Se connecter / S'enregistrer
Votre question

Infection par TR/Crypt.XDR.Gen

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Mai 2009 13:13:15

Bonjour à tous,

infecté par un trojan depuis hier (Crypt.XDR.Gen) j'ai tenté de l'enlever avec Avira
Il l'efface ou le met en quarantaine mais le trojan réapparait
J'ai tenté A², Spybot, HijackThis, BitDefender en ligne mais rien n'y fait, il revient !!

Quelqu'un a t'il une solution à me proposer?

Merci d'avance

Autres pages sur : infection crypt xdr gen

a c 295 8 Sécurité
18 Mai 2009 13:20:55

Bonjour,

Il est détecté à quel emplacement ?
18 Mai 2009 22:13:40

un peu partout...
autant dans windows/system32 que dans programfiles...
c'est la merde !!
Contenus similaires
a c 295 8 Sécurité
18 Mai 2009 22:14:06

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    18 Mai 2009 22:22:10

    impossible de le télécharger
    le lien est mauvais et pas moyen de le trouver ailleurs

    ok j'ai réussi à l'avoir sur un autre ordi
    18 Mai 2009 22:35:03

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-05-18 22:35:33
    Microsoft Windows XP Professionnel Service Pack 3, v.5512
    System drive C: has 19 GB (63%) free of 30 GB
    Total RAM: 2047 MB (43% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:41:11, on 18/05/2009
    Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Taskix\Taskix32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files\Cyberlink\Shared Files\brs.exe
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\WinRoll\winroll.exe
    C:\Program Files\LClock\LClock.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\EXPERTool ATI\TBPanel.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe
    C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Documents and Settings\Administrateur\Administrateur.exe
    C:\Documents and Settings\Administrateur\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
    O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
    O4 - HKLM\..\Run: [Microsoft] avgemcu.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [GroupManager] C:\Program Files\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\groupmanager.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [WINSUPPORT] C:\WINDOWS\system32:gsserver.exe
    O4 - HKLM\..\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
    O4 - HKLM\..\RunServices: [Microsoft] avgemcu.exe
    O4 - HKCU\..\Run: [WinRoll] "C:\Program Files\WinRoll\winroll.exe"
    O4 - HKCU\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Gainward] C:\Program Files\EXPERTool ATI\TBPanel.exe /A
    O4 - HKCU\..\Run: [Administrateur] C:\Documents and Settings\Administrateur\Administrateur.exe /i
    O4 - HKCU\..\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKLM\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
    O4 - HKCU\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
    O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9871483142140) (gupdate1c9871483142140) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    --
    End of file - 9324 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2ba40a1-74f3-42bd-f434-12345a2c8953}]
    C:\WINDOWS\system32\jkshfuiehi.dll - C:\WINDOWS\system32\jkshfuiehi.dll [2009-05-18 15000]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Taskix"=C:\Program Files\Taskix\Taskix32.exe [2008-04-02 124416]
    "amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
    "RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
    "PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
    "BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-06-27 91432]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
    "LiveMonitor"=C:\Program Files\MSI\Live Update 3\LMonitor.exe [2008-04-30 498176]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "GroupManager"=C:\Program Files\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\groupmanager.exe []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-01-29 16859648]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "WINSUPPORT"=C:\WINDOWS\system32:gsserver.exe []
    "xsstimer"=C:\WINDOWS\system32:gsserver.exe []
    "reader_s"=C:\WINDOWS\System32\reader_s.exe [2009-05-18 60929]
    "sysldtray"=c:\windows\ld08.exe [2009-05-18 38912]
    "Secure AntiVirus Pro"=C:\WINDOWS\AV.EXE [2009-05-18 270848]
    "services"=C:\WINDOWS\services.exe [2009-05-18 68096]
    "sysmstray"=c:\windows\mstre19.exe [2009-05-18 50688]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "WinRoll"=C:\Program Files\WinRoll\winroll.exe [2004-04-07 15360]
    "LClock"=C:\Program Files\LClock\LClock.exe [2004-09-19 65536]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520]
    "Gainward"=C:\Program Files\EXPERTool ATI\TBPanel.exe [2008-09-05 2300456]
    "Administrateur"=C:\Documents and Settings\Administrateur\Administrateur.exe [2009-05-18 20521]
    "xsstimer"=C:\WINDOWS\system32:gsserver.exe []
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
    ""=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hu5pl.exe [2009-05-18 15001]
    "reader_s"=C:\Documents and Settings\Administrateur\reader_s.exe [2009-05-18 60929]
    "SYS32DLL"=SYS32DLL []
    "uidenhiufgsduiazghs"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hu5pl.exe [2009-05-18 15001]
    "12ZFG94-F641-2SF-K31P-5N1ER6H6L2"=C:\RECYCLER\S-1-5-21-9144144216-7300028055-966814643-6506\service.exe [2009-05-18 96220]
    "12CFG515-K641-55SF-N66P"=C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe [2009-05-18 51200]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
    WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe

    C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="c:\progra~1\ThunMail\testabd.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-10-21 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-22 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\jkshfuiehi.dll [2009-05-18 15000]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=1
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=255
    "NoSMHelp"=1
    "ForceClassicControlPanel"=1
    "NoDesktopCleanupWizard"=1
    "NoInstrumentation"=1
    "NoResolveSearch"=1
    "NoResolveTrack"=1
    "NoSMBalloonTip"=1
    "NoSMConfigurePrograms"=1
    "NoStartMenuMFUprogramsList"=1
    "NoStrCmpLogical"=0
    "NoWelcomeScreen"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HideRunAsVerb"=
    "NoActiveDesktop"=
    "NoDriveTypeAutoRun"=
    "NoInstrumentation"=
    "NoResolveTrack"=
    "NoSetActiveDesktop"=
    "NoStartMenuMFUprogramsList"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
    "E:\eMule\emule.exe"="E:\eMule\emule.exe:*:Enabled:eMuleMorphXT"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ENABLE"
    "\"="c:\adspl.exe:*:Enabled:KL"
    "\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======File associations======

    .reg - edit -
    .reg - open -

    ======List of files/folders created in the last 1 months======

    2009-05-18 22:35:33 ----D---- C:\rsit
    2009-05-18 22:14:39 ----A---- C:\3735555.bat
    2009-05-18 22:12:50 ----A---- C:\p2hhr.bat
    2009-05-18 22:12:20 ----A---- C:\43214354.bat
    2009-05-18 22:11:57 ----A---- C:\lssgcx.exe
    2009-05-18 22:11:49 ----A---- C:\upqsh.exe
    2009-05-18 22:07:43 ----H---- C:\WINDOWS\mstre19.exe
    2009-05-18 20:28:30 ----A---- C:\wenokp.exe
    2009-05-18 20:08:14 ----A---- C:\WINDOWS\services.exe
    2009-05-18 20:08:13 ----A---- C:\WINDOWS\system32\7C.tmp
    2009-05-18 20:08:12 ----A---- C:\WINDOWS\system32\7B.tmp
    2009-05-18 20:08:08 ----A---- C:\WINDOWS\system32\79.tmp
    2009-05-18 20:08:07 ----A---- C:\WINDOWS\system32\78.tmp
    2009-05-18 20:08:05 ----A---- C:\mmvnpq.exe
    2009-05-18 20:08:04 ----A---- C:\vfmf.exe
    2009-05-18 20:08:02 ----A---- C:\WINDOWS\AV.EXE
    2009-05-18 20:08:02 ----A---- C:\ueksxwdu.exe
    2009-05-18 20:08:01 ----A---- C:\adspl.exe
    2009-05-18 20:07:59 ----RSHD---- C:\Program Files\ThunMail
    2009-05-18 20:07:40 ----D---- C:\WINDOWS\system32\790151
    2009-05-18 20:07:40 ----A---- C:\WINDOWS\system32\SYS32DLL.exe
    2009-05-18 20:07:33 ----H---- C:\WINDOWS\ld08.exe
    2009-05-18 20:07:32 ----A---- C:\WINDOWS\system32\reader_s.exe
    2009-05-18 20:07:31 ----A---- C:\jfknkkkh.exe
    2009-05-18 20:07:29 ----A---- C:\teoo.exe
    2009-05-18 20:07:29 ----A---- C:\lafp.exe
    2009-05-18 20:07:27 ----A---- C:\WINDOWS\system32\jkshfuiehi.dll
    2009-05-18 13:45:48 ----A---- C:\ohuch.exe
    2009-05-18 11:38:28 ----D---- C:\Program Files\a-squared Free
    2009-05-18 11:32:13 ----D---- C:\WINDOWS\avxoscan
    2009-05-18 10:32:09 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-18 10:32:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-17 21:12:04 ----D---- C:\WINDOWS\system32\Winxsstimer
    2009-05-17 21:12:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Winxsstimer
    2009-05-17 19:04:46 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
    2009-05-17 19:04:43 ----A---- C:\WINDOWS\system32\Lanceur2.exe
    2009-05-17 19:04:42 ----D---- C:\Program Files\SoftwarePassport
    2009-05-17 19:04:31 ----A---- C:\WINDOWS\system32\CP3245MT.DLL
    2009-05-17 19:04:31 ----A---- C:\WINDOWS\system32\CC3260MT.DLL
    2009-05-17 19:04:31 ----A---- C:\WINDOWS\system32\BORLNDMM.DLL
    2009-05-17 14:52:29 ----A---- C:\WINDOWS\system32\gsserver.exe
    2009-05-17 14:52:21 ----A---- C:\WINDOWS\buftemp8.exe
    2009-05-17 14:52:21 ----A---- C:\WINDOWS\buftemp7.exe
    2009-05-17 14:52:21 ----A---- C:\WINDOWS\buftemp6.exe
    2009-05-17 14:52:18 ----A---- C:\WINDOWS\buftemp5.exe
    2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp4.exe
    2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp3.exe
    2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp2.exe
    2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp1.exe
    2009-05-17 13:07:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
    2009-05-17 13:07:36 ----D---- C:\Program Files\VideoLAN
    2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\rmoc3260.dll
    2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\pndx5032.dll
    2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\pndx5016.dll
    2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\pncrt.dll
    2009-05-09 22:03:12 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
    2009-05-09 22:03:11 ----D---- C:\Documents and Settings\All Users\Application Data\Real
    2009-05-09 22:03:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\Real
    2009-05-08 22:31:55 ----D---- C:\Program Files\FLVCodec
    2009-05-08 22:31:47 ----D---- C:\Program Files\WinPcap
    2009-05-08 22:31:43 ----D---- C:\Program Files\RipTiger
    2009-05-08 13:25:54 ----D---- C:\Program Files\iPod
    2009-05-08 13:25:52 ----D---- C:\Program Files\iTunes
    2009-05-08 13:25:52 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-08 13:24:12 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
    2009-05-07 20:25:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hoyle Blackjack
    2009-05-07 20:11:09 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hoyle FaceCreator
    2009-05-07 20:11:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hoyle Card Games
    2009-05-06 17:43:30 ----D---- C:\Documents and Settings\All Users\Application Data\The Humans
    2009-05-05 12:38:04 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-05-04 22:21:04 ----A---- C:\WINDOWS\ODBC.INI
    2009-05-04 22:19:39 ----D---- C:\WINDOWS\Micro Application Shared
    2009-05-04 22:19:39 ----A---- C:\WINDOWS\system32\ODBCSTF.DLL
    2009-05-04 22:19:38 ----A---- C:\WINDOWS\system32\MSJT4JLT.DLL
    2009-05-04 22:19:37 ----A---- C:\WINDOWS\system32\Odbctl32.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\vbar332.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msxbse35.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\mstext35.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msrd2x35.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\mspdox35.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msltus35.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msjet35.dll
    2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msexcl35.dll
    2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\VB5DB.DLL
    2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\rdocurs.dll
    2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\msrepl35.dll
    2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\MSRDO20.DLL
    2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\msjter35.dll
    2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\Msjint35.dll
    2009-05-04 22:19:30 ----D---- C:\Program Files\Micro Application
    2009-05-04 22:18:14 ----A---- C:\WINDOWS\IsUn040c.exe
    2009-05-04 22:15:31 ----A---- C:\WINDOWS\Navigma.INI
    2009-05-03 13:24:30 ----A---- C:\WINDOWS\system32\enc_ba-2_000001.ini
    2009-05-03 13:24:30 ----A---- C:\WINDOWS\Progs_.ini
    2009-05-03 13:23:46 ----D---- C:\Program Files\VIRTUELSOFT
    2009-05-03 13:23:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
    2009-05-02 21:14:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\BSHOOTER.com
    2009-05-02 21:08:33 ----D---- C:\Program Files\ReflexiveArcade
    2009-05-01 20:42:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Valusoft
    2009-04-28 22:38:29 ----A---- C:\WINDOWS\system32\TubeFinder.exe
    2009-04-28 22:38:28 ----A---- C:\WINDOWS\system32\VB6FR.DLL
    2009-04-28 22:38:28 ----A---- C:\WINDOWS\system32\PCCLPFR.DLL
    2009-04-28 22:38:28 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
    2009-04-28 22:38:27 ----D---- C:\Program Files\Free FLV Converter
    2009-04-28 22:38:27 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
    2009-04-27 21:21:00 ----D---- C:\Program Files\Internet Digital Radio Tuner
    2009-04-26 01:12:09 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\px.dll
    2009-04-26 01:08:22 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-04-26 01:08:22 ----D---- C:\Program Files\DivX
    2009-04-24 00:11:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Snapfish
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\TTIC32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\TTI32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\STRING32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\MXRestore.exe
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\msxml4a.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\mgxcdr.txt
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLRES32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLRD32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
    2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLIX.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLISO32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLIO32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
    2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLAV32.dll
    2009-04-20 00:15:39 ----D---- C:\Documents and Settings\All Users\Application Data\MAGIX
    2009-04-20 00:15:31 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
    2009-04-20 00:15:20 ----D---- C:\WINDOWS\system32\MAGIX
    2009-04-20 00:15:20 ----A---- C:\WINDOWS\system32\mgxoschk.dll
    2009-04-20 00:15:20 ----A---- C:\WINDOWS\mgxoschk.ini
    2009-04-20 00:14:28 ----D---- C:\WINDOWS\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe
    2009-04-20 00:13:47 ----A---- C:\WINDOWS\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe Setup Log.txt

    ======List of files/folders modified in the last 1 months======

    2009-05-18 22:35:34 ----D---- C:\WINDOWS\Temp
    2009-05-18 22:15:40 ----D---- C:\WINDOWS\system32\drivers
    2009-05-18 22:13:23 ----RASHD---- C:\WINDOWS\system32
    2009-05-18 22:12:11 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-18 22:07:43 ----RSHD---- C:\WINDOWS
    2009-05-18 20:28:36 ----A---- C:\WINDOWS\system32\svchost.exe
    2009-05-18 20:07:59 ----D---- C:\Program Files
    2009-05-18 20:07:55 ----RSHD---- C:\RECYCLER
    2009-05-18 20:07:34 ----D---- C:\WINDOWS\system32\dllcache
    2009-05-18 20:07:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-05-18 20:07:30 ----D---- C:\WINDOWS\system
    2009-05-18 19:28:24 ----D---- C:\WINDOWS\Prefetch
    2009-05-18 11:33:12 ----D---- C:\Program Files\Internet Explorer
    2009-05-18 11:31:56 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-05-18 10:27:00 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-05-18 10:19:36 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-17 19:06:24 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
    2009-05-17 19:04:31 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-05-17 19:04:31 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2009-05-17 12:27:08 ----SHD---- C:\WINDOWS\Installer
    2009-05-17 12:27:00 ----D---- C:\Program Files\Google
    2009-05-16 22:25:02 ----D---- C:\Documents and Settings\All Users\Application Data\Soulseek
    2009-05-16 11:57:23 ----RSD---- C:\WINDOWS\assembly
    2009-05-16 11:57:23 ----D---- C:\WINDOWS\system32\DirectX
    2009-05-15 00:23:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\FileZilla
    2009-05-11 10:34:35 ----AD---- C:\Documents and Settings\All Users\Application Data\Temp
    2009-05-09 22:03:51 ----D---- C:\Program Files\K-Lite Codec Pack
    2009-05-09 20:41:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-05-08 19:17:32 ----D---- C:\WINDOWS\inf
    2009-05-08 13:26:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-05-08 13:25:54 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-05-08 13:25:13 ----D---- C:\Program Files\Bonjour
    2009-05-08 13:25:00 ----D---- C:\Program Files\QuickTime Alternative
    2009-05-06 17:12:52 ----SD---- C:\WINDOWS\Tasks
    2009-05-04 22:21:04 ----A---- C:\WINDOWS\win.ini
    2009-05-04 22:21:03 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-05-04 22:19:39 ----RSD---- C:\WINDOWS\Fonts
    2009-05-01 15:06:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\Vso
    2009-04-26 01:08:22 ----D---- C:\Program Files\Fichiers communs
    2009-04-19 13:36:25 ----D---- C:\Program Files\DVDFab 5
    2009-04-19 13:27:46 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-26 75072]
    R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-26 21419]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-13 279712]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-13 25888]
    R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-08-22 60800]
    R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-10-21 3331584]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-21 89600]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-08-22 144384]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-30 4725760]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-08-22 61824]
    R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-16 47360]
    R3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-12-21 429440]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
    R3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys []
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-08-22 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-08-22 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-08-22 17152]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-08-22 26368]
    S2 acpi32;acpi32; \??\C:\WINDOWS\system32\drivers\acpi32.sys []
    S2 amd64si;amd64si; \??\C:\WINDOWS\system32\drivers\amd64si.sys []
    S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []
    S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
    S2 i386si;i386si; \??\C:\WINDOWS\system32\drivers\i386si.sys []
    S2 ksi32sk;ksi32sk; \??\C:\WINDOWS\system32\drivers\ksi32sk.sys []
    S2 nicsk32;nicsk32; \??\C:\WINDOWS\system32\drivers\nicsk32.sys []
    S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
    S2 securentm;securentm; \??\C:\WINDOWS\system32\drivers\securentm.sys []
    S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []
    S2 ws2_32sik;ws2_32sik; \??\C:\WINDOWS\system32\drivers\ws2_32sik.sys []
    S3 a27pbf3c;a27pbf3c; C:\WINDOWS\system32\drivers\a27pbf3c.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 GMSIPCI;GMSIPCI; \??\J:\INSTALL\GMSIPCI.SYS []
    S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-08-22 40320]
    S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
    S3 pohci13F;pohci13F; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pohci13F.sys []
    S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2006-11-23 18432]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-22 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-22 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-05-18 717320]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-12-26 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-12-26 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-10-21 581632]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-15 66872]
    R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-04-15 107832]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-03 593920]
    S2 Darkness;Darkness; C:\WINDOWS\system\svchost.exe [2009-05-18 17691]
    S2 FCI;FCI; C:\WINDOWS\system32\fci.exe.exe:ext.exe []
    S2 gupdate1c9871483142140;Google Update Service (gupdate1c9871483142140); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-05 133104]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-15 654848]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
    S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-05-18 14336]

    -----------------EOF-----------------
    18 Mai 2009 22:51:51

    info.txt logfile of random's system information tool 1.06 2009-05-18 22:35:40

    ======Uninstall list======

    -->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
    AbiWord 2.6.5-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe
    Acrobat.com-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
    Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
    Adobe Reader 9.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
    Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
    Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ASAPI-->MsiExec.exe /X{8A7E941F-2BB4-47D0-B732-8AE5F3513B68}
    a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
    ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
    ATI Parental Control & Encoder-->MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    BD Advisor 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
    Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    ConvertXtoDVD 3.2.4.82-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
    CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
    CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
    dBpowerAMP FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
    dBpowerAMP Mp4 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
    dBpowerAMP Musepack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Musepack Codec.dat
    dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    dMC Power Pack-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dMC Power Pack.dat
    Dual-Core Optimizer-->MsiExec.exe /X{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}
    DualCoreCenter-->"C:\Program Files\MSI\DualCoreCenter\unins000.exe"
    DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
    DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.1.2 Be-->"C:\Program Files\DVDFab 5\unins000.exe"
    Entraîneur Cérébral 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A62C42C-FDB3-4BCC-A41A-89FA813250E3}\setup.exe" -l0x40c -removeonly
    EXPERTool ATI 4.1-->"C:\Program Files\EXPERTool ATI\unins000.exe"
    FastStone-->"C:\Program Files\FastStone Capture\Désinstaller.exe"
    FileZilla Client 3.2.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe
    Filter Forge 1.009-->"C:\Program Files\Filter Forge\unins000.exe"
    Free FLV Converter V 6.32-->"C:\Program Files\Free FLV Converter\unins000.exe"
    Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
    GrabIt 1.7.2 Beta 3 (build 996)-->"C:\Program Files\GrabIt\unins000.exe"
    Hercules WiFi Station for Livebox-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Internet Digital Radio Tuner 2.3.1-->"C:\Program Files\Internet Digital Radio Tuner\unins000.exe"
    iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Jun's Factory JM-1-->"C:\Program Files\Steinberg\Vstplugins\Jun's Factory\epuninst.exe" /s
    K-Lite Mega Codec Pack 4.8.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    L'Album de Bébé-->MsiExec.exe /I{FF1A5077-C7E9-442A-B57A-37C23606AEE4}
    Last.fm 1.5.4.24567-->"C:\Program Files\Last.fm\unins000.exe"
    LClock-->"C:\Program Files\LClock\Désinstaller.exe"
    Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
    Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
    Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
    MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe-->"C:\WINDOWS\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\uninstall.exe" "/U:C:\Program Files\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\Uninstall\uninstall.xml"
    Micro Application - Faire-Part-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Faire-Part\Uninst.isu" -c"C:\Program Files\Micro Application\Faire-Part\_UNODBC.DLL"
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSI Live Update 3-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\Live Update 3\Uninst.isu"
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    Native Instruments Absynth v3.0-->C:\PROGRA~1\NATIVE~1\ABSYNT~2\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~2\INSTALL.LOG
    Native Instruments FM7 VSTi DXI RTAS v1.1.3.4-->C:\PROGRA~1\NATIVE~1\FM7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\FM7\INSTALL.LOG
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
    OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    PlayFLV-->"C:\Program Files\FLVCodec\uninstall.exe"
    PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
    QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
    QuickTime Alternative 2.7.0-->"C:\Program Files\QuickTime Alternative\unins000.exe"
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    ratDVD 0.78.1444-->C:\Program Files\ratDVD\uninst.exe
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    SoulSeek 157 NS 13c-->"C:\Program Files\SoulseekNS\uninstall.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Steinberg Cubase LE 4-->MsiExec.exe /I{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}
    Sumatra PDF Reader-->"C:\Program Files\SumatraPDF\Désinstaller.exe"
    Taskix-->"C:\Program Files\Taskix\Désinstaller.exe"
    The Panorama Factory V4 m32 Edition-->MsiExec.exe /I{32FF2F41-E230-478E-BD33-2818FB595C05}
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    uTorrent-->"C:\Program Files\uTorrent\Désinstaller.exe"
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WaveLab 6-->"C:\Program Files\Steinberg\WaveLab 6\Uninstall.exe" "C:\Program Files\Steinberg\WaveLab 6\install.log"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Trust Installer-->"C:\Program Files\WTInstaller\Désinstaller.exe"
    WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    WinRoll-->"C:\Program Files\WinRoll\Désinstaller.exe"
    XtremSplit-->"C:\Program Files\XtremSplit\Désinstaller.exe"

    =====HijackThis Backups=====

    O4 - HKLM\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe [2009-05-18]
    O4 - Startup: PowerReg Scheduler V3.exe [2009-05-18]
    O4 - HKCU\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe [2009-05-18]
    O4 - HKLM\..\Run: [Microsoft] avgemcu.exe [2009-05-18]

    Securitycenter WMI appears to be broken

    ======System event log======

    Computer Name: WINDOWS-90530AC
    Event Code: 62486
    Message: Invalid parameters

    Record Number: 13661
    Source Name: ati2mtag
    Time Written: 20090508222459.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 62486
    Message: Invalid parameters

    Record Number: 13660
    Source Name: ati2mtag
    Time Written: 20090508222459.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 62486
    Message: Invalid parameters

    Record Number: 13659
    Source Name: ati2mtag
    Time Written: 20090508222459.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 62486
    Message: Invalid parameters

    Record Number: 13658
    Source Name: ati2mtag
    Time Written: 20090508222459.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 62486
    Message: Invalid parameters

    Record Number: 13657
    Source Name: ati2mtag
    Time Written: 20090508222459.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: WINDOWS-90530AC
    Event Code: 0
    Message:
    Record Number: 1968
    Source Name: gupdate1c9871483142140
    Time Written: 20090512102843.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 4096
    Message: The AntiVir service has been started successfully!

    Record Number: 1967
    Source Name: Avira AntiVir
    Time Written: 20090512102816.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: WINDOWS-90530AC
    Event Code: 1
    Message:
    Record Number: 1966
    Source Name: Bonjour Service
    Time Written: 20090512102814.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 0
    Message:
    Record Number: 1965
    Source Name: gupdate1c9871483142140
    Time Written: 20090512102813.000000+120
    Event Type: Informations
    User:

    Computer Name: WINDOWS-90530AC
    Event Code: 105
    Message: The service was started.

    Record Number: 1964
    Source Name: ATI Smart
    Time Written: 20090512102810.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime Alternative\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=6b02
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS