Tom's Guide > Forum > Sécurité - Virus > Infection par TR/Crypt.XDR.Gen

Infection par TR/Crypt.XDR.Gen

Forum Sécurité - Virus : Infection par TR/Crypt.XDR.Gen

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
shadowced@IDN   18-05-2009 à 13:13:15

Bonjour à tous,

infecté par un trojan depuis hier (Crypt.XDR.Gen) j'ai tenté de l'enlever avec Avira
Il l'efface ou le met en quarantaine mais le trojan réapparait
J'ai tenté A², Spybot, HijackThis, BitDefender en ligne mais rien n'y fait, il revient !!

Quelqu'un a t'il une solution à me proposer?

Merci d'avance

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Destrio5   18-05-2009 à 13:20:55
- 0 +

Bonjour,

Il est détecté à quel emplacement ?

Répondre à Destrio5
shadowced@IDN   18-05-2009 à 22:13:40
- 0 +

un peu partout...
autant dans windows/system32 que dans programfiles...
c'est la merde !!

Répondre à shadowced@IDN
Destrio5   18-05-2009 à 22:14:06
- 0 +

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Répondre à Destrio5
shadowced@IDN   18-05-2009 à 22:22:10
- 0 +

impossible de le télécharger
le lien est mauvais et pas moyen de le trouver ailleurs

 

ok j'ai réussi à l'avoir sur un autre ordi


Message édité par shadowced@IDN le 18-05-2009 à 22:30:18
Répondre à shadowced@IDN
shadowced@IDN   18-05-2009 à 22:35:03
- 0 +

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-05-18 22:35:33
Microsoft Windows XP Professionnel Service Pack 3, v.5512
System drive C: has 19 GB (63%) free of 30 GB
Total RAM: 2047 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:11, on 18/05/2009
Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Taskix\Taskix32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WinRoll\winroll.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\EXPERTool ATI\TBPanel.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Administrateur\Administrateur.exe
C:\Documents and Settings\Administrateur\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Microsoft] avgemcu.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GroupManager] C:\Program Files\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\groupmanager.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WINSUPPORT] C:\WINDOWS\system32:gsserver.exe
O4 - HKLM\..\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
O4 - HKLM\..\RunServices: [Microsoft] avgemcu.exe
O4 - HKCU\..\Run: [WinRoll] "C:\Program Files\WinRoll\winroll.exe"
O4 - HKCU\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Gainward] C:\Program Files\EXPERTool ATI\TBPanel.exe /A
O4 - HKCU\..\Run: [Administrateur] C:\Documents and Settings\Administrateur\Administrateur.exe /i
O4 - HKCU\..\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
O4 - HKCU\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: WiFi Station pour Livebox.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9871483142140) (gupdate1c9871483142140) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 9324 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2ba40a1-74f3-42bd-f434-12345a2c8953}]
C:\WINDOWS\system32\jkshfuiehi.dll - C:\WINDOWS\system32\jkshfuiehi.dll [2009-05-18 15000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Taskix"=C:\Program Files\Taskix\Taskix32.exe [2008-04-02 124416]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-06-27 91432]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"LiveMonitor"=C:\Program Files\MSI\Live Update 3\LMonitor.exe [2008-04-30 498176]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"GroupManager"=C:\Program Files\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\groupmanager.exe []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-01-29 16859648]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"WINSUPPORT"=C:\WINDOWS\system32:gsserver.exe []
"xsstimer"=C:\WINDOWS\system32:gsserver.exe []
"reader_s"=C:\WINDOWS\System32\reader_s.exe [2009-05-18 60929]
"sysldtray"=c:\windows\ld08.exe [2009-05-18 38912]
"Secure AntiVirus Pro"=C:\WINDOWS\AV.EXE [2009-05-18 270848]
"services"=C:\WINDOWS\services.exe [2009-05-18 68096]
"sysmstray"=c:\windows\mstre19.exe [2009-05-18 50688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinRoll"=C:\Program Files\WinRoll\winroll.exe [2004-04-07 15360]
"LClock"=C:\Program Files\LClock\LClock.exe [2004-09-19 65536]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520]
"Gainward"=C:\Program Files\EXPERTool ATI\TBPanel.exe [2008-09-05 2300456]
"Administrateur"=C:\Documents and Settings\Administrateur\Administrateur.exe [2009-05-18 20521]
"xsstimer"=C:\WINDOWS\system32:gsserver.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
""=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hu5pl.exe [2009-05-18 15001]
"reader_s"=C:\Documents and Settings\Administrateur\reader_s.exe [2009-05-18 60929]
"SYS32DLL"=SYS32DLL []
"uidenhiufgsduiazghs"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hu5pl.exe [2009-05-18 15001]
"12ZFG94-F641-2SF-K31P-5N1ER6H6L2"=C:\RECYCLER\S-1-5-21-9144144216-7300028055-966814643-6506\service.exe [2009-05-18 96220]
"12CFG515-K641-55SF-N66P"=C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe [2009-05-18 51200]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WifiStationLB.exe

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
Outil de notification Live Search.lnk - C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\ThunMail\testabd.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-10-21 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-22 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\jkshfuiehi.dll [2009-05-18 15000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoSMHelp"=1
"ForceClassicControlPanel"=1
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=1
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoStartMenuMFUprogramsList"=1
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideRunAsVerb"=
"NoActiveDesktop"=
"NoDriveTypeAutoRun"=
"NoInstrumentation"=
"NoResolveTrack"=
"NoSetActiveDesktop"=
"NoStartMenuMFUprogramsList"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\eMule\emule.exe"="E:\eMule\emule.exe:*:Enabled:eMuleMorphXT"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ENABLE"
"\"="c:\adspl.exe:*:Enabled:KL"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.reg - edit -
.reg - open -

======List of files/folders created in the last 1 months======

2009-05-18 22:35:33 ----D---- C:\rsit
2009-05-18 22:14:39 ----A---- C:\3735555.bat
2009-05-18 22:12:50 ----A---- C:\p2hhr.bat
2009-05-18 22:12:20 ----A---- C:\43214354.bat
2009-05-18 22:11:57 ----A---- C:\lssgcx.exe
2009-05-18 22:11:49 ----A---- C:\upqsh.exe
2009-05-18 22:07:43 ----H---- C:\WINDOWS\mstre19.exe
2009-05-18 20:28:30 ----A---- C:\wenokp.exe
2009-05-18 20:08:14 ----A---- C:\WINDOWS\services.exe
2009-05-18 20:08:13 ----A---- C:\WINDOWS\system32\7C.tmp
2009-05-18 20:08:12 ----A---- C:\WINDOWS\system32\7B.tmp
2009-05-18 20:08:08 ----A---- C:\WINDOWS\system32\79.tmp
2009-05-18 20:08:07 ----A---- C:\WINDOWS\system32\78.tmp
2009-05-18 20:08:05 ----A---- C:\mmvnpq.exe
2009-05-18 20:08:04 ----A---- C:\vfmf.exe
2009-05-18 20:08:02 ----A---- C:\WINDOWS\AV.EXE
2009-05-18 20:08:02 ----A---- C:\ueksxwdu.exe
2009-05-18 20:08:01 ----A---- C:\adspl.exe
2009-05-18 20:07:59 ----RSHD---- C:\Program Files\ThunMail
2009-05-18 20:07:40 ----D---- C:\WINDOWS\system32\790151
2009-05-18 20:07:40 ----A---- C:\WINDOWS\system32\SYS32DLL.exe
2009-05-18 20:07:33 ----H---- C:\WINDOWS\ld08.exe
2009-05-18 20:07:32 ----A---- C:\WINDOWS\system32\reader_s.exe
2009-05-18 20:07:31 ----A---- C:\jfknkkkh.exe
2009-05-18 20:07:29 ----A---- C:\teoo.exe
2009-05-18 20:07:29 ----A---- C:\lafp.exe
2009-05-18 20:07:27 ----A---- C:\WINDOWS\system32\jkshfuiehi.dll
2009-05-18 13:45:48 ----A---- C:\ohuch.exe
2009-05-18 11:38:28 ----D---- C:\Program Files\a-squared Free
2009-05-18 11:32:13 ----D---- C:\WINDOWS\avxoscan
2009-05-18 10:32:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-18 10:32:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-17 21:12:04 ----D---- C:\WINDOWS\system32\Winxsstimer
2009-05-17 21:12:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Winxsstimer
2009-05-17 19:04:46 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-05-17 19:04:43 ----A---- C:\WINDOWS\system32\Lanceur2.exe
2009-05-17 19:04:42 ----D---- C:\Program Files\SoftwarePassport
2009-05-17 19:04:31 ----A---- C:\WINDOWS\system32\CP3245MT.DLL
2009-05-17 19:04:31 ----A---- C:\WINDOWS\system32\CC3260MT.DLL
2009-05-17 19:04:31 ----A---- C:\WINDOWS\system32\BORLNDMM.DLL
2009-05-17 14:52:29 ----A---- C:\WINDOWS\system32\gsserver.exe
2009-05-17 14:52:21 ----A---- C:\WINDOWS\buftemp8.exe
2009-05-17 14:52:21 ----A---- C:\WINDOWS\buftemp7.exe
2009-05-17 14:52:21 ----A---- C:\WINDOWS\buftemp6.exe
2009-05-17 14:52:18 ----A---- C:\WINDOWS\buftemp5.exe
2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp4.exe
2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp3.exe
2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp2.exe
2009-05-17 14:52:17 ----A---- C:\WINDOWS\buftemp1.exe
2009-05-17 13:07:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-05-17 13:07:36 ----D---- C:\Program Files\VideoLAN
2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-05-09 22:03:15 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-05-09 22:03:12 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2009-05-09 22:03:11 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-05-09 22:03:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\Real
2009-05-08 22:31:55 ----D---- C:\Program Files\FLVCodec
2009-05-08 22:31:47 ----D---- C:\Program Files\WinPcap
2009-05-08 22:31:43 ----D---- C:\Program Files\RipTiger
2009-05-08 13:25:54 ----D---- C:\Program Files\iPod
2009-05-08 13:25:52 ----D---- C:\Program Files\iTunes
2009-05-08 13:25:52 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-08 13:24:12 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-05-07 20:25:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hoyle Blackjack
2009-05-07 20:11:09 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hoyle FaceCreator
2009-05-07 20:11:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hoyle Card Games
2009-05-06 17:43:30 ----D---- C:\Documents and Settings\All Users\Application Data\The Humans
2009-05-05 12:38:04 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-05-04 22:21:04 ----A---- C:\WINDOWS\ODBC.INI
2009-05-04 22:19:39 ----D---- C:\WINDOWS\Micro Application Shared
2009-05-04 22:19:39 ----A---- C:\WINDOWS\system32\ODBCSTF.DLL
2009-05-04 22:19:38 ----A---- C:\WINDOWS\system32\MSJT4JLT.DLL
2009-05-04 22:19:37 ----A---- C:\WINDOWS\system32\Odbctl32.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\vbar332.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msxbse35.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\mstext35.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msrd2x35.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\mspdox35.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msltus35.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msjet35.dll
2009-05-04 22:19:34 ----A---- C:\WINDOWS\system32\msexcl35.dll
2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\rdocurs.dll
2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\msrepl35.dll
2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\MSRDO20.DLL
2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\msjter35.dll
2009-05-04 22:19:33 ----A---- C:\WINDOWS\system32\Msjint35.dll
2009-05-04 22:19:30 ----D---- C:\Program Files\Micro Application
2009-05-04 22:18:14 ----A---- C:\WINDOWS\IsUn040c.exe
2009-05-04 22:15:31 ----A---- C:\WINDOWS\Navigma.INI
2009-05-03 13:24:30 ----A---- C:\WINDOWS\system32\enc_ba-2_000001.ini
2009-05-03 13:24:30 ----A---- C:\WINDOWS\Progs_.ini
2009-05-03 13:23:46 ----D---- C:\Program Files\VIRTUELSOFT
2009-05-03 13:23:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
2009-05-02 21:14:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\BSHOOTER.com
2009-05-02 21:08:33 ----D---- C:\Program Files\ReflexiveArcade
2009-05-01 20:42:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Valusoft
2009-04-28 22:38:29 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-04-28 22:38:28 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-04-28 22:38:28 ----A---- C:\WINDOWS\system32\PCCLPFR.DLL
2009-04-28 22:38:28 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-04-28 22:38:27 ----D---- C:\Program Files\Free FLV Converter
2009-04-28 22:38:27 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-04-27 21:21:00 ----D---- C:\Program Files\Internet Digital Radio Tuner
2009-04-26 01:12:09 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-04-26 01:08:34 ----N---- C:\WINDOWS\system32\px.dll
2009-04-26 01:08:22 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-04-26 01:08:22 ----D---- C:\Program Files\DivX
2009-04-24 00:11:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Snapfish
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\TTIC32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\TTI32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\STRING32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\MXRestore.exe
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\msxml4a.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\mgxcdr.txt
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLRES32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLRD32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
2009-04-20 00:16:04 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLIX.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLISO32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLIO32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
2009-04-20 00:16:03 ----A---- C:\WINDOWS\system32\DLLAV32.dll
2009-04-20 00:15:39 ----D---- C:\Documents and Settings\All Users\Application Data\MAGIX
2009-04-20 00:15:31 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
2009-04-20 00:15:20 ----D---- C:\WINDOWS\system32\MAGIX
2009-04-20 00:15:20 ----A---- C:\WINDOWS\system32\mgxoschk.dll
2009-04-20 00:15:20 ----A---- C:\WINDOWS\mgxoschk.ini
2009-04-20 00:14:28 ----D---- C:\WINDOWS\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe
2009-04-20 00:13:47 ----A---- C:\WINDOWS\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe Setup Log.txt

======List of files/folders modified in the last 1 months======

2009-05-18 22:35:34 ----D---- C:\WINDOWS\Temp
2009-05-18 22:15:40 ----D---- C:\WINDOWS\system32\drivers
2009-05-18 22:13:23 ----RASHD---- C:\WINDOWS\system32
2009-05-18 22:12:11 ----D---- C:\Program Files\Mozilla Firefox
2009-05-18 22:07:43 ----RSHD---- C:\WINDOWS
2009-05-18 20:28:36 ----A---- C:\WINDOWS\system32\svchost.exe
2009-05-18 20:07:59 ----D---- C:\Program Files
2009-05-18 20:07:55 ----RSHD---- C:\RECYCLER
2009-05-18 20:07:34 ----D---- C:\WINDOWS\system32\dllcache
2009-05-18 20:07:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-18 20:07:30 ----D---- C:\WINDOWS\system
2009-05-18 19:28:24 ----D---- C:\WINDOWS\Prefetch
2009-05-18 11:33:12 ----D---- C:\Program Files\Internet Explorer
2009-05-18 11:31:56 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-18 10:27:00 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-18 10:19:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-17 19:06:24 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-05-17 19:04:31 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-17 19:04:31 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-05-17 12:27:08 ----SHD---- C:\WINDOWS\Installer
2009-05-17 12:27:00 ----D---- C:\Program Files\Google
2009-05-16 22:25:02 ----D---- C:\Documents and Settings\All Users\Application Data\Soulseek
2009-05-16 11:57:23 ----RSD---- C:\WINDOWS\assembly
2009-05-16 11:57:23 ----D---- C:\WINDOWS\system32\DirectX
2009-05-15 00:23:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\FileZilla
2009-05-11 10:34:35 ----AD---- C:\Documents and Settings\All Users\Application Data\Temp
2009-05-09 22:03:51 ----D---- C:\Program Files\K-Lite Codec Pack
2009-05-09 20:41:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-08 19:17:32 ----D---- C:\WINDOWS\inf
2009-05-08 13:26:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-08 13:25:54 ----D---- C:\Program Files\Fichiers communs\Apple
2009-05-08 13:25:13 ----D---- C:\Program Files\Bonjour
2009-05-08 13:25:00 ----D---- C:\Program Files\QuickTime Alternative
2009-05-06 17:12:52 ----SD---- C:\WINDOWS\Tasks
2009-05-04 22:21:04 ----A---- C:\WINDOWS\win.ini
2009-05-04 22:21:03 ----A---- C:\WINDOWS\ODBCINST.INI
2009-05-04 22:19:39 ----RSD---- C:\WINDOWS\Fonts
2009-05-01 15:06:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\Vso
2009-04-26 01:08:22 ----D---- C:\Program Files\Fichiers communs
2009-04-19 13:36:25 ----D---- C:\Program Files\DVDFab 5
2009-04-19 13:27:46 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-26 75072]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-26 21419]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-13 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-13 25888]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-08-22 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-10-21 3331584]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-21 89600]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-08-22 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-30 4725760]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-08-22 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-16 47360]
R3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-12-21 429440]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-08-22 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-08-22 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-08-22 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-08-22 26368]
S2 acpi32;acpi32; \??\C:\WINDOWS\system32\drivers\acpi32.sys []
S2 amd64si;amd64si; \??\C:\WINDOWS\system32\drivers\amd64si.sys []
S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []
S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
S2 i386si;i386si; \??\C:\WINDOWS\system32\drivers\i386si.sys []
S2 ksi32sk;ksi32sk; \??\C:\WINDOWS\system32\drivers\ksi32sk.sys []
S2 nicsk32;nicsk32; \??\C:\WINDOWS\system32\drivers\nicsk32.sys []
S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
S2 securentm;securentm; \??\C:\WINDOWS\system32\drivers\securentm.sys []
S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []
S2 ws2_32sik;ws2_32sik; \??\C:\WINDOWS\system32\drivers\ws2_32sik.sys []
S3 a27pbf3c;a27pbf3c; C:\WINDOWS\system32\drivers\a27pbf3c.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; \??\J:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-08-22 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 pohci13F;pohci13F; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pohci13F.sys []
S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2006-11-23 18432]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-22 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-22 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-05-18 717320]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-12-26 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-12-26 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-10-21 581632]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-15 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-04-15 107832]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-03 593920]
S2 Darkness;Darkness; C:\WINDOWS\system\svchost.exe [2009-05-18 17691]
S2 FCI;FCI; C:\WINDOWS\system32\fci.exe.exe:ext.exe []
S2 gupdate1c9871483142140;Google Update Service (gupdate1c9871483142140); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-05 133104]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-15 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-05-18 14336]

-----------------EOF-----------------


Message édité par shadowced@IDN le 18-05-2009 à 22:51:28
Répondre à shadowced@IDN
shadowced@IDN   18-05-2009 à 22:51:51
- 0 +

info.txt logfile of random's system information tool 1.06 2009-05-18 22:35:40

======Uninstall list======

-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
AbiWord 2.6.5-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe
Acrobat.com-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
Adobe Reader 9.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASAPI-->MsiExec.exe /X{8A7E941F-2BB4-47D0-B732-8AE5F3513B68}
a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Parental Control & Encoder-->MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BD Advisor 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
ConvertXtoDVD 3.2.4.82-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
dBpowerAMP FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
dBpowerAMP Mp4 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
dBpowerAMP Musepack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Musepack Codec.dat
dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
dMC Power Pack-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dMC Power Pack.dat
Dual-Core Optimizer-->MsiExec.exe /X{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}
DualCoreCenter-->"C:\Program Files\MSI\DualCoreCenter\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.1.2 Be-->"C:\Program Files\DVDFab 5\unins000.exe"
Entraîneur Cérébral 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A62C42C-FDB3-4BCC-A41A-89FA813250E3}\setup.exe" -l0x40c -removeonly
EXPERTool ATI 4.1-->"C:\Program Files\EXPERTool ATI\unins000.exe"
FastStone-->"C:\Program Files\FastStone Capture\Désinstaller.exe"
FileZilla Client 3.2.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Filter Forge 1.009-->"C:\Program Files\Filter Forge\unins000.exe"
Free FLV Converter V 6.32-->"C:\Program Files\Free FLV Converter\unins000.exe"
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
GrabIt 1.7.2 Beta 3 (build 996)-->"C:\Program Files\GrabIt\unins000.exe"
Hercules WiFi Station for Livebox-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Internet Digital Radio Tuner 2.3.1-->"C:\Program Files\Internet Digital Radio Tuner\unins000.exe"
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jun's Factory JM-1-->"C:\Program Files\Steinberg\Vstplugins\Jun's Factory\epuninst.exe" /s
K-Lite Mega Codec Pack 4.8.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
L'Album de Bébé-->MsiExec.exe /I{FF1A5077-C7E9-442A-B57A-37C23606AEE4}
Last.fm 1.5.4.24567-->"C:\Program Files\Last.fm\unins000.exe"
LClock-->"C:\Program Files\LClock\Désinstaller.exe"
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe-->"C:\WINDOWS\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\uninstall.exe" "/U:C:\Program Files\MAGIX Xtreme PhotoStory on CD and DVD 7 Deluxe\Uninstall\uninstall.xml"
Micro Application - Faire-Part-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Faire-Part\Uninst.isu" -c"C:\Program Files\Micro Application\Faire-Part\_UNODBC.DLL"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSI Live Update 3-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\Live Update 3\Uninst.isu"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Native Instruments Absynth v3.0-->C:\PROGRA~1\NATIVE~1\ABSYNT~2\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~2\INSTALL.LOG
Native Instruments FM7 VSTi DXI RTAS v1.1.3.4-->C:\PROGRA~1\NATIVE~1\FM7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\FM7\INSTALL.LOG
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PlayFLV-->"C:\Program Files\FLVCodec\uninstall.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
QuickTime Alternative 2.7.0-->"C:\Program Files\QuickTime Alternative\unins000.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
ratDVD 0.78.1444-->C:\Program Files\ratDVD\uninst.exe
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoulSeek 157 NS 13c-->"C:\Program Files\SoulseekNS\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steinberg Cubase LE 4-->MsiExec.exe /I{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}
Sumatra PDF Reader-->"C:\Program Files\SumatraPDF\Désinstaller.exe"
Taskix-->"C:\Program Files\Taskix\Désinstaller.exe"
The Panorama Factory V4 m32 Edition-->MsiExec.exe /I{32FF2F41-E230-478E-BD33-2818FB595C05}
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
uTorrent-->"C:\Program Files\uTorrent\Désinstaller.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WaveLab 6-->"C:\Program Files\Steinberg\WaveLab 6\Uninstall.exe" "C:\Program Files\Steinberg\WaveLab 6\install.log"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Trust Installer-->"C:\Program Files\WTInstaller\Désinstaller.exe"
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinRoll-->"C:\Program Files\WinRoll\Désinstaller.exe"
XtremSplit-->"C:\Program Files\XtremSplit\Désinstaller.exe"

=====HijackThis Backups=====

O4 - HKLM\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe [2009-05-18]
O4 - Startup: PowerReg Scheduler V3.exe [2009-05-18]
O4 - HKCU\..\Policies\Explorer\Run: [xsstimer] C:\WINDOWS\system32:gsserver.exe [2009-05-18]
O4 - HKLM\..\Run: [Microsoft] avgemcu.exe [2009-05-18]

Securitycenter WMI appears to be broken

======System event log======

Computer Name: WINDOWS-90530AC
Event Code: 62486
Message: Invalid parameters

Record Number: 13661
Source Name: ati2mtag
Time Written: 20090508222459.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 62486
Message: Invalid parameters

Record Number: 13660
Source Name: ati2mtag
Time Written: 20090508222459.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 62486
Message: Invalid parameters

Record Number: 13659
Source Name: ati2mtag
Time Written: 20090508222459.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 62486
Message: Invalid parameters

Record Number: 13658
Source Name: ati2mtag
Time Written: 20090508222459.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 62486
Message: Invalid parameters

Record Number: 13657
Source Name: ati2mtag
Time Written: 20090508222459.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: WINDOWS-90530AC
Event Code: 0
Message:
Record Number: 1968
Source Name: gupdate1c9871483142140
Time Written: 20090512102843.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 4096
Message: The AntiVir service has been started successfully!

Record Number: 1967
Source Name: Avira AntiVir
Time Written: 20090512102816.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: WINDOWS-90530AC
Event Code: 1
Message:
Record Number: 1966
Source Name: Bonjour Service
Time Written: 20090512102814.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 0
Message:
Record Number: 1965
Source Name: gupdate1c9871483142140
Time Written: 20090512102813.000000+120
Event Type: Informations
User:

Computer Name: WINDOWS-90530AC
Event Code: 105
Message: The service was started.

Record Number: 1964
Source Name: ATI Smart
Time Written: 20090512102810.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime Alternative\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Répondre à shadowced@IDN
Destrio5   18-05-2009 à 23:03:53
- 0 +

Mon lien fonctionne mais à cause de tes infections, tu ne peux pas atteindre le fichier.

Ton PC est infecté par Virut, je pense qu'il est inutile d'essayer de le désinfecter :
http://www.commentcamarche.net/faq [...] imer-virut

Répondre à Destrio5
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Infection par TR/Crypt.XDR.Gen
Aller à :

Il y a 364 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,214 secondes
Liens