu-ray to DVD Pro\unins000.exe"
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
cdrLabel 7.1-->MsiExec.exe /I{279FC9F9-1872-4927-AB0E-A93154F7D339}
CloneDVD2-->"C:\Programme\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Programme\Elaborate Bytes\CloneDVD2"
Cloneur Expert-->C:\Programme\Micro Application\Cloneur Expert\uninstall.exe
C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
COMODO Firewall Pro-->C:\Programme\Comodo\Firewall\fwconfig.exe -uninstalln
ConvertXtoDVD 2.0.4-->"C:\Programme\vso\ConvertXtoDVD\unins000.exe"
CutePDF Writer 2.6-->C:\WINDOWS\system32\uninscpw.exe C:\Programme\
DivX
Audio Compressor 4.02-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivXAudioCompressor4.02.inf
DVD Decrypter (Remove Only)-->"C:\Programme\DVD Decrypter\uninstall.exe"
DVD Rebuilder-->"C:\Programme\DVD-RB PRO\unins000.exe"
DVD Shrink 3.2-->"C:\Programme\DVD Shrink\unins000.exe"
DVD slideshow GUI 0.9.1.0-->"C:\Programme\DVD slideshow GUI\unins000.exe"
DVDate (en Fançais)-->"C:\Programme\DVDate\unins000.exe"
DVD-lab PRO 2.2-->"C:\Programme\DVDlabPro2\unins000.exe"
DVDStyler v1.7.2-->"C:\Programme\DVDStyler\unins000.exe"
DxO Optics Pro 6-->MsiExec.exe /X{3B8F29EB-703C-4723-8CDE-4B2E5D695972}
East-Tec Eraser 2009 Version 9.5-->"C:\Programme\East-Tec Eraser 2009\unins000.exe"
Ecuador's AVI Bitrate Calculator 2.91 DX-->C:\WINDOWS\st6unst.exe -n "C:\Programme\AVICalc2\ST6UNST.LOG"
Einfache Internetanmeldung-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1031
Empty Temp Folders 2.8.3-->C:\Programme\Empty Temp Folders 2.8.3\uninstall.exe
FastStone Image Viewer 4.0-->C:\Programme\FastStone Image Viewer\uninst.exe
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Outils\HijackThis.exe" /uninstall
HP Image Zone 3.5-->C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 3.5-->"C:\Programme\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
Installation Windows Live-->C:\Programme\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
jv16 PowerTools 2009-->C:\Programme\jv16 PowerTools 2009\Uninstall.exe
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Logitech ImageStudio-->MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
LogMeIn-->MsiExec.exe /I{A83C6C34-3007-422A-9E56-A74996BCCDBD}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Classic fr-->"C:\Programme\Media Player Classic\uninstall.exe"
MediaInfo 0.7.3.1-->C:\Programme\MediaInfo\uninst.exe
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.6)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)-->C:\PROGRAMME\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyPhoneExplorer-->C:\Programme\MyPhoneExplorer\uninstall.exe
Nero 7-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NOD32 Antivirus System-->C:\Programme\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v1.9-->"C:\Programme\Eset\unins000.exe"
Norton PartitionMagic 8.0-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
ObjectDock Plus-->C:\PROGRA~1\Stardock\OBJECT~1\objectdock.exe /uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panda ActiveScan 2.0-->C:\Programme\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda TotalScan-->C:\Programme\Panda Security\TotalScan\ascuninst.exe
PerfectDisk 10 Professional-->MsiExec.exe /I{7B738CD9-D107-48C7-8E65-2E6639A39C8D}
Photodex Presenter-->C:\Programme\Photodex Presenter\uninst.exe
ProShow Producer-->C:\Programme\Photodex\ProShowProducer\uninst.exe
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
QuickTime Alternative 1.69-->"C:\Programme\QuickTime Alternative\unins000.exe"
Radio Fr Solo 2.1-->C:\Programme\Radio Fr Solo\Uninstall.exe
Real Alternative 2.0.1-->"C:\Programme\Real Alternative\unins000.exe"
Real-Draw PRO 4.0-->"C:\Programme\RealDrawPRO4\unins000.exe"
Ri4m v5.0.1d-->C:\Programme\Ripp-it_AM\Ri4m_Uninstal.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareaza 2.3.1.0-->"C:\Programme\Shareaza\Uninstall\unins000.exe"
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Programme\Spybot\Spybot - Search & Destroy\unins000.exe"
T-DSL Manager-->MsiExec.exe /I{13D3FE3C-C175-4BA3-9483-5BB01B502F19}
Time Adjuster v2.9 (STANDARD)-->C:\Programme\TimeAdjuster\uninstall.exe
TMPGEnc 4.0 XPress-->MsiExec.exe /I{ED80F174-B621-4B8F-BBB9-3E031A59555A}
TomTom HOME 2.7.3.1894-->C:\Programme\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Torrent Harvester-->C:\Programme\Torrent Harvester\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Ultra MKV Converter 3.2.1025-->"C:\Programme\Ultra MKV Converter\unins000.exe"
UltraISO Premium V9.32-->"C:\Programme\UltraISO\unins000.exe"
Uniblue RegistryBooster 2010-->"C:\Programme\Uniblue\RegistryBooster\unins000.exe"
VistaMizer 3.3.0.0-->C:\WINDOWS\VistaMizer\Uninstall.exe
Winamp (remove only)-->"C:\Programme\Winamp\UninstWA.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
XviD MPEG-4 Video Codec-->C:\Programme\XviD\unins000.exe
Your Uninstaller! 2008 Version 6.0-->"C:\Programme\Your Uninstaller 2008\unins000.exe"
======Hosts File======
======Security center information======
AV: NOD32 Antivirus System 2.50
FW: COMODO Firewall Pro
======System event log======
Computer Name: GUY
Event Code: 19
Message: Installation erfolgreich: Das folgende Update wurde installiert. Update für Windows XP (KB973687)
Record Number: 11369
Source Name: Windows Update Agent
Time Written: 20091125051658.000000+060
Event Type: Informationen
User:
Computer Name: GUY
Event Code: 4377
Message: Windows XP, Hotfix KB973687 wurde installiert.
Record Number: 11368
Source Name: NtServicePack
Time Written: 20091125051653.000000+060
Event Type: Informationen
User: GUY\guy
Computer Name: GUY
Event Code: 35
Message: Der Zeitdienst synchronisiert die Systemzeit mit folgender
Zeitquelle: time.windows.com (ntp.m|0x1|84.154.117.130:123->207.46.232.182:123).
Record Number: 11367
Source Name: W32Time
Time Written: 20091125045331.000000+060
Event Type: Informationen
User:
Computer Name: GUY
Event Code: 20158
Message: Der Benutzer "0003187818665200734520850001@t-online.de" hat eine Verbindung mit "t-com" hergestellt, unter Verwendung des Geräts "PPPoE7-0".
Record Number: 11366
Source Name: RemoteAccess
Time Written: 20091125045321.000000+060
Event Type: Informationen
User:
Computer Name: GUY
Event Code: 20159
Message: Die Verbindung mit "t-com", hergestellt durch den Benutzer "0003187818665200734520850001@t-online.de" unter Verwendung des Geräts "PPPoE7-0", wurde getrennt.
Record Number: 11365
Source Name: RemoteAccess
Time Written: 20091125045309.000000+060
Event Type: Informationen
User:
=====Application event log=====
Computer Name: GUY
Event Code: 1516
Message: Die Registrierung des Benutzers GUY\LogMeInRemoteUser wurde entladen, nachdem eine Benachrichtigung empfangen wurde, das keine Anwendungen bzw. Dienste dieses Profil verwenden.
Record Number: 703
Source Name: Userenv
Time Written: 20091107114425.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: GUY
Event Code: 105
Message: User GUY\LogMeInRemoteUser has logged out from IP address 77.4.66.229.
Record Number: 702
Source Name: LogMeIn
Time Written: 20091107114425.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: GUY
Event Code: 1517
Message: Die Registrierung des Benutzers "GUY\LogMeInRemoteUser" wurde gespeichert, obwohl eine Anwendung oder ein Dienst auf die Registrierung während der Abmeldung zugegriffen hat. Der von der Registrierung des Benutzers verwendete Speicher wurde nicht freigegeben. Der Upload der Registrierung wird durchgeführt, wenn diese nicht mehr verwendet wird.
Dies wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie diese so zu Konfigurieren, dass sie unter den Konten "Lokaler Dienst" oder "Netzwerkdienst" ausgeführt werden.
Record Number: 701
Source Name: Userenv
Time Written: 20091107114425.000000+060
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM
Computer Name: GUY
Event Code: 205
Message: User GUY\LogMeInRemoteUser from IP address 77.4.66.229 ended a Remote Control session.
Record Number: 700
Source Name: LogMeIn
Time Written: 20091107114424.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: GUY
Event Code: 202
Message: Remote Control session started for user GUY\LogMeInRemoteUser from IP address 77.4.66.229. The interactive user (if present) has not been asked for a confirmation.
Record Number: 699
Source Name: LogMeIn
Time Written: 20091107110457.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0304
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------