Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected by root kit


  • This topic is locked This topic is locked
3 replies to this topic

#1 mkache5a

mkache5a

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 16 January 2012 - 09:50 AM

hello
please can you help me ,
combofix can't execute and get me a message: combofix has detect a rootkit and must rerun computer,after rerunning computer the monitor is blue.
think you for helping me

BC AdBot (Login to Remove)

 


#2 mkache5a

mkache5a
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 16 January 2012 - 10:17 AM

im running otl :

OTL Extras logfile created on: 16/01/2012 16:06:29 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\bouallagui\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,21 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 77,76% Memory free
6,62 Gb Paging File | 6,11 Gb Available in Paging File | 92,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,69 Gb Total Space | 139,08 Gb Free Space | 48,68% Space Free | Partition Type: NTFS
Drive D: | 6,94 Gb Total Space | 2,87 Gb Free Space | 41,34% Space Free | Partition Type: NTFS

Computer Name: BOUALLAGUI-PC | User Name: bouallagui | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D63B4A-CBF4-409D-A448-2B42AD8B1E89}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{12BE7DA5-1545-4C61-86C0-92EBB25EE77D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{3F526EAC-DD47-4830-A7A1-745EC6286AB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{55D2B5DA-CD3D-4D63-AA88-F30986CDD34E}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{5894EAF6-E6CF-479F-B060-60EDEB6DD324}" = lport=2869 | protocol=6 | dir=in | app=system |
"{749C0CE5-6A2F-4AC3-88BD-871402240768}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{27C79EE0-0C48-416E-B8B9-885C648224EA}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2AFCEE2F-A481-4816-808F-671515927F1B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{35039009-2F2B-4F52-A5CD-7EBA4BCE8806}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{48BECFD7-E47D-4ED6-ACA8-C5A08765E379}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{61EEB655-9F71-4CA6-B5C7-EA3D4EAE23BF}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{84D4D055-D7B3-45EC-B3CF-C70B0934EAC6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{85E2AB8C-50F9-4913-A8AA-4DAD541DFB0A}" = dir=in | app=c:\users\bouallagui\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{A15F498F-EEB1-4C07-A073-238448EF2AAD}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{DF6DCB54-BD56-4374-973A-CC6B92B233BF}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{E87DF354-0A4B-4C92-AE93-FCC1D85EC661}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB6D50AB-9689-43FA-B6F7-0B79D37C7541}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F66F0ABE-252F-4367-A9F2-278EA3E265CC}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"TCP Query User{12B09107-D297-4F5A-94BF-BCCC22DA5DFF}C:\users\bouallagui\appdata\local\temp\rar$ex00.298\dreamup1\1-dreamup_1.1.0.0.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex00.298\dreamup1\1-dreamup_1.1.0.0.exe |
"TCP Query User{144D086B-74C5-44CC-B23D-3E246779BF03}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{1BCF11A5-F69D-451E-BE3B-4276F1A5EFFB}C:\users\bouallagui\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{27B618AB-FBEC-4C82-8DD2-1746003AD5B0}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{4B5DC84C-894D-4B91-B25B-E222CBB5B23E}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{4E4615D7-408A-4F7E-AA15-55C3404CA97E}C:\users\bouallagui\appdata\local\temp\rar$ex50.388\dreamup1\0-dreamup_1.1.0.0.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex50.388\dreamup1\0-dreamup_1.1.0.0.exe |
"TCP Query User{4F6AFC5F-B69E-425E-AF3B-F7FE1988B9E4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{6EE01A38-003C-448B-9E42-BD19F2A78B55}C:\users\bouallagui\appdata\local\temp\rar$ex28.443\dreamup1\0-dreamup_1.1.0.0.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex28.443\dreamup1\0-dreamup_1.1.0.0.exe |
"TCP Query User{98D62ABE-9A0E-4340-822C-CFB3412353E6}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{9BD7C3BC-2848-491A-8899-AD6AEBB6C7F7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{A1512623-70A2-4610-A944-D43FE156DDCD}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A6D88907-7541-45C7-864D-4C88E743A80E}C:\users\bouallagui\appdata\local\temp\rar$ex02.858\dreamup1\0-dreamup_1.1.0.0.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex02.858\dreamup1\0-dreamup_1.1.0.0.exe |
"TCP Query User{C10854AA-62F4-4BD7-A1B9-2CE159CD60F1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{F7A12389-0FF0-4FE3-81E8-3C663C2390AB}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{F97DBD2C-7B47-40D9-A8A9-EEDC2570FA8F}C:\users\bouallagui\downloads\dreambox control center_v2.95\dcc.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\downloads\dreambox control center_v2.95\dcc.exe |
"TCP Query User{FEE8E2AB-8343-4171-BA78-0ABD6EFD655F}C:\users\bouallagui\appdata\local\temp\rar$ex00.696\dreamup1\1-dreamup_1.1.0.0.exe" = protocol=6 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex00.696\dreamup1\1-dreamup_1.1.0.0.exe |
"UDP Query User{2B81F4FE-E5B4-4593-A0F4-2EEE8E21F4F0}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{386A3336-A865-4E80-89EB-89885BB3FAB7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{3E08EABA-D5CF-4267-B5DB-6BECEA655D5D}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{459FB3BF-3344-48BE-B6D3-545C648AE27B}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{47E5D591-4205-4517-A643-49378C2C4533}C:\users\bouallagui\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{76D735E0-D4DC-492C-B72D-BC0E0388F3E6}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{930E3745-0D73-4C2D-93AF-562C3F2BD6EF}C:\users\bouallagui\appdata\local\temp\rar$ex02.858\dreamup1\0-dreamup_1.1.0.0.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex02.858\dreamup1\0-dreamup_1.1.0.0.exe |
"UDP Query User{9725079A-B650-416A-9CC9-848A9883FE93}C:\users\bouallagui\appdata\local\temp\rar$ex00.696\dreamup1\1-dreamup_1.1.0.0.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex00.696\dreamup1\1-dreamup_1.1.0.0.exe |
"UDP Query User{9C30C433-2556-4A1A-91DC-084A5BBD9F65}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{A21A5ED5-2E40-4457-89E1-F55F84E21442}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{A6BB06B0-1542-4678-924F-16973629531A}C:\users\bouallagui\appdata\local\temp\rar$ex00.298\dreamup1\1-dreamup_1.1.0.0.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex00.298\dreamup1\1-dreamup_1.1.0.0.exe |
"UDP Query User{A6FE8E98-B157-4A40-AF2B-E510F50B207E}C:\users\bouallagui\appdata\local\temp\rar$ex28.443\dreamup1\0-dreamup_1.1.0.0.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex28.443\dreamup1\0-dreamup_1.1.0.0.exe |
"UDP Query User{AD35D989-5941-4132-B14B-EB875572DD1B}C:\users\bouallagui\appdata\local\temp\rar$ex50.388\dreamup1\0-dreamup_1.1.0.0.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\appdata\local\temp\rar$ex50.388\dreamup1\0-dreamup_1.1.0.0.exe |
"UDP Query User{BE616B93-FE3B-4564-9BC9-EB056D33869A}C:\users\bouallagui\downloads\dreambox control center_v2.95\dcc.exe" = protocol=17 | dir=in | app=c:\users\bouallagui\downloads\dreambox control center_v2.95\dcc.exe |
"UDP Query User{D2F2496B-6F5E-4304-926E-7F713D0A1BBA}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{DBD8E7FE-E893-448B-8E3C-2F4C016419C1}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}" = Microsoft SQL Server System CLR Types
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2232AD-DE65-4E31-830F-789B08A9D069}" = DisplayLink Graphics
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0F24FB28-F84E-395C-8BB1-95AE47994485}" = Microsoft Visual C++ 2010 Express - FRA
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F25F81F-AFC4-4A38-9CD0-7F321BFDEDBC}" = Microsoft SQL Server VSS Writer
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23D448C7-7DC7-4C15-B47D-C99364501F07}" = Microsoft SQL Server 2008 Database Engine Services
"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{32A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java™ SE Development Kit 6 Update 22
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java™ SE Development Kit 6 Update 23
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{348CEF9D-95C7-4CA1-89ED-174900821CB4}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - FRA
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3BA7E387-9401-3371-9464-5E224D243FC5}" = Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FD4B9B7-9F73-4753-967C-B909929EAD60}" = Microsoft Sync Framework SDK v1.0 SP1 fr
"{3FF37A38-3781-493E-8EBF-BB143C843796}" = Microsoft Silverlight 3 SDK - Français
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41A01180-D9FD-3428-9FD6-749F4C637CBF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}" = Microsoft SQL Server 2008 Browser
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4947948E-4188-4DB5-9358-10240A122071}" = Fichiers de support d'installation de Microsoft SQL Server 2008
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4EE72E74-53A6-4E82-905E-C2D19311287E}" = Microsoft ASP.NET MVC 2 - FRA
"{51DE0B73-7A33-41B8-9183-8321D40815E0}" = Microsoft SQL Server 2008 Common Files
"{544DB849-AB59-4C12-A333-2F214E24870F}" = Commandos Strike Force
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5F907BE8-0033-31EA-B83F-18405837AA8F}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{76B91CF8-2A5C-3BFD-B95B-D718D52088C4}" = Module linguistique Microsoft Visual F# 2.0 Runtime - FRA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A78C597-9D23-3C25-AE57-132F62D62F02}" = Microsoft Visual Studio Macro Tools - FRA Language Pack
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7AD4FE43-6F4E-4DD5-AE2E-02F367192BE0}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81E95872-8357-4363-A764-8F98B28340C5}" = Ma-Config.com
"{83E0F08C-C476-3987-B57E-7F45C177E1D7}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - FRA
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-006D-040C-0000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{93074803-3F61-4595-AC67-FFC20B3BE06A}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93F07BB2-BAD8-4638-AFB6-0A1EE5624DAE}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) fr
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A1FE2467-01B8-3666-BA44-91D44342BAD7}" = Microsoft Team Foundation Server 2010 Object Model - FRA
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.6 - Français
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD5CE491-1257-3FF3-9A00-BBEBD57932F4}" = Microsoft Visual Studio 2010 Performance Collection Tools - FRA
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B01A7AFC-0356-43AF-A333-C65912AEA8DC}" = Objets de gestion Microsoft SQL Server 2008 R2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3E6B7BB-2D32-463C-8A09-6071AC40CA03}" = Microsoft SQL Server 2008 Native Client
"{B466A9C8-CF42-49E6-A211-A80A3AA272FC}" = Infra. d'app. de la couche Données Microsoft SQL Server 2008 R2
"{B4B6D2ED-1D71-326E-8E61-AD6778046C47}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC398BE9-C1DC-374B-90B1-460CB70C7CDD}" = Microsoft Help Viewer 1.0 Language Pack - FRA
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BF1EC9C0-9C10-11DF-BBC7-005056C00008}" = Google Earth
"{C5E05888-7559-3A01-A3A7-739AC400E1C1}" = Microsoft Visual Studio 2010 Ultimate - FRA
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D60023FA-3DF1-4537-93DD-13024CC4E366}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0FD00FD-CE66-474F-A116-72B4880E8B47}" = Microsoft SQL Server 2008 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F37AADAE-7560-42BE-96E2-B968E6DAFC62}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) fr
"{FAE5AA1D-17F7-43A6-A284-5F90750FB3EB}" = DisplayLink Core Software
"{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF63E956-55FC-42B6-80A3-1B1666AA82D8}" = Microsoft Sync Framework Services v1.0 SP1 (x86) fr
"123 Free Solitaire_is1" = 123 Free Solitaire 2009 v7.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArgoUML" = ArgoUML 0.32.2
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DealScout" = DealScout for Google Chrome
"DivX Setup" = Configuration DivX
"Edraw Max_is1" = Edraw Max 6.1
"eMule" = eMule
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.2
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"JCreator LE_is1" = JCreator LE 5.00
"LimeWire" = LimeWire 5.5.16
"Mahjong_is1" = Mahjong v1.1
"MediaCoder" = MediaCoder 2011
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - FRA" = Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - FRA" = Modèle objet Microsoft Team Foundation Server 2010 - Français
"Microsoft Visual C++ 2010 Express - FRA" = Microsoft Visual C++ 2010 Express - Français
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA" = Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA
"Microsoft Visual Studio 2010 Ultimate - FRA" = Microsoft Visual Studio 2010 Ultimate - Français
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - FRA Language Pack" = Microsoft Visual Studio Macro Tools - FRA Language Pack
"Mozilla Firefox 8.0 (x86 fr)" = Mozilla Firefox 8.0 (x86 fr)
"MyFreeCodec" = MyFreeCodec
"nbi-glassfish-mod-3.1.1.12.0" = GlassFish Server Open Source Edition 3.1.1
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"nbi-tomcat-7.0.14.0.0" = Apache Tomcat 7.0.14
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PROPLUS" = Microsoft Office Professional Plus 2007
"Rapport_msi" = Rapport
"RealPlayer 12.0" = RealPlayer
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite" = Windows Live
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Logiciel d'archivage WinRAR
"YTdetect" = Yahoo! Detect
"zap" = zap

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15/01/2012 19:02:49 | Computer Name = bouallagui-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 15/01/2012 20:19:41 | Computer Name = bouallagui-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 15/01/2012 20:19:53 | Computer Name = bouallagui-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 15/01/2012 20:26:10 | Computer Name = bouallagui-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 16/01/2012 09:59:09 | Computer Name = bouallagui-PC | Source = EventSystem | ID = 4609
Description =

Error - 16/01/2012 10:12:52 | Computer Name = bouallagui-PC | Source = VSS | ID = 18
Description =

Error - 16/01/2012 10:12:52 | Computer Name = bouallagui-PC | Source = VSS | ID = 8193
Description =

Error - 16/01/2012 10:12:52 | Computer Name = bouallagui-PC | Source = System Restore | ID = 8193
Description =

Error - 16/01/2012 10:13:31 | Computer Name = bouallagui-PC | Source = Application Error | ID = 1000
Description = Application défaillante pev.3XE, version 0.0.0.0, horodatage 0x4e06cfe8,
module défaillant pev.3XE, version 0.0.0.0, horodatage 0x4e06cfe8, code d’exception
0xc0000417, décalage d’erreur 0x00081dc9, ID du processus 0x54c, heure de début
de l’application 0x01ccd459067adf7d.

Error - 16/01/2012 10:58:14 | Computer Name = bouallagui-PC | Source = EventSystem | ID = 4609
Description =

[ System Events ]
Error - 16/01/2012 10:00:12 | Computer Name = bouallagui-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 16/01/2012 10:00:12 | Computer Name = bouallagui-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 16/01/2012 10:12:52 | Computer Name = bouallagui-PC | Source = DCOM | ID = 10005
Description =

Error - 16/01/2012 10:13:20 | Computer Name = bouallagui-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 16/01/2012 10:57:53 | Computer Name = bouallagui-PC | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 15:16:11 le 16/01/2012 n'était pas prévu.

Error - 16/01/2012 10:58:04 | Computer Name = bouallagui-PC | Source = DCOM | ID = 10005
Description =

Error - 16/01/2012 10:58:13 | Computer Name = bouallagui-PC | Source = DCOM | ID = 10005
Description =

Error - 16/01/2012 10:58:26 | Computer Name = bouallagui-PC | Source = DCOM | ID = 10005
Description =

Error - 16/01/2012 10:59:15 | Computer Name = bouallagui-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 16/01/2012 10:59:15 | Computer Name = bouallagui-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:39 PM

Posted 22 January 2012 - 09:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/438382 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:39 PM

Posted 27 January 2012 - 10:00 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users