Imposible d'eliminer un virus

ched78 · Message par **ched78** » sam. 27 mars 2010 01:53

Merci pour ton aide
Voici le log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by Charles at 2010-03-27 00:49:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (51%) free of 21 GB
Total RAM: 2524 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:49:22, on 27/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\IRW.exe
C:\Program Files\Boot Camp\KbdMgr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\AppleOSSMgr.exe
C:\WINDOWS\system32\AppleTimeSrv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Safari\Safari.exe
C:\Documents and Settings\Charles\Desktop\RSIT.exe
C:\Program Files\trend micro\Charles.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IRW] C:\WINDOWS\system32\IRW.exe
O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269631989858
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1269631967467
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\WINDOWS\system32\AppleOSSMgr.exe
O23 - Service: Apple Time Service (AppleTimeSrv) - Apple Inc. - C:\WINDOWS\system32\AppleTimeSrv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

--
End of file - 7099 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-07-11 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-07-11 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-07-11 138008]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-08 16384512]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2007-10-08 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IRW"=C:\WINDOWS\system32\IRW.exe [2007-10-08 147456]
"Apple_KbdMgr"=C:\Program Files\Boot Camp\KbdMgr.exe [2007-10-08 419120]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-02-27 278016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-07-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Efficasoft Mobile Express\MobileExpress.exe"="C:\Program Files\Efficasoft Mobile Express\MobileExpress.exe:*:Enabled:Efficasoft Mobile Express"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69a5748e-2235-11df-8e5f-001e52d912be}]
shell\AutoRun\command - G:\d1vmq.exe
shell\open\command - G:\d1vmq.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b841b337-2204-11df-8e5e-001e52d912be}]
shell\AutoRun\command - F:\d1vmq.exe
shell\open\command - F:\d1vmq.exe


======List of files/folders created in the last 1 months======

2010-03-27 00:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-03-27 00:18:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-03-27 00:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-03-27 00:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-03-27 00:17:25 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-03-27 00:16:53 ----D---- C:\WINDOWS\LastGood
2010-03-27 00:15:04 ----A---- C:\WINDOWS\system32\SET15.tmp
2010-03-26 23:32:28 ----D---- C:\Program Files\Microsoft
2010-03-26 23:32:11 ----D---- C:\Program Files\Windows Live SkyDrive
2010-03-26 23:31:48 ----D---- C:\Program Files\Windows Live
2010-03-26 23:27:49 ----D---- C:\Program Files\Common Files\Windows Live
2010-03-26 23:27:18 ----D---- C:\WINDOWS\system32\windowspowershell
2010-03-26 23:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2010-03-26 23:27:14 ----D---- C:\Documents and Settings\Charles\Application Data\Windows Desktop Search
2010-03-26 23:26:48 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-03-26 23:26:48 ----D---- C:\Program Files\Windows Desktop Search
2010-03-26 23:26:35 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-03-26 23:26:32 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-03-26 23:25:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-26 23:25:58 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-03-26 23:25:32 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-03-26 23:24:42 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-03-26 23:24:04 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-03-26 23:22:41 ----D---- C:\WINDOWS\system32\URTTEMP
2010-03-26 22:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-26 22:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-26 22:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-26 22:35:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-26 22:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-26 22:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-26 22:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-26 22:35:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-26 22:35:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-26 22:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-26 22:34:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-26 22:34:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-26 22:34:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-26 22:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-03-26 22:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-03-26 22:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-26 22:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-26 22:34:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-03-26 22:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-03-26 22:34:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-03-26 22:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-03-26 22:34:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-03-26 22:33:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-03-26 22:33:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-03-26 22:31:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-03-26 22:31:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-03-26 22:31:24 ----D---- C:\WINDOWS\ie8updates
2010-03-26 22:31:10 ----D---- C:\WINDOWS\WBEM
2010-03-26 22:30:02 ----HDC---- C:\WINDOWS\ie8
2010-03-26 22:25:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-03-26 22:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-03-26 22:25:06 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-03-26 22:25:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-03-26 22:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-03-26 22:24:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-03-26 22:24:32 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-03-26 22:24:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-03-26 22:24:23 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-03-26 22:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-03-26 22:24:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-03-26 22:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-03-26 22:23:56 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-03-26 22:23:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-26 22:23:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-03-26 22:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-26 22:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-26 22:23:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-03-26 22:23:09 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-03-26 22:23:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-03-26 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-03-26 22:22:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-26 22:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-03-26 22:22:09 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-26 22:22:01 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-03-26 22:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-03-26 22:09:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-03-26 22:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-03-26 22:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-03-26 22:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-03-26 22:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-26 22:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-03-26 22:09:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-03-26 22:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-03-26 22:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-03-26 22:08:52 ----D---- C:\Program Files\MSXML 4.0
2010-03-26 22:08:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-26 22:08:38 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-26 22:08:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-26 22:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-26 22:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-26 22:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-26 22:07:59 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-26 21:48:07 ----D---- C:\WINDOWS\system32\NtmsData
2010-03-26 21:47:25 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-03-26 21:45:31 ----D---- C:\Documents and Settings\Charles\Application Data\Avira
2010-03-26 21:44:51 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-03-26 21:44:51 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-03-26 21:43:37 ----D---- C:\WINDOWS\Prefetch
2010-03-26 21:35:48 ----D---- C:\WINDOWS\system32\scripting
2010-03-26 21:35:47 ----D---- C:\WINDOWS\system32\bits
2010-03-26 21:33:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-03-26 21:27:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-03-26 20:47:15 ----A---- C:\WINDOWS\system32\WgaTray.exe
2010-03-26 20:47:15 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2010-03-26 20:47:15 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2010-03-26 20:46:15 ----D---- C:\Program Files\Avira
2010-03-26 20:46:15 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-03-26 20:39:04 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-03-26 20:33:59 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-03-26 20:33:59 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-03-26 20:33:59 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-03-26 20:33:58 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-03-26 20:30:55 ----D---- C:\rsit
2010-03-26 20:30:55 ----D---- C:\Program Files\trend micro
2010-03-25 21:16:44 ----AHD---- C:\.fseventsd
2010-03-24 21:18:40 ----D---- C:\Documents and Settings\Charles\Application Data\Malwarebytes
2010-03-24 21:18:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-24 21:18:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-03-24 19:38:56 ----D---- C:\Documents and Settings\Charles\Application Data\Adobe
2010-03-24 18:52:01 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-03-24 18:51:47 ----D---- C:\Program Files\Common Files\Adobe
2010-03-24 18:51:47 ----D---- C:\Program Files\Adobe
2010-03-23 13:56:05 ----D---- C:\Documents and Settings\Charles\Application Data\vlc
2010-03-23 13:38:56 ----D---- C:\Program Files\VideoLAN
2010-03-11 18:50:54 ----D---- C:\Program Files\MSBuild
2010-03-11 18:50:50 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-11 18:50:45 ----D---- C:\Program Files\Reference Assemblies
2010-03-11 18:50:23 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-03-11 18:48:19 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-05 13:53:06 ----D---- C:\Program Files\gMapMaker

======List of files/folders modified in the last 1 months======

2010-03-27 00:20:52 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-27 00:20:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-27 00:20:01 ----HD---- C:\WINDOWS\inf
2010-03-27 00:20:01 ----D---- C:\WINDOWS\system32
2010-03-27 00:20:01 ----D---- C:\WINDOWS
2010-03-27 00:19:39 ----D---- C:\WINDOWS\Temp
2010-03-27 00:19:31 ----D---- C:\WINDOWS\Registration
2010-03-27 00:19:26 ----SHD---- C:\WINDOWS\Installer
2010-03-27 00:19:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 00:18:07 ----A---- C:\WINDOWS\imsins.BAK
2010-03-27 00:02:27 ----A---- C:\WINDOWS\system32\bscs.ini
2010-03-27 00:02:24 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2010-03-27 00:02:24 ----A---- C:\WINDOWS\system32\LOCALDEVICE.INI
2010-03-27 00:02:17 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-26 23:33:56 ----RSD---- C:\WINDOWS\assembly
2010-03-26 23:33:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-26 23:32:28 ----RD---- C:\Program Files
2010-03-26 23:32:16 ----SD---- C:\Documents and Settings\Charles\Application Data\Microsoft
2010-03-26 23:32:16 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-26 23:32:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-26 23:31:54 ----RSD---- C:\WINDOWS\Fonts
2010-03-26 23:27:49 ----D---- C:\Program Files\Common Files
2010-03-26 23:27:23 ----D---- C:\WINDOWS\system32\config
2010-03-26 23:26:50 ----D---- C:\WINDOWS\system32\en-us
2010-03-26 23:26:48 ----D---- C:\WINDOWS\system32\wbem
2010-03-26 23:25:51 ----A---- C:\WINDOWS\win.ini
2010-03-26 23:25:47 ----D---- C:\Program Files\Windows Media Connect 2
2010-03-26 23:25:46 ----D---- C:\Program Files\Windows Media Player
2010-03-26 23:25:43 ----D---- C:\WINDOWS\Help
2010-03-26 23:24:55 ----D---- C:\WINDOWS\system32\drivers
2010-03-26 23:24:09 ----D---- C:\WINDOWS\system32\LogFiles
2010-03-26 23:12:57 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-26 22:53:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-26 22:51:25 ----D---- C:\WINDOWS\WinSxS
2010-03-26 22:49:11 ----SHD---- C:\System Volume Information
2010-03-26 22:38:39 ----D---- C:\WINDOWS\AppPatch
2010-03-26 22:38:37 ----D---- C:\Program Files\Internet Explorer
2010-03-26 22:36:57 ----D---- C:\Program Files\Movie Maker
2010-03-26 22:31:02 ----D---- C:\WINDOWS\Media
2010-03-26 22:29:11 ----D---- C:\WINDOWS\Debug
2010-03-26 22:23:11 ----D---- C:\Program Files\Messenger
2010-03-26 22:09:34 ----D---- C:\Program Files\Outlook Express
2010-03-26 21:48:05 ----D---- C:\WINDOWS\repair
2010-03-26 21:44:48 ----A---- C:\WINDOWS\OEWABLog.txt
2010-03-26 21:44:26 ----A---- C:\WINDOWS\setuplog.txt
2010-03-26 21:43:08 ----D---- C:\WINDOWS\system32\Setup
2010-03-26 21:38:54 ----D---- C:\WINDOWS\security
2010-03-26 21:36:00 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-26 21:35:59 ----D---- C:\WINDOWS\Network Diagnostic
2010-03-26 21:35:59 ----D---- C:\WINDOWS\ime
2010-03-26 21:35:49 ----D---- C:\WINDOWS\system32\usmt
2010-03-26 21:35:48 ----D---- C:\WINDOWS\l2schemas
2010-03-26 21:35:47 ----D---- C:\WINDOWS\PeerNet
2010-03-26 21:33:34 ----D---- C:\WINDOWS\system32\Restore
2010-03-26 21:33:34 ----D---- C:\WINDOWS\system32\npp
2010-03-26 21:33:34 ----D---- C:\WINDOWS\mui
2010-03-26 21:33:33 ----D---- C:\WINDOWS\msagent
2010-03-26 21:33:31 ----D---- C:\WINDOWS\srchasst
2010-03-26 21:33:31 ----D---- C:\Program Files\NetMeeting
2010-03-26 21:33:29 ----D---- C:\WINDOWS\system32\Com
2010-03-26 21:33:27 ----D---- C:\Program Files\Windows NT
2010-03-26 21:33:24 ----D---- C:\Program Files\Common Files\System
2010-03-26 21:33:07 ----D---- C:\WINDOWS\system32\oobe
2010-03-26 21:33:05 ----D---- C:\WINDOWS\system
2010-03-26 21:27:29 ----D---- C:\WINDOWS\ehome
2010-03-26 20:40:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-26 20:34:12 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-26 20:03:50 ----AHD---- C:\.Trashes
2010-03-25 07:32:53 ----A---- C:\WINDOWS\FA123.INI
2010-03-24 10:11:00 ----A---- C:\WINDOWS\system32\REMOTEDEVICE.INI
2010-03-24 10:07:40 ----A---- C:\WINDOWS\system32\SHORTCUT.INI
2010-03-17 15:39:28 ----RSH---- C:\boot.ini
2010-03-17 15:31:49 ----A---- C:\WINDOWS\ntbtlog.txt
2010-03-11 18:50:28 ----D---- C:\WINDOWS\system32\spool
2010-03-01 21:30:14 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 KeyAgent;KeyAgent; \??\C:\WINDOWS\system32\drivers\KeyAgent.sys []
R2 MacHALDriver;Mac HAL; \??\C:\WINDOWS\system32\drivers\MacHALDriver.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-02-18 62336]
R3 aapltctp;Apple Trackpad Enabler; C:\WINDOWS\system32\DRIVERS\aapltctp.sys [2007-10-08 4224]
R3 aapltp;Apple Trackpad; C:\WINDOWS\system32\DRIVERS\aapltp.sys [2007-10-08 35072]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-10-08 592256]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-12-07 14088]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2009-01-03 39304]
R3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DevUpper;iSight Filter Driver; C:\WINDOWS\system32\DRIVERS\iSightFT.sys [2007-10-08 8320]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-02-18 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-07-11 5761760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-08 4607488]
R3 IRRemoteFlt;IR Receiver Filter Driver; C:\WINDOWS\system32\DRIVERS\IRFilter.sys [2007-10-08 16512]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 KeyMagic;USB Keyboard HID Filter; C:\WINDOWS\system32\DRIVERS\KeyMagic.sys [2007-10-08 17920]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2009-01-08 31880]
R3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2008-12-22 17416]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-12-06 285952]
S3 applebt;Apple Built-in Bluetooth; C:\WINDOWS\system32\DRIVERS\applebt.sys [2007-10-08 8064]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthKicker;Apple Bluetooth Device Driver; C:\WINDOWS\system32\DRIVERS\BthKicker.sys [2007-10-08 7424]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 iSightUpdate;iSight Update Driver; C:\WINDOWS\system32\DRIVERS\iSightUP.sys [2007-10-08 18304]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 U2SP;USB to Serial Converter Driver(Philips); C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 23948]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-03-16 267432]
R2 AppleOSSMgr;Apple OS Switch Manager; C:\WINDOWS\system32\AppleOSSMgr.exe [2007-10-08 140592]
R2 AppleTimeSrv;Apple Time Service; C:\WINDOWS\system32\AppleTimeSrv.exe [2007-10-08 99632]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-02-27 850432]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-02-27 143467]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-11-09 163840]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2009-02-27 98407]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-05-12 26144]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Et le info.txt

Code : Tout sélectionner

info.txt logfile of random's system information tool 1.06 2010-03-27 00:49:25

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Reader 9.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bluesoleil 6.4.249.0-->MsiExec.exe /X{C0A871F9-D580-4404-9A69-A02CF3078C87}
Bluetooth by hp-->MsiExec.exe /X{90535871-81B9-4D99-8A13-A7EE97F2D7FE}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Boot Camp Services-->MsiExec.exe /I{F0E45628-1218-4865-A516-8E8A54272ADC}
CASIO FA-124-->MsiExec.exe /X{FB47E710-6249-4EFA-BE36-E922B0612AF4}
CeRegEditor 0.0.5.1-->"C:\Program Files\CeRegEditor\unins000.exe"
Efficasoft Mobile Express v1.5.2-->"C:\Program Files\Efficasoft Mobile Express\unins000.exe"
FX-INTERFACE PROFESSIONAL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD869122-24E1-11D4-A99B-204C4F4F5020}\setup.exe" AnyText
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel de l'appareil Windows Mobile®-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Phone Software Update - Windows Mobile-->"C:\Program Files\InstallShield Installation Information\{85E0DA75-0795-4377-B079-CFB9F7C5691F}\setup.exe" -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9  -removeonly
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Driver Package - Apple Inc. (applebt) Bluetooth  (06/27/2007 2.0.0.1)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\applebt_5F5CDDBA8C90066BFACA98E240B0E384FD78D0E5\applebt.inf
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\bthkicker_22481FFE232728F300C3EA4B9D04741F71A78A6F\bthkicker.inf
Windows Driver Package - Apple Inc. Apple Built-in iSight (04/09/2007 1.3.0.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\isight_457E352673E04E3628F3481F96106C5726855272\isight.inf
Windows Driver Package - Apple Inc. Apple IR Receiver (07/16/2007 2.0.0.1)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\irfilter_6BAE4C4E6E43E4AF7524F089CA605ACCDD038710\irfilter.inf
Windows Driver Package - Apple Inc. Apple Keyboard (08/30/2007 2.0.1.4)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\keymagic_5748EA9D9741D5BA6763BCAC4C6D158F8A7EF029\keymagic.inf
Windows Driver Package - Apple Inc. Apple Trackpad (08/28/2007 2.0.1.4)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\aapltp_BF219E1F63B7461D0F5D650033C78F989EDEE0FB\aapltp.inf
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (08/28/2007 2.0.1.4)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\aapltctp_762C22B15E03318F1DF4F3D7EEB1E5C1D51F5032\aapltctp.inf
Windows Driver Package - Apple Inc. System  (06/21/2007 2.0.0.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\applenull_853A42E440968266FB61B6DCC69BD2406D991F68\applenull.inf
Windows Driver Package - Atheros (AR5211) Net  (04/05/2007 5.3.0.35)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\net5211_83E4E86F1350732D629D737DAECF97C35FD29B0F\net5211.inf
Windows Driver Package - Atheros (AR5416) Net  (06/26/2007 6.0.3.94)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\net5416_011416A5D099921307D4CC88E2E5BD075CE39446\net5416.inf
Windows Driver Package - Broadcom (BCM43XX) Net  (01/08/2007 4.80.75.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\bcmwl5_52A7865A91A2795EC5D7A8EC9B1E1622EA863FFF\bcmwl5.inf
Windows Driver Package - Intel (E1000) Net  (01/06/2006 8.6.17.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\e1000325_4D2F92D840FE9D1A0C33FEC20BFC7747BB0608EA\e1000325.inf
Windows Driver Package - Intel (e1express) Net  (04/03/2006 9.3.39.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\e1e5132_A95FC331A737294D9476DAB83E0F4371146BDFDE\e1e5132.inf
Windows Driver Package - Marvell (yukonwxp) Net  (03/23/2007 10.12.7.3)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\yk51x86_98FE2F08F37A78F4FF0C10AACFE1E827854D61AE\yk51x86.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: CHED
Event Code: 1007
Message: Your computer has automatically configured the IP address for the Network
Card with network address 001E528274D4.  The IP address being used is 169.254.12.232.

Record Number: 2171
Source Name: Dhcp
Time Written: 20100124202407.000000+060
Event Type: warning
User: 

Computer Name: CHED
Event Code: 29
Message: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time. 

Record Number: 2169
Source Name: W32Time
Time Written: 20100124202053.000000+060
Event Type: error
User: 

Computer Name: CHED
Event Code: 17
Message: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Record Number: 2168
Source Name: W32Time
Time Written: 20100124202053.000000+060
Event Type: error
User: 

Computer Name: CHED
Event Code: 1007
Message: Your computer has automatically configured the IP address for the Network
Card with network address 001E528274D4.  The IP address being used is 169.254.12.232.

Record Number: 2167
Source Name: Dhcp
Time Written: 20100124202053.000000+060
Event Type: warning
User: 

Computer Name: CHED
Event Code: 64008
Message: The protected system file c:\windows\system32\uxtheme.dll could not be verified as valid because Windows
File Protection is terminating.
Use the SFC utility to verify the integrity of the file at a later time.

Record Number: 1990
Source Name: Windows File Protection
Time Written: 20100118184911.000000+060
Event Type: warning
User: 

=====Application event log=====

Computer Name: CHED
Event Code: 1517
Message: Windows saved user CHED\Charles registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. 


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 202
Source Name: Userenv
Time Written: 20100210201533.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: CHED
Event Code: 1517
Message: Windows saved user CHED\Charles registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. 


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 191
Source Name: Userenv
Time Written: 20100208210734.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: CHED
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.  



Record Number: 190
Source Name: Userenv
Time Written: 20100208210734.000000+060
Event Type: warning
User: CHED\Charles

Computer Name: CHED
Event Code: 1000
Message: Faulting application fus.exe, version 1.0.0.1, faulting module msvcr80.dll, version 8.0.50727.762, fault address 0x000046b4.

Record Number: 183
Source Name: Application Error
Time Written: 20100208194812.000000+060
Event Type: error
User: 

Computer Name: CHED
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.2900.2894, faulting module ole32.dll, version 5.1.2600.2948, fault address 0x00120f3b.

Record Number: 137
Source Name: Application Error
Time Written: 20100113142940.000000+060
Event Type: error
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\WINDOWS\system32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Des fois quand j'enmene le portable je le prete un peu, donc y'a beaucoup de traffic USB.
Bonne nuit

Message par **nardino** » sam. 27 mars 2010 15:00

Bonjour,
Télécharge et installe UsbFix :
http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
http://chiquitine.changelog.fr/UsbFix.exe
Branche tes clé USB, disque dur externe, etc., susceptibles d’avoir été infectés sans les ouvrir.

Double clique sur l'icône UsbFix sur le bureau
Clic droit sur l'icône UsbFix sur ton bureau pour lancer l'outil.
Choisis l’option 1
A la fin du scan, poste le rapport UsbFix.txt qui va s'ouvrir.
Il sera enregistré ici : C:\UsbFix.txt

Remarque.
"Process.exe", un composant de l’outil, est détecté par certains antivirus comme étant un RiskTool.
Il ne s’agit pas d’un virus, mais d’un utilitaire destiné à mettre fin à des processus.
Cet utilitaire pourrait arrêter des logiciels de sécurité d’où l’alerte émise par ces antivirus.

@+

ched78 · Message par **ched78** » sam. 27 mars 2010 20:55

Merci, je dois brancher tous les disques et tout en meme temps ?

Message par **nardino** » dim. 28 mars 2010 00:11

Bonjour,
Oui de préférence.
@+

ched78 · Message par **ched78** » mer. 7 avr. 2010 19:59

Bonjour,
Pour expliquer ma non-réponse, je suis plus que débordé en ce moment donc j'ai un peu laissé de coté Windows et tous ses problèmes, je m'occuperai sérieusement de la désinfection dès les vacances.
@+

BertrandB · Message par **BertrandB** » mer. 7 avr. 2010 22:29

Bonsoir

Je te conseille, en plus des conseils avisés de Nardino, de désactiver la restauration du système, tes points de restauration sont eux aussi porteurs de l'infection. Tu recréeras un point plus tard, une fois le pc nettoyé. Fais aussi un nettoyage de disque, les analyses seront plus rapides.

@+

Message par **nardino** » mer. 7 avr. 2010 22:39

Bonsoir,
Le seul cas où je fais supprimer les points de restaurations est l'infection par Virut ou Sality.
Dans tous les autres cas il vaut mieux un point même vérolé que pas de points du tout.
Donc tu laisses comme cela dans l'état actuel des choses.

@+

BertrandB · Message par **BertrandB** » mer. 7 avr. 2010 22:41

Oki !

Forum-seven : Communauté francaise de Windows 7

Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus

Re: Imposible d'eliminer un virus