Sujet Précédent Sujet Suivant

Trojan TR/Agent.bqpu

Har_g2001 -  
 Har_g -
Bonjour,

Dernièrement, j'ai remarqué que "Avira antivir Personnal free" détectait des trojans dans le temp.

Etant dans le temp, je n'avais aucun scrupule à faire delete.

Aujourd'hui, j'ai eu le problème sur un fichier exe qui était tout à fait correct au départ. Je pense donc que mon pc est infecté et que certains fichier exe deviennent corrompu. (ou pas)

j'ai fait un ccleaner histoire de nettoyer tout ca et un hijackthis afin de gagner une étape (j'ai un peu été lire les autres résolution sans faire attention si le problème est identique)

voilà le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:59:28, on 18/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Savescreen\Savescreen.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
E:\steam\steam.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DNA\btdna.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Har_g\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: load= C:\BC5\PIPELINE\remind.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Savescreen] C:\Program Files\Savescreen\Savescreen.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "e:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Tunebite] C:\Program Files\RapidSolution\Tunebite\Tunebite.exe -tray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14281D54-925A-4B1C-B55F-F8032EC7686C} (vrcontext.WalkinsideNet.VRWebControl) - file:///C:/Documents%20and%20Settings/Har_g/Bureau/sitedom/Walkinside.cab
O16 - DPF: {24CAC9B8-6089-47D7-8342-255712D6CD4E} (TextEditor.Form1) - file:///F:/Stage/Portage%20sous%20IE/TextEditor/TextWebEditor/bin/Debug/TextWebEditor.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ANTS Profiler 3 Service - Red Gate Software Ltd - C:\Program Files\Red Gate\ANTS Profiler 3\RedGate.Profiler.IISProfileHost.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Cyanide - C:\WINDOWS\system32\pr2agqwb.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
A voir également:

3 réponses

Réponse 1 / 3
Utilisateur anonyme
 
bonsoir jaques

Burnt_cells
crées toi un topic pour ton probleme

et pour avancer :

Har_g2001,

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...

-> laisse faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
1
Har_g
 
Log.txt 
Logfile of random's system information tool 1.05 (written by random/random)
Run by Har_g at 2009-02-27 17:31:36
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (19%) free of 200 GB
Total RAM: 2046 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:43, on 27/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Har_g\Bureau\RSIT.exe
C:\Program Files\trend micro\Har_g.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: load= C:\BC5\PIPELINE\remind.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Savescreen] C:\Program Files\Savescreen\Savescreen.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "e:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Tunebite] C:\Program Files\RapidSolution\Tunebite\Tunebite.exe -tray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14281D54-925A-4B1C-B55F-F8032EC7686C} (vrcontext.WalkinsideNet.VRWebControl) - file:///C:/Documents%20and%20Settings/Har_g/Bureau/sitedom/Walkinside.cab
O16 - DPF: {24CAC9B8-6089-47D7-8342-255712D6CD4E} (TextEditor.Form1) - file:///F:/Stage/Portage%20sous%20IE/TextEditor/TextWebEditor/bin/Debug/TextWebEditor.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {fr_FR}  (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ANTS Profiler 3 Service - Red Gate Software Ltd - C:\Program Files\Red Gate\ANTS Profiler 3\RedGate.Profiler.IISProfileHost.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Cyanide - C:\WINDOWS\system32\pr2agqwb.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 16100 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-01 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"WheelMouse"=C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe [2006-09-29 163840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-06 136600]
"Savescreen"=C:\Program Files\Savescreen\Savescreen.exe [2005-05-16 532480]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-17 266497]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-11-12 13672448]
"nwiz"=nwiz.exe /install []
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872]
"Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]
""= []
"Adobe_ID0EYTHM"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"ISUSPM Startup"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2006-03-20 213936]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-03-20 86960]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2006-03-20 213936]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"HP Software Update"=D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-11-12 86016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=e:\steam\steam.exe [2008-10-08 1410296]
"Tunebite"=C:\Program Files\RapidSolution\Tunebite\Tunebite.exe -tray []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools\daemon.exe [2007-12-19 486856]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-28 67128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
"Comrade.exe"=C:\Program Files\GameSpy\Comrade\Comrade.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\Har_g\Menu Démarrer\Programmes\Démarrage
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Steam\Steam.exe"="E:\Steam\Steam.exe:*:Enabled:Steam Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Jeux\Quake III Arena\quake3.exe"="F:\Jeux\Quake III Arena\quake3.exe:*:Enabled:quake3"
"E:\Steam\SteamApps\har_g\team fortress classic\hl.exe"="E:\Steam\SteamApps\har_g\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"E:\Steam\SteamApps\har_g\half-life\hl.exe"="E:\Steam\SteamApps\har_g\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"E:\Steam\SteamApps\har_g\ricochet\hl.exe"="E:\Steam\SteamApps\har_g\ricochet\hl.exe:*:Enabled:Half-Life Launcher"
"E:\Program Files\Microsoft Games\Halo\halo.exe"="E:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Java\jdk1.6.0_03\jre\bin\java.exe"="C:\Program Files\Java\jdk1.6.0_03\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jdk1.6.0_03\bin\java.exe"="C:\Program Files\Java\jdk1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"H:\Jeux\CounterLan\hl.exe"="H:\Jeux\CounterLan\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
"E:\Program Files\Sierra Entertainment\Empire Earth III\EE3.exe"="E:\Program Files\Sierra Entertainment\Empire Earth III\EE3.exe:*:Enabled:Empire Earth III"
"C:\Program Files\id Software\Quake 4\Quake4Ded.exe"="C:\Program Files\id Software\Quake 4\Quake4Ded.exe:*:Enabled:Quake 4"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Ankama Games\Dofus\Dofus.exe"="C:\Program Files\Ankama Games\Dofus\Dofus.exe:*:Enabled:Dofus Client"
"C:\Program Files\DreamCatcher\Painkiller Overdose\Bin\Overdose.exe"="C:\Program Files\DreamCatcher\Painkiller Overdose\Bin\Overdose.exe:*:Enabled:Painkiller Overdose"
"C:\Program Files\DreamCatcher\Painkiller Overdose\Bin\OverdoseEditor.exe"="C:\Program Files\DreamCatcher\Painkiller Overdose\Bin\OverdoseEditor.exe:*:Enabled:Painkiller Overdose Editor"
"C:\Program Files\DreamCatcher\Painkiller Overdose\Bin\OverdoseServer.exe"="C:\Program Files\DreamCatcher\Painkiller Overdose\Bin\OverdoseServer.exe:*:Enabled:Painkiller Overdose Console Server"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\Jeux\Dofus\Dofus\Dofus.exe"="F:\Jeux\Dofus\Dofus\Dofus.exe:*:Enabled:Dofus Client"
"C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo"
"C:\Program Files\Ankama Games\DofusArenaBeta2\DofusArena.exe"="C:\Program Files\Ankama Games\DofusArenaBeta2\DofusArena.exe:*:Enabled:Dofus Arena Client"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe"="C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Program Files\Sierra\FEAR\fpupdate.exe"="C:\Program Files\Sierra\FEAR\fpupdate.exe:*:Enabled:fpupdate"
"C:\Program Files\Sierra\FEAR\FEAR.exe"="C:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR"
"C:\Program Files\Sierra\FEAR\FEARMP.exe"="C:\Program Files\Sierra\FEAR\FEARMP.exe:*:Enabled:FEAR"
"C:\Program Files\Sierra\FEAR\FEARXP\FEARXP.exe"="C:\Program Files\Sierra\FEAR\FEARXP\FEARXP.exe:*:Enabled:FEARXP"
"C:\xampplite\mysql\bin\mysqld.exe"="C:\xampplite\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\xampplite\apache\bin\apache.exe"="C:\xampplite\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Har_g\Bureau\BurningCrusade.exe"="C:\Documents and Settings\Har_g\Bureau\BurningCrusade.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion"
"C:\Program Files\Ubisoft\XIII\system\XIII.exe"="C:\Program Files\Ubisoft\XIII\system\XIII.exe:*:Enabled:XIII"
"E:\Steam\SteamApps\har_g\counter-strike\hl.exe"="E:\Steam\SteamApps\har_g\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"E:\Steam\SteamApps\har_g\source 2007 dedicated server\srcds.exe"="E:\Steam\SteamApps\har_g\source 2007 dedicated server\srcds.exe:*:Enabled:srcds"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="C:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d"
"C:\Program Files\NAMCO BANDAI Games\Warhammer Mark of Chaos\Warhammer.exe"="C:\Program Files\NAMCO BANDAI Games\Warhammer Mark of Chaos\Warhammer.exe:*:Enabled:Warhammer®: Mark of Chaos™"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\Program Files\Cyanide\Loki\Loki.exe"="C:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki"
"C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe"="C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun"
"E:\Mes documents\Mes vidéos\Blizzard\WoW-Intro-frFR-downloader.exe"="E:\Mes documents\Mes vidéos\Blizzard\WoW-Intro-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Documents and Settings\Har_g\Bureau\Black & White\runblack.exe"="C:\Documents and Settings\Har_g\Bureau\Black & White\runblack.exe:*:Enabled:lh"
"C:\Games\Black And White\runblack.exe"="C:\Games\Black And White\runblack.exe:*:Enabled:lh"
"C:\Program Files\Red Gate\ANTS Profiler 3\RedGate.Profiler.UI.exe"="C:\Program Files\Red Gate\ANTS Profiler 3\RedGate.Profiler.UI.exe:*:Enabled:ANTS Profiler 3"
"C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe"="C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Program Files\Black Isle\Lionheart\Lionheart.exe"="C:\Program Files\Black Isle\Lionheart\Lionheart.exe:*:Enabled:Lionheart"
"C:\Program Files\Codemasters\Overlord\Overlord.exe"="C:\Program Files\Codemasters\Overlord\Overlord.exe:*:Enabled:Overlord"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Focus\Techland\Call of Juarez\coj.exe"="C:\Program Files\Focus\Techland\Call of Juarez\coj.exe:*:Enabled:The Call of Juarez"
"C:\Program Files\Bullfrog\Dungeon Keeper 2\DKII.exe"="C:\Program Files\Bullfrog\Dungeon Keeper 2\DKII.exe:*:Enabled:DKII"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"D:\Program Files\Autodesk\Backburner\monitor.exe"="D:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"D:\Program Files\Autodesk\Backburner\manager.exe"="D:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"D:\Program Files\Autodesk\Backburner\server.exe"="D:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"D:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe"="D:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"
"D:\Program Files\Autodesk\Maya2008\bin\maya.exe"="D:\Program Files\Autodesk\Maya2008\bin\maya.exe:*:Enabled:Maya"
"D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"D:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"D:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe"="D:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Bâtisseurs d'Empire"
"D:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe"="D:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:*:Enabled:Gears of War"
"E:\Steam\SteamApps\har_g\zombie panic! source\hl2.exe"="E:\Steam\SteamApps\har_g\zombie panic! source\hl2.exe:*:Enabled:hl2"
"E:\Steam\SteamApps\har_g\synergy\hl2.exe"="E:\Steam\SteamApps\har_g\synergy\hl2.exe:*:Enabled:hl2"
"E:\Steam\SteamApps\har_g\insurgency\hl2.exe"="E:\Steam\SteamApps\har_g\insurgency\hl2.exe:*:Enabled:hl2"
"E:\Steam\SteamApps\har_g\diprip warm up\hl2.exe"="E:\Steam\SteamApps\har_g\diprip warm up\hl2.exe:*:Enabled:hl2"
"D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"E:\Steam\SteamApps\har_g\dark messiah might and magic multi-player\mm.exe"="E:\Steam\SteamApps\har_g\dark messiah might and magic multi-player\mm.exe:*:Enabled:mm"
"D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\FileZilla FTP Client\filezilla.exe"="C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client"
"D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"D:\Program Files\iView MediaPro3\IVIEW_MP.exe"="D:\Program Files\iView MediaPro3\IVIEW_MP.exe:*:Enabled:iView Multimedia"
"E:\Steam\SteamApps\har_g\team fortress 2\hl2.exe"="E:\Steam\SteamApps\har_g\team fortress 2\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"D:\Program Files\Starcraft\StarCraft.exe"="D:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"D:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Civilization4.exe"="D:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 Complete"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
shell\AutoRun\command - explorer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd84e65b-9500-11dc-a620-806d6172696f}]
shell\AutoRun\command - D:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe9c1759-950c-11dc-a6c2-001d60ad1fec}]
shell\AutoRun\command - explorer.exe


======File associations======

.js - open - "D:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 2 months======

2009-02-27 17:31:36 ----D---- C:\rsit
2009-02-25 11:33:26 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-02-25 11:33:23 ----A---- C:\WINDOWS\imsins.BAK
2009-02-25 11:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-22 10:54:52 ----A---- C:\WINDOWS\OEWABLog.txt
2009-02-19 13:28:47 ----D---- C:\Documents and Settings\Har_g\Application Data\Crayon Physics Deluxe
2009-02-19 12:47:31 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2009-02-18 23:16:16 ----D---- C:\Documents and Settings\Har_g\Application Data\Malwarebytes
2009-02-18 23:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-18 23:16:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-18 21:45:52 ----A---- C:\WINDOWS\msnfix.txt
2009-02-18 21:39:10 ----D---- C:\Program Files\CCleaner
2009-02-16 13:21:43 ----A---- C:\WINDOWS\ipuninst.exe
2009-02-13 13:50:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-13 13:41:28 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-02-13 13:40:23 ----D---- C:\Program Files\Microsoft Sync Framework
2009-02-13 13:39:42 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-02-13 13:38:41 ----D---- C:\Program Files\Windows Live SkyDrive
2009-02-13 13:38:23 ----D---- C:\Program Files\Windows Live
2009-02-13 13:29:34 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-02-12 17:20:04 ----D---- C:\Documents and Settings\Har_g\Application Data\vlc
2009-02-11 18:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-06 18:52:40 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-02-05 20:04:11 ----A---- C:\WINDOWS\DIIUnin.exe
2009-02-03 21:36:42 ----D---- C:\Documents and Settings\Har_g\Application Data\Mumble
2009-02-03 21:36:07 ----D---- C:\Program Files\Mumble
2009-01-30 13:43:22 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2009-01-29 17:49:58 ----D---- C:\WINDOWS\SxsCaPendDel
2009-01-29 16:53:37 ----D---- C:\Program Files\Microsoft
2009-01-27 12:49:44 ----A---- C:\WINDOWS\ScUnin.exe
2009-01-27 12:32:13 ----D---- C:\Documents and Settings\Har_g\Application Data\Corel
2009-01-27 12:20:10 ----D---- C:\Program Files\Corel
2009-01-27 12:20:10 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
2009-01-25 14:05:00 ----A---- C:\WINDOWS\unvise32.exe
2009-01-22 22:19:46 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-16 22:45:00 ----D---- C:\ProgramData
2009-01-14 10:11:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$

======List of files/folders modified in the last 2 months======

2009-02-27 17:31:43 ----D---- C:\Program Files\Trend Micro
2009-02-27 17:31:37 ----D---- C:\WINDOWS\Prefetch
2009-02-27 17:29:11 ----D---- C:\Documents and Settings\Har_g\Application Data\DNA
2009-02-27 17:00:01 ----D---- C:\Program Files\Savescreen
2009-02-27 16:36:35 ----D---- C:\Program Files\Mozilla Firefox
2009-02-27 16:26:32 ----D---- C:\WINDOWS\Temp
2009-02-27 16:19:47 ----D---- C:\Program Files\SpeedFan
2009-02-27 16:19:04 ----D---- C:\Program Files\DNA
2009-02-27 16:16:43 ----D---- C:\Program Files\Microsoft Silverlight
2009-02-26 16:59:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-26 15:21:55 ----SHD---- C:\WINDOWS\Installer
2009-02-26 15:21:54 ----HD---- C:\Config.Msi
2009-02-25 11:43:06 ----D---- C:\WINDOWS
2009-02-25 11:39:52 ----D---- C:\WINDOWS\system32
2009-02-25 11:37:11 ----A---- C:\gmail_debug_response4.txt
2009-02-25 11:37:11 ----A---- C:\gmail_debug_headers4.txt
2009-02-25 11:37:10 ----A---- C:\gmail_debug_response3.txt
2009-02-25 11:37:10 ----A---- C:\gmail_debug_response2.txt
2009-02-25 11:37:10 ----A---- C:\gmail_debug_response1.txt
2009-02-25 11:37:10 ----A---- C:\gmail_debug_headers3.txt
2009-02-25 11:37:10 ----A---- C:\gmail_debug_headers2.txt
2009-02-25 11:37:10 ----A---- C:\gmail_debug_headers1.txt
2009-02-25 11:33:51 ----HD---- C:\WINDOWS\inf
2009-02-25 11:33:50 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-25 11:33:50 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-25 11:33:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-25 11:10:41 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-24 14:06:54 ----D---- C:\Documents and Settings\Har_g\Application Data\Adobe
2009-02-24 12:14:39 ----D---- C:\WINDOWS\Minidump
2009-02-24 11:22:02 ----A---- C:\WINDOWS\BlendSettings.ini
2009-02-22 17:17:18 ----D---- C:\Documents and Settings\Har_g\Application Data\dvdcss
2009-02-22 11:07:45 ----SHD---- C:\RECYCLER
2009-02-22 10:55:39 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-02-22 10:54:50 ----RD---- C:\Program Files
2009-02-22 10:54:50 ----D---- C:\Program Files\Windows Media Player
2009-02-22 10:54:46 ----D---- C:\Documents and Settings
2009-02-20 10:05:22 ----D---- C:\WINDOWS\system32\drivers
2009-02-20 09:58:27 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2009-02-19 13:11:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-19 12:47:49 ----D---- C:\WINDOWS\system32\DirectX
2009-02-19 11:56:14 ----D---- C:\Documents and Settings\Har_g\Application Data\BitTorrent
2009-02-19 11:23:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-18 21:49:26 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 21:49:11 ----D---- C:\WINDOWS\Debug
2009-02-18 10:54:04 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-02-17 21:42:50 ----D---- C:\Program Files\Warcraft III
2009-02-16 00:01:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-13 18:41:40 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-13 18:40:45 ----RSD---- C:\WINDOWS\assembly
2009-02-13 14:32:40 ----D---- C:\Documents and Settings\Har_g\Application Data\Bioshock
2009-02-13 13:56:17 ----D---- C:\Program Files\QuickTime
2009-02-13 13:42:50 ----SD---- C:\Documents and Settings\Har_g\Application Data\Microsoft
2009-02-13 13:41:29 ----D---- C:\Program Files\Fichiers communs\System
2009-02-13 13:40:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-13 13:40:23 ----D---- C:\WINDOWS\WinSxS
2009-02-13 13:40:17 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-13 13:38:47 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-13 13:29:34 ----D---- C:\Program Files\Fichiers communs
2009-02-12 22:57:54 ----RSD---- C:\WINDOWS\Fonts
2009-02-11 18:41:17 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-02-11 18:40:08 ----D---- C:\Program Files\Internet Explorer
2009-02-11 18:39:45 ----D---- C:\WINDOWS\ie7updates
2009-02-07 19:44:25 ----D---- C:\Documents and Settings\Har_g\Application Data\HPAppData
2009-02-05 21:13:41 ----D---- C:\Program Files\Wakfu
2009-02-05 20:30:30 ----AT---- C:\WINDOWS\system32\SIntfNT.dll
2009-02-05 20:30:30 ----AT---- C:\WINDOWS\system32\SIntf32.dll
2009-02-05 20:30:30 ----AT---- C:\WINDOWS\system32\SIntf16.dll
2009-02-05 19:54:25 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2009-02-04 00:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-30 13:31:57 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-01-30 13:30:17 ----D---- C:\Program Files\AGEIA Technologies
2009-01-29 17:56:14 ----D---- C:\WINDOWS\system32\XPSViewer
2009-01-29 17:56:14 ----D---- C:\WINDOWS\system32\fr-fr
2009-01-29 17:50:41 ----D---- C:\WINDOWS\system32\en-us
2009-01-29 17:07:00 ----D---- C:\Program Files\Microsoft SQL Server
2009-01-29 16:56:31 ----D---- C:\WINDOWS\Registration
2009-01-16 22:45:01 ----D---- C:\Program Files\Electronic Arts
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-14 22:44:03 ----D---- C:\Program Files\World of Warcraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Amfilter;Trust Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2006-03-16 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-25 75072]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-08-07 110080]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-10-25 278984]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-10-06 25416]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-21 73728]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-18 4736]
R3 ADIDTSFiltService;ADI DTS Filter Service; C:\WINDOWS\system32\drivers\adidts.sys [2006-12-08 139776]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-06 93952]
R3 Amusbprt;Trust HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2006-05-09 13312]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
R3 msloop;Pilote de carte de bouclage Microsoft; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-11-12 6188320]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-07 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-07 18944]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S2 DS1410D;DS1410D; \??\C:\WINDOWS\system32\drivers\ds1410d.sys []
S3 anf2lyg4;anf2lyg4; C:\WINDOWS\system32\drivers\anf2lyg4.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi_oem;PlayLinc Adapter; C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032]
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2007-11-16 26912]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2008-09-27 79360]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-09-08 172032]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Iprip;Écouteur RIP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-06 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-09 65536]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-09-08 172090]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-11-12 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-12-25 66872]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2006-03-02 19456]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-27 654848]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 pr2agqwb;Loki Drivers Auto Removal (pr2agqwb); C:\WINDOWS\system32\pr2agqwb.exe [2007-11-14 410984]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 ANTS Profiler 3 Service;ANTS Profiler 3 Service; C:\Program Files\Red Gate\ANTS Profiler 3\RedGate.Profiler.IISProfileHost.exe [2007-08-06 20480]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2006-03-02 19456]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pgasvc;Authentification de groupe réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 PNRPSvc;Protocole de résolution de noms d'homologues; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 msvsmon80;Débogueur distant Visual Studio 2005; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2006-12-02 2805000]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
0
Har_g > Har_g
 
info.txt 

info.txt logfile of random's system information tool 1.05 2009-02-27 17:31:45

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
7-Zip 4.58 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Color Common Settings-->C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Version Cue CS3 Server {ko_KR} -->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Age of Chivalry-->"E:\Steam\steam.exe" steam://uninstall/17510
Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\setup.exe -runfromtemp -l0x0409
Age of Empires III - The WarChiefs-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710} 
Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} 
Age of Mythology Gold-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /uninstall
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Ajouter ou supprimer Adobe Creative Suite 3 Design Premium-->C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\Setup.exe
Alpha Prime-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{606E9243-41BB-4D51-96A0-D712F71E6FB5}\setup.exe" -l0x40c 
ANTS Profiler 3-->MsiExec.exe /I{4F6AF7FE-47B1-46C0-BD15-A60C03FF37A4}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:D:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Aspell Dutch Dictionary-0.50-2-->"C:\Program Files\Aspell\unins003.exe"
Aspell English Dictionary-0.50-2-->"C:\Program Files\Aspell\unins001.exe"
Aspell French Dictionary-0.50-3-->"C:\Program Files\Aspell\unins002.exe"
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
Autodesk Backburner 2008.1-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Beyond Good & Evil-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}\Setup.exe" -l0x40c 
Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Blender (remove only)-->"D:\Program Files\Blender Foundation\Blender\uninstall.exe"
Borland C++ 5.02-->C:\WINDOWS\BC5RMV.EXE C:\BC5\BC5RMV.LOG
Call of Juarez-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF} /Z"UNINSTALL"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Corel Painter X-->C:\Program Files\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A} C:\DOCUME~1\Har_g\LOCALS~1\Temp\PainterX.log
Corel Painter X-->MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Counter-Strike: Source-->"E:\Steam\steam.exe" steam://uninstall/240
Counter-Strike-->"E:\Steam\steam.exe" steam://uninstall/10
Crayon Physics Deluxe - release 51-->"D:\Program Files\Crayon Physics Deluxe\unins000.exe"
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
D.I.P.R.I.P. Warm Up-->"E:\Steam\steam.exe" steam://uninstall/17530
Dark Messiah Might and Magic Dedicated Server-->"E:\Steam\steam.exe" steam://uninstall/2145
Dark Messiah Might and Magic Multi-Player-->"E:\Steam\steam.exe" steam://uninstall/2130
Dark Messiah Might and Magic Single Player-->"E:\Steam\steam.exe" steam://uninstall/2100
Day of Defeat-->"E:\Steam\steam.exe" steam://uninstall/30
DB-Main Education 8.2 (remove only)-->"C:\Program Files\DB-MAIN Education 8.2\dbm-uninst.exe"
dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
Deathmatch Classic-->"E:\Steam\steam.exe" steam://uninstall/40
Dedicated Server-->"E:\Steam\steam.exe" steam://uninstall/5
Deus Ex - Invisible War-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B6A9773-F8F8-4D3F-BCF0-029D2B87DB8A}\Setup.exe" -l0x9 
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
Dofus-Arena-->C:\Program Files\DofusArena2\uninstall.exe
Doom 3-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EEFB15EB-FE8B-47DF-A496-1C4D1420294A} 
Dreamfall-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AF13BB2-CB0F-6B11-4E8B-1135748975E9}\setup.exe" -l0x9  -removeonly
Driver: Parallel Lines-->C:\Program Files\InstallShield Installation Information\{31CB0D80-1866-462A-9455-88614410971F}\setup.exe -runfromtemp -l0x040c -removeonly
Duke Nukem - Manhattan Project-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1} 
Dungeon Keeper 2-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Bullfrog\Dungeon Keeper 2\Uninst.isu" -c"C:\Program Files\Bullfrog\Dungeon Keeper 2\uninst.dll"
Dungeon Keeper Gold-->C:\WINDOWS\unin040c.exe -fC:\WINDOWS\SYSTEM\KEEPER\DeIsL1.isu
DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe"
Fable - The Lost Chapters-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD} 
Far Cry-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l1036 
FBX Plugin 2009.0 for Max 2009-->C:\Program Files\Autodesk\FBX\FbxPlugins\2009.0\Max2009\Uninstall.exe
FEAR-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x40c  /zU -removeonly
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GameCenter-->C:\Program Files\Cyanide\GameCenter\uninstall.exe
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
GangLand-->C:\WINDOWS\unvise32.exe D:\Program Files\MediaMobsters\GangLand\uninstal.log
Gears of War-->C:\Program Files\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\Setup.exe -runfromtemp -l0x040c
GIMP 2.4.7-->"D:\Program Files\GIMP-2.0\setup\unins000.exe"
GLOBEtrotter FLEXid Drivers-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GLOBEtrotter Software Inc.\GLOBEtrotter FLEXid Drivers\Uninst.isu"
GMail Drive Shell Extension-->rundll32.exe C:\WINDOWS\system32\ShellExt\GMailFS.dll,Uninstall C:\WINDOWS\system32\ShellExt\GMailFS.inf
GNU Aspell 0.50-3-->"C:\Program Files\Aspell\unins000.exe"
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
Half-Life 2: Deathmatch-->"E:\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Episode One-->"E:\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two-->"E:\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast-->"E:\Steam\steam.exe" steam://uninstall/340
Half-Life 2-->"E:\Steam\steam.exe" steam://uninstall/220
Half-Life: Blue Shift-->"E:\Steam\steam.exe" steam://uninstall/130
Hero Editor V0.96-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Hero Editor\ST6UNST.LOG"  
Heroes of Might & Magic V: Hammers of Fate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200091}\setup.exe" -l0x40c 
Heroes of Might and Magic V - Tribes of the East-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200092}\setup.exe" -l0x40c 
Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20071984-5EB1-4881-8EDB-082532ACEC6D}\setup.exe" -l0x40c 
Heroes of Might and Magic® III-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\3DO\Heroes3\Uninst.isu" -c"C:\Program Files\3DO\Heroes3\uninst.dll
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hitman: Contracts-->C:\PROGRA~1\Eidos\HITMAN~1\uninstall.exe
Hospital Tycoon-->C:\Program Files\Codemasters\Hospital Tycoon\uninstall.exe
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Customer Participation Program 10.0-->D:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0-->D:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.5-->D:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Pro B8800 Printer Driver Software 10.0 Rel .3-->D:\Program Files\HP\Digital Imaging\{497F9452-13F9-4983-B980-038D9AE16655}\setup\hpzscr01.exe -datfile hphscr24.dat -onestop
HP Photosmart Pro plug-in for Adobe Photoshop (R)-->MsiExec.exe /I{2CECE8AE-61C5-4115-9E1A-C88CEFEAD923}
HP Smart Web Printing-->D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->D:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Inkscape 0.46-->D:\Program Files\Inkscape\Uninstall.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Insurgency-->"E:\Steam\steam.exe" steam://uninstall/17700
iView MediaPro3-->D:\Program Files\iView MediaPro3\Uninst.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Development Kit 6 Update 3-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160030}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
KGB Archiver 1.2.0.23-->"C:\Program Files\KGB Archiver\unins000.exe"
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Le Maître de l'Olympe - Zeus.-->C:\WINDOWS\IsUn040c.exe -f"C:\Sierra\Le Maître de l' Olympe  Zeus\Uninst.isu"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Left 4 Dead Dedicated Server-->"E:\Steam\steam.exe" steam://uninstall/510
Left 4 Dead-->"E:\Steam\steam.exe" steam://uninstall/500
Lemmings for Windows 95-->C:\Program Files\WinLemm\wlvsun10.exe uninstall
Lionheart: Legacy of the Crusader (TM)-->"C:\Program Files\Black Isle\Lionheart\unins000.exe"
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
Loki-->"C:\Program Files\Cyanide\Loki\unins000.exe"
Loki-->C:\Program Files\Cyanide\Loki\unins000.exe
Lost Planet: Extreme Condition-->"E:\Steam\steam.exe" steam://uninstall/6510
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Max Payne-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39930321-4C58-4B8B-BCBF-342698C9801D}\setup.exe" uninstall uninstall
Maya 2008 Documentation (en_US)-->MsiExec.exe /I{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft AppLocale-->MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Document Explorer 2005-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Halo-->"C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
Microsoft SQL Server 2005 Mobile [FRA] Developer Tools-->MsiExec.exe /X{8BBF1F9B-846E-412E-A291-D471E5BED251}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{3F59A7E0-BC01-4435-9E93-C7D7015C21DA}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{1F24E48F-7692-4E89-8784-68DD4D2712A0}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# 2.0 Redistributable Package-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 2005 Professional - Français Service Pack 1 (KB926607)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {673539D1-18E1-4B9D-B2C7-A4A547688B89} /package {D061040C-EAF9-4F1B-B0CA-060A31115151}
Microsoft Visual Studio 2005 Professional - Français-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Professional Edition - FRA\setup.exe
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951618-v2)-->"C:\WINDOWS\$NtUninstallKB951618-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft Document Explorer 2005 - FRA-->C:\Program Files\Fichiers communs\Microsoft Shared\Help 8\Microsoft Document Explorer 2005 Language Pack - FRA\install.exe
Module de prise en charge linguistique de Microsoft Visual J# 2.0 Redistributable - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Module de prise en charge linguistique de Microsoft Visual J# 2.0 Redistributable - FRA\install.exe
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Morrowind Graphics Extender 3.3.2-->"C:\Program Files\Bethesda Softworks\Morrowind\mge3\uninstall\unins000.exe"
Morrowind-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Bethesda Softworks\Morrowind\MWUninstall\Setup.exe" -l0x40c 
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
Myst V End Of Ages-->C:\Program Files\Ubisoft\Cyan Worlds\Myst V End Of Ages\_uninst\uninstaller.exe
Nero 7 Ultra Edition-->MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31036}
NetBeans IDE 5.5.1-->C:\Program Files\netbeans-5.5.1\_uninst\uninstaller.exe
Nostale Online FR (Remove)-->"C:\Nostale(FR)\unins000.exe"
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1036 
Oblivion - Construction Set-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23D683DD-93C6-48E6-B84E-78B57778F126}\setup.exe" -l0x9  -removeonly
Oblivion - Horse Armor Pack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}\setup.exe" -l0x9  -removeonly
Oblivion - Knights of the Nine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14C87AA7-08E6-419F-A165-998EBE5023D7}\setup.exe" -l0x9  -removeonly
Oblivion - Spell Tomes-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}\setup.exe" -l0x9  -removeonly
Oblivion - Vile Lair-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}\setup.exe" -l0x9  -removeonly
Oblivion - Wizard's Tower-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F2E3D62-8B8C-448F-8900-451325E50948}\setup.exe" -l0x9  -removeonly
Oblivion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c  -removeonly
OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{25E98ECB-5727-408E-B30A-2CAF86F5B310}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 2.3-->MsiExec.exe /I{417E90DF-A9C4-43C4-90D9-FD7F107B68DB}
Opposing Force-->"E:\Steam\steam.exe" steam://uninstall/50
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Overlord-->C:\Program Files\InstallShield Installation Information\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}\Setup.exe -runfromtemp -l0x040c -removeonly
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Painkiller Overdose build 75 (NA)-->"C:\Program Files\DreamCatcher\Painkiller Overdose\Uninstall\unins000.exe"
Patrician III-->"D:\Program Files\Patrician III\unins000.exe"
Peggle Extreme-->"E:\Steam\steam.exe" steam://uninstall/3483
Penumbra Black Plague-->"D:\Program Files\Paradox Interactive\Penumbra Black Plague\unins000.exe"
Penumbra Episode 1-->"D:\Program Files\Penumbra\Episode 1\unins000.exe"
PHANTASY STAR UNIVERSE Ambition of the Illuminus-->"C:\SEGA\PHANTASY STAR UNIVERSE Illuminus\uninst\unins000.exe"
Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe
PixiePack Codec Pack-->MsiExec.exe /I{621FCD24-4498-4324-A81E-07D331376EDF}
PlayLinc-->MsiExec.exe /I{2158685C-E2B3-4026-B0A1-0FFE31837AFD}
Port Royale-->"D:\Program Files\Port Royale\unins000.exe"
Portal-->"E:\Steam\steam.exe" steam://uninstall/400
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Quake 4(TM)-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{152B782A-05F3-48EC-9AAC-4D3EB68D9E20} /l1036 
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c  -removeonly
Ricochet-->"E:\Steam\steam.exe" steam://uninstall/60
S.T.A.L.K.E.R. - Clear Sky [v1.0007]-->"D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\unins000.exe"
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]-->"D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Sacrifice-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6231FDA0-7E6F-11D4-A671-006008D09831}\Setup.exe" 
Savescreen-->"C:\Program Files\Savescreen\Uninstall.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Security Update pour Microsoft Visual Studio 2005 Professional - Français (KB937061)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {94E2AAC1-CAE5-4F73-B0D1-C471BA1F8E2A} /package {D061040C-EAF9-4F1B-B0CA-060A31115151}
Security Update pour Microsoft Visual Studio 2005 Professional - Français (KB947738)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {66DA9ADD-B1C4-4891-84D6-706E216B411B} /package {D061040C-EAF9-4F1B-B0CA-060A31115151}
Sentinel System Driver-->C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q
Shop for HP Supplies-->D:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sid Meier's Civilization 4 - Beyond the Sword-->C:\Program Files\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe -runfromtemp -l0x040c -removeonly
Sid Meier's Civilization 4 Complete-->C:\Program Files\InstallShield Installation Information\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}\setup.exe -runfromtemp -l0x040c -removeonly
SimCity 4-->C:\Program Files\Maxis\SimCity 4\EAUninstall.exe
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Source Dedicated Server-->"E:\Steam\steam.exe" steam://uninstall/205
Source SDK Base - Orange Box-->"E:\Steam\steam.exe" steam://uninstall/218
Source SDK Base-->"E:\Steam\steam.exe" steam://uninstall/215
Source SDK-->"E:\Steam\steam.exe" steam://uninstall/211
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Star Wars: Episode I Racer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\LucasArts\RACER\DeIsL1.isu"  -c"C:\Program Files\LucasArts\RACER\_ISREG32.DLL"
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
StarUML 5.0.2.1570-->"C:\Program Files\StarUML\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Stronghold 2 Deluxe-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x9  -removeonly
Synergy-->"E:\Steam\steam.exe" steam://uninstall/17520
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Team Fortress 2 Dedicated Server-->"E:\Steam\steam.exe" steam://uninstall/310
Team Fortress 2-->"E:\Steam\steam.exe" steam://uninstall/440
Team Fortress Classic-->"E:\Steam\steam.exe" steam://uninstall/20
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TES Construction Set-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Bethesda Softworks\Morrowind\CSUninstall\Setup.exe" -l0x40c 
Tomb Raider: Anniversary 1.0-->C:\Program Files\Tomb Raider - Anniversary\uninsttra.exe
Tomb Raider: Underworld 1.0-->D:\Program Files\Eidos\Tomb Raider - Underworld\uninst.exe
Tortuga - Pirates et Flibustiers-->"D:\Program Files\Tortuga\unins000.exe"
Trust GM-4600 Gamer Mouse-->C:\Program Files\Trust\GM-4600 Gamer Mouse\Uninst32.exe
Two Worlds-->D:\PROGRA~1\REALIT~1\TWOWOR~1\Unwise.exe /U D:\PROGRA~1\REALIT~1\TWOWOR~1\install.log
UltraISO 8.0 Premium Edition-->"C:\Program Files\UltraISO\unins000.exe"
Unlocker 1.8.5-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
Visual Prolog Personal Edition-->C:\VIP\VPREMOVE.EXE
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VTFEdit 1.2.4-->"C:\Program Files\VTFEdit\unins000.exe"
Wakfu-->C:\Program Files\Wakfu\uninstall.exe
Walkinside 5.1-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{A9FD7CA0-AE40-40E9-B11F-0E5872694D9F} 
Warhammer Mark of Chaos Manual Patch-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{442D5880-05B4-4DC8-A038-2EDA79FAE601}\setup.exe" -l0x40c  -removeonly
Warhammer® Mark of Chaos-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{210160CD-F27D-469F-9982-41E900F6820E}\setup.exe" -l0x7  -removeonly
Wave Splitter 2.10-->"C:\Program Files\Wave Splitter\unins000.exe"
Win'Design 7.0.0-->C:\WINDOWS\IsUn040c.exe -f"c:\program files\win'design\win'design 7.0\Wd70Uninst.isu"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinMerge 2.8.0.0-->"C:\Program Files\WinMerge\unins000.exe"
World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XIII-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42BC0474-6E50-464A-8183-5E3D32E41B1B}\Setup.exe" -l0x40c 
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY-->MsiExec.exe /I{3571656A-575D-4CED-809D-5547587121FF}
Zombie Panic! Source-->"E:\Steam\steam.exe" steam://uninstall/17500

======Hosts File======

127.0.0.1	007guard.com
127.0.0.1	www.007guard.com
127.0.0.1	008i.com
127.0.0.1	008k.com
127.0.0.1	www.008k.com
127.0.0.1	00hq.com
127.0.0.1	www.00hq.com
127.0.0.1	010402.com
127.0.0.1	032439.com
127.0.0.1	www.032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition

System event log

Computer Name: HARG-COMPUTER
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

Record Number: 47082
Source Name: Service Control Manager
Time Written: 20090202065605.000000+060
Event Type: information
User: 

Computer Name: HARG-COMPUTER
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 47081
Source Name: Service Control Manager
Time Written: 20090202065605.000000+060
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HARG-COMPUTER
Event Code: 18
Message: TIMEOUT<explorer.exe> C:\...porebin\SporeApp.exe

Record Number: 47080
Source Name: avgntflt
Time Written: 20090202065219.000000+060
Event Type: warning
User: 

Computer Name: HARG-COMPUTER
Event Code: 10016
Message: Les paramètres d'autorisation par défaut de l'ordinateur n'accordent pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID 
{BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
 au SID AUTORITE NT\SERVICE LOCAL de l'utilisateur (S-1-5-19). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants.

Record Number: 47079
Source Name: DCOM
Time Written: 20090202065046.000000+060
Event Type: error
User: AUTORITE NT\SERVICE LOCAL

Computer Name: HARG-COMPUTER
Event Code: 10016
Message: Les paramètres d'autorisation par défaut de l'ordinateur n'accordent pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID 
{BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
 au SID AUTORITE NT\SERVICE LOCAL de l'utilisateur (S-1-5-19). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants.

Record Number: 47078
Source Name: DCOM
Time Written: 20090202065046.000000+060
Event Type: error
User: AUTORITE NT\SERVICE LOCAL

Application event log

Computer Name: HARG-COMPUTER
Event Code: 3407
Message: 0 transactions restaurées dans la base de données 'msdb' (4). Ce message est fourni à titre d'information seulement. Aucune action n'est requise de la part de l'utilisateur.

Record Number: 38606
Source Name: MSSQL$SQLEXPRESS
Time Written: 20090129185148.000000+060
Event Type: information
User: 

Computer Name: HARG-COMPUTER
Event Code: 3406
Message: 1 transactions restaurées par progression dans la base de données 'msdb' (4). Ce message est fourni à titre d'information seulement. Aucune action n'est requise de la part de l'utilisateur.

Record Number: 38605
Source Name: MSSQL$SQLEXPRESS
Time Written: 20090129185148.000000+060
Event Type: information
User: 

Computer Name: HARG-COMPUTER
Event Code: 17136
Message: Effacement de la base de données tempdb.

Record Number: 38604
Source Name: MSSQL$SQLEXPRESS
Time Written: 20090129185147.000000+060
Event Type: information
User: 

Computer Name: HARG-COMPUTER
Event Code: 17126
Message: SQL Server est maintenant prêt pour les connexions clientes. Ce message est fourni uniquement à titre d'information. Aucune action n'est requise de la part de l'utilisateur.

Record Number: 38603
Source Name: MSSQL$SQLEXPRESS
Time Written: 20090129185147.000000+060
Event Type: information
User: 

Computer Name: HARG-COMPUTER
Event Code: 17199
Message: La prise en charge de connexion administrateur dédiée n'a pas démarré parce qu'elle n'est pas disponible dans cette édition de SQL Server. Ce message est fourni uniquement à titre d'information. Aucune action n'est requise de la part de l'utilisateur.

Record Number: 38602
Source Name: MSSQL$SQLEXPRESS
Time Written: 20090129185147.000000+060
Event Type: information
User: 

======Environment variables======

"COBCPY"=C:\PCOBWIN\CLASSLIB
"COBDIR"=C:\PCOBWIN
"COBHNF"=C:\PCOBWIN
"COBSW"=+p3/s14000
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DSGDIR"=C:\PCOBWIN
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=D:\Program Files\Autodesk\Maya2008\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PCOBWIN;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;D:\Program Files\Autodesk\Backburner\;C:\Program Files\Fichiers communs\Autodesk Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0f0b
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"VS80COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 2 / 3
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour, rien de visible coté infection mais tu as deux anti-virus avast et antivir c'est pas très bon pour la bonne marche du pc, supprime avast et conserve antivir qui est plus performant, sinon peux tu passer malwarebytes et poster le rapport , sinon tes exe donner comme infectieux sont en rapport avec quoi ??

Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Il va se mettre à jour une fois faite
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)

. cliques sur Supprimer la sélection

. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller

0
Réponse 3 / 3
Har_g2001
 
Je recoit des alertes de ce genre lorsque

je fais clic-droit sur un raccourci sur le bureau (le fichier infectieux provient alors du temp/avast4)
lorsque je lance le jeu fallout3 (le fichier infectieux est l'exe launcher). (ce fichier est récemment corrompu)
Parfois au milieu d'un traitement (lors du test mémoire avast, sur une des dll dans le temp)
Parfois sans que je ne puisse identifier la source.

Remarque : je viens de me rendre compte que de tant en tant, le trojan ne se nomme pas "TR/Agent.bqpu" mais plutôt "TR/Crypt.XPACK.Gen" dans temp/_avast4_/unp100772851. Le cas de cette remarque provient d'une détection de avira lors de l'exécution de MWB (dossier actuel : le temp) à l'instant.

Je termine mwb et je posterai le rapport. Je désinstallerai sans doute avast ensuite.

Prochaine réponse demain matin.
0
Har_g2001
 
rapport MBAM

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1777
Windows 5.1.2600 Service Pack 3

19/02/2009 10:45:34
mbam-log-2009-02-19 (10-45-34).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 792964
Temps écoulé: 11 hour(s), 25 minute(s), 14 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
E:\Mes documents\Ma DOCUMENTATION\Infographie\Formation Adobe\Apllications\PortableVLC\vlc\plugins\libaout_directx_plugin.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Mes documents\Ma DOCUMENTATION\Informatique\Formation Adobe\Apllications\PortableVLC\vlc\plugins\libaout_directx_plugin.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Mes documents\Ma DOCUMENTATION\Informatique\PDF Ebook Guide OReilly - Java Servlet and JSP Cookbook - 2008 - By Laxxuss\Make Money Online Get Rich Starting Today\EXTENDED MONEY GUIDE - Make Even More Money.exe (Adware.Agent) -> Quarantined and deleted successfully.
E:\Mes documents\Ma DOCUMENTATION\Informatique\PDF Ebook Guide OReilly - Java Servlet and JSP Cookbook - 2008 - By Laxxuss\Make Money Online Get Rich Starting Today\Checker\Checker.exe (Adware.Agent) -> Quarantined and deleted successfully.



Après le redémarrage, le clic-droit sur un élément entraine encore une alerte trojan de avira.
Je vais désinstaller avast4 qui me semble corrompu.
0
Burnt_cells > Har_g2001
 
J'ai eu le meme probleme avec le jeu fallout 3, le probleme est survenu apres avoir installer un mod pour fallout 3 , jai essayer avira et solo antivirus aucun ne semble capable de l'enlever
0

Discussions similaires

Signification "TR"
andromeid -
matrix4422 -

3 réponses
Signification des abréviations RE: et TR:
La Salamandre -
Iolose -

19 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses
casque sans fil Sennheiser TR 4200 ne fonctionne plus
jcb83400 -
DIY -

3 réponses
Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses