Google redirect

Ichtos · le 9 mai 2009

Arf, celui-là était long ! Voila le rapport:

HAXFIX logfile - by Marckie

version 5.076

09/05/2009 17:10:24,96

running from C:\HaxFix

--- Checking for Haxdoor ---

checking for a3d files

a3d files not found

checking for matching notify keys

no matching notify keys found

checking for matching services

no matching services found

checking for matching safeboot services

no matching safeboot services found

--- Checking for Goldun - Spybanker ---

checking for SSODL keys

no ssodl keys found

checking for notify keys

no notify keys found

checking for services

no services found

checking for random used files and services

-- these files are not necessarily malicious

-- scanning all folders

C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\Thumbs.db

C:\Documents and Settings\Pascal\Application Data\OpenOffice.org2\share\template\french\wizard\web\stl-tracks.stw

C:\Documents and Settings\Pascal\Local Settings\Bureau\Cath\assedic2.sxw

C:\Documents and Settings\Pascal\Local Settings\Bureau\Pascal\ahfsteltakthree\Thumbs.db

C:\Documents and Settings\Pascal\Local Settings\Bureau\Pascal\Priva_M\Thumbs.db

C:\Documents and Settings\Pascal\Local Settings\Bureau\Pascal\VirtualDub-1.8.6\vdub.exe

C:\Program Files\XviD\vidccleaner.exe

C:\Program Files\Adobe\Photoshop 6.0\Help\c16op64.htm

C:\Program Files\AdorageI-GfxDatas\ado7\Fotoalbum\alpha\Fotoalbum_0328.TIF

C:\Program Files\AdorageI-GfxDatas\ado7\Vorhang\gfx\Vorhang_0124.JPG

C:\Program Files\AdorageI-GfxDatas\Images4\clapboard\alpha\okm0008.TIF

C:\Program Files\AdorageI-GfxDatas\texture-image\Gradient\Text17.JPG

C:\Program Files\Fichiers communs\NVIDIA Shared\Audio\NvAudioWizardZHC.dll

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\frontend\L1036\html\HOT_Connection_Tbl.html

C:\Program Files\OpenOffice.org 2.0\program\ipb680mi.dll

C:\Program Files\OpenOffice.org 2.0\program\ipx680mi.dll

C:\Program Files\OpenOffice.org 2.0\program\jpipe.dll

C:\Program Files\OpenOffice.org 2.0\share\template\fr\wizard\report\cnt-05.ott

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libau_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\liblpcm_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libmux_mpjpeg_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libpacketizer_copy_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libpodcast_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libshout_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libshowintf_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\vlc-plugins\libstream_out_gather_plugin.dll

C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\regxpcom.exe

C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\Effects\03 - Quads and Pieces\PLS-2 Out 2 In.hfx

C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\Effects\09 - Doors and Borders\PLS-Border-Steel.hfx

C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\Effects\19 - Business\PLS-Eraser.hfx

C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\Effects\34 - Industrial 1\Gears.hfx

C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\Objects\42 - Wild World 2\Peace Video 1.hfo

C:\Program Files\Pinnacle\Studio 9\Plugins\RTFx\BWAutoColor.fex

C:\Program Files\proDAD\Heroglyph-2.0\layoutmetricexp.dll

C:\Program Files\proDAD\Heroglyph-1.0\clipart\frame\Mask03\adi-1\y6_013.JPG

C:\Program Files\proDAD\Heroglyph-1.0\clipart\misc\glitter\out0152.JPG

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\da.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\de.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fi.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ko.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nb.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\pl.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ru.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\sv.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\QuickTime3GPPLocalized.qtr

C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.qtr

C:\Program Files\WinHTTrack\src\htsmms.c

C:\Qoobox\Quarantine\C\WINDOWS\instsp2.exe.vir

C:\Qoobox\Quarantine\C\WINDOWS\system32\ipfwrd.sys.vir

C:\System Volume Information\_restore{05D3BF26-2972-4564-8FB3-68026FBC91B0}\RP225\A0061138.exe

C:\System Volume Information\_restore{05D3BF26-2972-4564-8FB3-68026FBC91B0}\RP225\A0061145.sys

C:\WINDOWS\$NtServicePackUninstall$\fxsperf.dll

C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe

C:\WINDOWS\Fonts\ega40857.fon

C:\WINDOWS\Fonts\modern.fon

C:\WINDOWS\inf\netepvcm.PNF

C:\WINDOWS\inf\mtxvideo.PNF

C:\WINDOWS\system32\asferror.dll

C:\WINDOWS\system32\kbdjpn.dll

C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe

C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.inf

C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.inf

C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\asferror.dll

C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\asferror.dll

C:\WINDOWS\ServicePackFiles\i386\dlttape.sys

C:\WINDOWS\ServicePackFiles\i386\ident2.htm

C:\WINDOWS\ServicePackFiles\i386\fxsperf.dll

C:\WINDOWS\ServicePackFiles\i386\mscortim.dll

C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe

C:\WINDOWS\ServicePackFiles\i386\tty.dll

C:\WINDOWS\system32\dllcache\asferror.dll

C:\WINDOWS\system32\dllcache\infoctrs.dll

C:\WINDOWS\system32\dllcache\kbdjpn.dll

C:\WINDOWS\system32\dllcache\modern.fon

C:\WINDOWS\system32\drivers\cxavxbar.sys

C:\WINDOWS\system32\en-US\icardie.dll.mui

C:\WINDOWS\system32\oobe\setup\ident2.htm

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CXAVXBAR

Imagepath REG_EXPAND_SZ system32\drivers\cxavxbar.sys

checking for browser helper objects

no known browser helper objects found

checking for appinit files

no files found

checking for possible infected files

please submit these file here: http://www.bleepingcomputer.com/submit-mal....php?channel=11

no files found

checking for Active Setup Installed Components

no known Active Setup Installed Components found

checking iexplore.exe

iexplore.exe is not infected

--- Checking for other Goldun, Spybanker and Haxdoor files ---

C:\WINDOWS\system32\bdod.bin

--- Catchme logfile - thank you Gmer ---

catchme 0.3.1380.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-09 18:15:03

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

--- Analysing Catchme logfile ---

no matching regkeys found

Finished!

Gof · le 9 mai 2009

Il semble bien que nous l'avons eue cette infection

Génère un rapport comme ceci : Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

A l'issue, on avise. Ou il reste quelques éléments à traiter, ou tout va bien, et on procède à la désinstallation des outils, et je te fais réactiver tes outils de sécurité.

Comment se comporte le PC ? Tout va bien ? Qu'en est-il des redirections ?

Ichtos · le 9 mai 2009

Le log:

Logfile of random's system information tool 1.06 (written by random/random)

Run by Pascal at 2009-05-09 18:41:02

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 9 GB (22%) free of 41 GB

Total RAM: 1023 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:41:21, on 09/05/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Fichiers communs\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Windows Live\Family Safety\fsssvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe

C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Documents and Settings\Pascal\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\BitComet\BitComet.exe

C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe

C:\Program Files\Secunia\PSI\psi.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Pascal\Local Settings\Bureau\Pascal\RSIT.exe

C:\Program Files\trend micro\Pascal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;www.yahoo.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe

O4 - HKLM\..\Run: [hplampc] C:\WINDOWS\system32\hplampc.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"

O4 - HKLM\..\Run: [softwareHelper] C:\Documents and Settings\Pascal\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray

O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')

O4 - S-1-5-18 Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'Default user')

O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe

O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.exe

O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe

O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html

O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigm...geUploader4.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{4235A961-A7DE-4EF4-83CF-49234A28DFE2}: NameServer = 212.27.32.176,212.27.32.177

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Fichiers communs\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe

--

End of file - 9167 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\At1.job

C:\WINDOWS\tasks\At10.job

C:\WINDOWS\tasks\At100.job

C:\WINDOWS\tasks\At101.job

C:\WINDOWS\tasks\At102.job

C:\WINDOWS\tasks\At103.job

C:\WINDOWS\tasks\At104.job

C:\WINDOWS\tasks\At105.job

C:\WINDOWS\tasks\At106.job

C:\WINDOWS\tasks\At107.job

C:\WINDOWS\tasks\At108.job

C:\WINDOWS\tasks\At109.job

C:\WINDOWS\tasks\At11.job

C:\WINDOWS\tasks\At110.job

C:\WINDOWS\tasks\At111.job

C:\WINDOWS\tasks\At112.job

C:\WINDOWS\tasks\At113.job

C:\WINDOWS\tasks\At114.job

C:\WINDOWS\tasks\At115.job

C:\WINDOWS\tasks\At116.job

C:\WINDOWS\tasks\At117.job

C:\WINDOWS\tasks\At118.job

C:\WINDOWS\tasks\At119.job

C:\WINDOWS\tasks\At12.job

C:\WINDOWS\tasks\At120.job

C:\WINDOWS\tasks\At13.job

C:\WINDOWS\tasks\At14.job

C:\WINDOWS\tasks\At15.job

C:\WINDOWS\tasks\At16.job

C:\WINDOWS\tasks\At17.job

C:\WINDOWS\tasks\At18.job

C:\WINDOWS\tasks\At19.job

C:\WINDOWS\tasks\At2.job

C:\WINDOWS\tasks\At20.job

C:\WINDOWS\tasks\At21.job

C:\WINDOWS\tasks\At22.job

C:\WINDOWS\tasks\At23.job

C:\WINDOWS\tasks\At24.job

C:\WINDOWS\tasks\At25.job

C:\WINDOWS\tasks\At26.job

C:\WINDOWS\tasks\At27.job

C:\WINDOWS\tasks\At28.job

C:\WINDOWS\tasks\At29.job

C:\WINDOWS\tasks\At3.job

C:\WINDOWS\tasks\At30.job

C:\WINDOWS\tasks\At31.job

C:\WINDOWS\tasks\At32.job

C:\WINDOWS\tasks\At33.job

C:\WINDOWS\tasks\At34.job

C:\WINDOWS\tasks\At35.job

C:\WINDOWS\tasks\At36.job

C:\WINDOWS\tasks\At37.job

C:\WINDOWS\tasks\At38.job

C:\WINDOWS\tasks\At39.job

C:\WINDOWS\tasks\At4.job

C:\WINDOWS\tasks\At40.job

C:\WINDOWS\tasks\At41.job

C:\WINDOWS\tasks\At42.job

C:\WINDOWS\tasks\At43.job

C:\WINDOWS\tasks\At44.job

C:\WINDOWS\tasks\At45.job

C:\WINDOWS\tasks\At46.job

C:\WINDOWS\tasks\At47.job

C:\WINDOWS\tasks\At48.job

C:\WINDOWS\tasks\At49.job

C:\WINDOWS\tasks\At5.job

C:\WINDOWS\tasks\At50.job

C:\WINDOWS\tasks\At51.job

C:\WINDOWS\tasks\At52.job

C:\WINDOWS\tasks\At53.job

C:\WINDOWS\tasks\At54.job

C:\WINDOWS\tasks\At55.job

C:\WINDOWS\tasks\At56.job

C:\WINDOWS\tasks\At57.job

C:\WINDOWS\tasks\At58.job

C:\WINDOWS\tasks\At59.job

C:\WINDOWS\tasks\At6.job

C:\WINDOWS\tasks\At60.job

C:\WINDOWS\tasks\At61.job

C:\WINDOWS\tasks\At62.job

C:\WINDOWS\tasks\At63.job

C:\WINDOWS\tasks\At64.job

C:\WINDOWS\tasks\At65.job

C:\WINDOWS\tasks\At66.job

C:\WINDOWS\tasks\At67.job

C:\WINDOWS\tasks\At68.job

C:\WINDOWS\tasks\At69.job

C:\WINDOWS\tasks\At7.job

C:\WINDOWS\tasks\At70.job

C:\WINDOWS\tasks\At71.job

C:\WINDOWS\tasks\At72.job

C:\WINDOWS\tasks\At73.job

C:\WINDOWS\tasks\At74.job

C:\WINDOWS\tasks\At75.job

C:\WINDOWS\tasks\At76.job

C:\WINDOWS\tasks\At77.job

C:\WINDOWS\tasks\At78.job

C:\WINDOWS\tasks\At79.job

C:\WINDOWS\tasks\At8.job

C:\WINDOWS\tasks\At80.job

C:\WINDOWS\tasks\At81.job

C:\WINDOWS\tasks\At82.job

C:\WINDOWS\tasks\At83.job

C:\WINDOWS\tasks\At84.job

C:\WINDOWS\tasks\At85.job

C:\WINDOWS\tasks\At86.job

C:\WINDOWS\tasks\At87.job

C:\WINDOWS\tasks\At88.job

C:\WINDOWS\tasks\At89.job

C:\WINDOWS\tasks\At9.job

C:\WINDOWS\tasks\At90.job

C:\WINDOWS\tasks\At91.job

C:\WINDOWS\tasks\At92.job

C:\WINDOWS\tasks\At93.job

C:\WINDOWS\tasks\At94.job

C:\WINDOWS\tasks\At95.job

C:\WINDOWS\tasks\At96.job

C:\WINDOWS\tasks\At97.job

C:\WINDOWS\tasks\At98.job

C:\WINDOWS\tasks\At99.job

C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Ulead Remote Control Center"=C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe [2005-03-18 49152]

"RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2003-10-31 32768]

"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]

"nwiz"=nwiz.exe /install []

"NVRTCLK"=C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe [2003-12-30 24576]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]

"nTrayFw"=C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe [2004-12-16 266240]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"Matchlock Scheduling"=C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe [2005-03-14 45056]

"hplampc"=C:\WINDOWS\system32\hplampc.exe [2002-01-17 40448]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]

"OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]

"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-01-12 185896]

"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-06-03 131072]

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]

"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]

"SoftwareHelper"=C:\Documents and Settings\Pascal\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-11 148888]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]

"BitComet"=C:\Program Files\BitComet\BitComet.exe [2009-03-09 2564408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LIVESRV"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

DTV Remote Control.lnk - C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.exe

RaConfig2500.lnk - C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe

C:\Documents and Settings\Pascal\Menu Démarrer\Programmes\Démarrage

Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"

"C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\UMC.exe"="C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\UMC.exe:*:Enabled:UMC"

"F:\emule\emule.exe"="F:\emule\emule.exe:*:Enabled:eMule"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:wmiprvse"

"C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\rmc.exe"="C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\rmc.exe:*:Enabled:RMC"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe"="C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe:*:Enabled:RaConfig2500"

"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"

"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe:*:Enabled:TeaTimer"

"C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"="C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe:*:Enabled:SeaPort"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"E:\web\Flash FTP\FlashFXP.exe"="E:\web\Flash FTP\FlashFXP.exe:*:Enabled:FlashFXP v3"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======File associations======

.js - open -

======List of files/folders created in the last 1 months======

2009-05-09 18:41:03 ----D---- C:\Program Files\trend micro

2009-05-09 18:41:02 ----D---- C:\rsit

2009-05-09 18:26:38 ----SHD---- C:\RECYCLER

2009-05-09 17:10:05 ----D---- C:\HaxFix

2009-05-09 15:29:02 ----A---- C:\ComboFix.txt

2009-05-09 12:16:18 ----A---- C:\Boot.bak

2009-05-09 12:16:12 ----RASHD---- C:\cmdcons

2009-05-09 12:13:07 ----A---- C:\WINDOWS\zip.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\vFind.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\SWXCACLS.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\SWSC.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\SWREG.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\sed.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\NIRCMD.exe

2009-05-09 12:13:07 ----A---- C:\WINDOWS\grep.exe

2009-05-09 12:12:57 ----D---- C:\WINDOWS\ERDNT

2009-05-09 12:12:19 ----D---- C:\Qoobox

2009-05-09 10:11:25 ----D---- C:\Program Files\FreeAngel

2009-05-09 01:56:19 ----D---- C:\Documents and Settings\Pascal\Application Data\WinRAR

2009-05-09 01:34:43 ----D---- C:\WINDOWS\ERUNT

2009-05-09 01:33:17 ----A---- C:\WINDOWS\ntbtlog.txt

2009-05-09 01:31:13 ----D---- C:\SDFix

2009-05-09 00:44:08 ----D---- C:\Program Files\CCleaner

2009-05-08 19:42:36 ----D---- C:\Program Files\RegSupreme Pro

2009-05-08 16:11:50 ----A---- C:\WINDOWS\system32\VundoFixSVC.exe

2009-05-08 15:56:58 ----D---- C:\VundoFix Backups

2009-05-08 15:56:58 ----A---- C:\VundoFix.txt

2009-05-08 11:51:59 ----D---- C:\WINDOWS\CSC

2009-05-02 18:05:20 ----D---- C:\WINDOWS\system32\NtmsData

2009-04-30 21:48:20 ----D---- C:\Program Files\Avira

2009-04-30 21:48:20 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2009-04-28 00:45:30 ----D---- C:\Documents and Settings\Pascal\Application Data\PCF-VLC

2009-04-18 03:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$

2009-04-18 03:04:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$

2009-04-18 03:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$

2009-04-18 03:01:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$

2009-04-18 03:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$

2009-04-18 03:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

2009-04-14 03:00:39 ----D---- C:\WINDOWS\system32\KB905474

2009-04-12 09:55:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$

2009-04-12 09:54:53 ----A---- C:\WINDOWS\system32\MRT.INI

2009-04-12 09:54:51 ----D---- C:\WINDOWS\system32\MpEngineStore

2009-04-12 09:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$

2009-04-12 09:49:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2009-04-12 09:49:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

2009-04-12 09:49:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$

2009-04-12 09:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2009-04-12 09:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$

2009-04-12 09:48:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$

2009-04-12 09:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$

2009-04-12 09:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$

2009-04-12 09:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2009-04-12 09:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2009-04-11 21:48:44 ----A---- C:\WINDOWS\system32\javaws.exe

2009-04-11 21:48:44 ----A---- C:\WINDOWS\system32\javaw.exe

2009-04-11 21:48:44 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 months======

2009-05-09 18:41:03 ----RD---- C:\Program Files

2009-05-09 18:37:44 ----D---- C:\Program Files\BitComet

2009-05-09 18:26:37 ----A---- C:\WINDOWS\NeroDigital.ini

2009-05-09 18:24:58 ----D---- C:\Program Files\Mozilla Firefox

2009-05-09 18:23:54 ----D---- C:\WINDOWS\Temp

2009-05-09 18:15:04 ----D---- C:\WINDOWS\Prefetch

2009-05-09 18:14:59 ----D---- C:\WINDOWS\system32\spool

2009-05-09 18:14:59 ----D---- C:\WINDOWS\system32\drivers

2009-05-09 18:14:59 ----D---- C:\WINDOWS\system32

2009-05-09 18:14:59 ----D---- C:\WINDOWS

2009-05-09 17:07:38 ----D---- C:\WINDOWS\system32\CatRoot2

2009-05-09 17:06:08 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-05-09 16:14:25 ----D---- C:\ProgramData

2009-05-09 16:14:25 ----D---- C:\Program Files\Angle Interactive

2009-05-09 15:58:34 ----D---- C:\Documents and Settings\Pascal\Application Data\OpenOffice.org2

2009-05-09 15:24:51 ----A---- C:\WINDOWS\system.ini

2009-05-09 15:22:15 ----D---- C:\WINDOWS\AppPatch

2009-05-09 15:22:12 ----D---- C:\Program Files\Fichiers communs

2009-05-09 14:50:58 ----D---- C:\WINDOWS\system32\config

2009-05-09 12:16:18 ----RASH---- C:\boot.ini

2009-05-09 12:00:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2009-05-09 11:11:57 ----D---- C:\Program Files\QuickTime

2009-05-09 11:11:49 ----D---- C:\Program Files\Messenger

2009-05-09 11:11:48 ----D---- C:\Program Files\Media Player Classic

2009-05-09 11:11:48 ----D---- C:\Program Files\JAlbum 6.5

2009-05-09 11:11:47 ----D---- C:\Program Files\e-anim604

2009-05-09 11:11:46 ----D---- C:\Program Files\BitZip

2009-05-09 01:41:47 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-05-09 00:54:30 ----D---- C:\WINDOWS\WinSxS

2009-05-09 00:54:14 ----SHD---- C:\Config.Msi

2009-05-09 00:54:10 ----SHD---- C:\WINDOWS\Installer

2009-05-09 00:52:32 ----D---- C:\Program Files\RamBooster 2.0

2009-05-09 00:47:32 ----D---- C:\WINDOWS\Minidump

2009-05-09 00:47:32 ----D---- C:\WINDOWS\Debug

2009-05-09 00:42:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2009-05-09 00:03:40 ----A---- C:\WINDOWS\win.ini

2009-05-08 20:17:54 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-05-08 15:34:19 ----D---- C:\WINDOWS\Help

2009-05-08 11:08:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-05-08 09:49:12 ----D---- C:\Program Files\ADS Tech

2009-05-08 09:48:50 ----D---- C:\WINDOWS\twain_32

2009-05-08 09:44:51 ----D---- C:\Program Files\ewido anti-spyware 4.0

2009-05-08 08:43:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-05-02 19:20:38 ----HD---- C:\WINDOWS\inf

2009-05-01 01:45:57 ----AC---- C:\WINDOWS\RtlRack.ini

2009-04-22 00:05:54 ----D---- C:\Downloads

2009-04-18 03:10:41 ----D---- C:\WINDOWS\system32\wbem

2009-04-18 03:03:59 ----D---- C:\WINDOWS\system32\fr-fr

2009-04-18 03:03:59 ----D---- C:\Program Files\Internet Explorer

2009-04-18 03:01:28 ----HD---- C:\WINDOWS\$hf_mig$

2009-04-14 03:00:40 ----SD---- C:\WINDOWS\Tasks

2009-04-12 00:56:05 ----D---- C:\WINDOWS\system32\CatRoot

2009-04-11 22:01:13 ----D---- C:\WINDOWS\network diagnostic

2009-04-11 21:48:29 ----A---- C:\WINDOWS\system32\deploytk.dll

2009-04-11 21:48:26 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]

R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-08-29 17119]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]

R2 CX2388X;ADS DVBT 23880 Video Capture; C:\WINDOWS\system32\drivers\cx88cap.sys [2004-10-20 160000]

R2 CX88TS;ADS 2388x Transport Stream Capture; C:\WINDOWS\system32\drivers\cx88ts.sys [2004-09-22 13056]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2008-09-04 56344]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]

R3 BENDER;Pinnacle AV/DV2 Capture; C:\WINDOWS\system32\drivers\bender.sys [2003-07-09 180480]

R3 CXAVXBAR;ADS 2388x AVStream Crossbar; C:\WINDOWS\system32\drivers\cxavxbar.sys [2004-10-12 8704]

R3 CXBDATUNE;ADS BDA DVB Tuner/Demod; C:\WINDOWS\system32\drivers\cxBDAtun.sys [2005-01-06 107904]

R3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]

R3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]

R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-01-28 171008]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]

R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-03-24 7808]

R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2004-12-15 218368]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S2 REGSpy;REGSpy; \??\C:\??\C:\??\C:\??\C:\??\C:\??\C:\??\C:\Program Files\Softwin\BitDefender Professional Edition\regspy.sys []

S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 catchme;catchme; \??\C:\DOCUME~1\Pascal\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 hp4200c;%usbscan.SvcDesc%; C:\WINDOWS\system32\DRIVERS\hp4200c.sys [2001-02-19 9312]

S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]

S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2006-10-04 47360]

S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Fichiers communs\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2008-05-16 759072]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]

R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2004-12-16 139264]

R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2004-11-30 20543]

R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-11 152984]

R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2004-12-16 131133]

R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2004-12-16 57409]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 576680]

S3 VundoFixSvc;VundoFix Service; C:\WINDOWS\system32\VundoFixSVC.exe [2009-05-08 24576]

S4 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]

-----------------EOF-----------------

Le info

info.txt logfile of random's system information tool 1.06 2009-05-09 18:41:23

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

3DVIA player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}

ABBYY FineReader 9.0 Professional Edition-->MsiExec.exe /I{F9000000-0001-0000-0000-074957833700}

Adibou découvre les lettres et les chiffres 4-5 ans-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AC48BF9-34A5-425A-92A4-4AD8A0D76916}\setup.exe" -l0x40c -removeonly

Adibou joue à lire et à compter 6-7 ans-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3E4A07ED-8D35-4999-8F8D-F003C88142AF}\setup.exe" -l0x40c -removeonly

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Photoshop 6.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"

Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}

ADS DVBT BDA Drivers-->C:\WINDOWS\dtvunist.exe

ADS DVBT Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D69A600D-E016-4544-A11B-F1E500121110}\setup.exe" -l0x40c -uninst

AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\Setup.exe" -l0x40c

a-squared Free 1.6.5-->"C:\Program Files\a-squared\unins000.exe"

Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}

ASUSDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

AVI Joiner-->"C:\Program Files\avijoin\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

BitComet 1.10-->C:\Program Files\BitComet\uninst.exe

BitZip - Powered by Miro-->C:\Program Files\Participatory Culture Foundation\Miro\uninstall.exe

BitZip (remove only)-->C:\Program Files\BitZip\Uninstall.exe

Canon CanoScan Toolbox 4.9-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\setup.exe" -l0x40c anything

Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x40c anything

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

Command On Demand for Command Software-->rundll32 advpack.dll,LaunchINFSection C:\csscod\uninst.inf,DefaultUninstall

Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Debugging Tools for Windows (x86)-->MsiExec.exe /I{1CD0C3C5-809D-4CFC-904A-1B67C6243637}

Easy Video Splitter 1.28-->"C:\Program Files\Easy Video Splitter\unins000.exe"

EasyGuppY v4.0.3-->"C:\Program Files\EasyGuppY\unins000.exe"

eMule-->"F:\emule\Uninstall.exe"

ffdshow [rev 1900] [2008-03-15]-->"C:\Program Files\ffdshow\unins000.exe"

FlashGet(JetCar)-->C:\PROGRA~1\FlashGet\UNWISE.EXE C:\PROGRA~1\FlashGet\INSTALL.LOG

Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe

FreeAngel version 0.87-->"C:\Program Files\FreeAngel\unins000.exe"

Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}

Go_FTP-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Go_FTP\ST6UNST.LOG"

Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hollywood FX 5.5 Additional Effects-->C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\unextralog

HTML-Kit-->"E:\web\HK\HTML-Kit\unins000.exe"

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}

InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe

J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}

JAlbum 6.5-->C:\Program Files\JAlbum 6.5\Uninstall.exe

Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}

Juice 2.2-->C:\Program Files\Juice\uninst.exe

Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}

Lapin Malin Initiation à l'anglais v2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E13AE282-1E35-412D-9D4B-9FE3B81D3813}\setup.exe"

Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

LISTAC la version 2.01 du 23/03/04-->"C:\Program Files\listac\unins000.exe"

Ma-Config.com-->MsiExec.exe /X{06526E3A-92DD-4F45-90CD-902953F1A8D2}

Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x40c mmUninstall

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Manual CanoScan LiDE 25-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{838BC0FB-4F8F-47B9-847F-06AE4CCE4181}\setup.exe" -l0x40c

Media Player Classic fr-->"C:\Program Files\Media Player Classic\uninstall.exe"

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI

NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1036

NvMixer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall

OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}

OpenOffice.org 2.0-->MsiExec.exe /I{3869903C-0EF4-48D9-A12F-145AD549BA12}

Opera 9.64-->MsiExec.exe /X{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Panda ActiveScan-->C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan

Personal Ancestral File 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94A8E22-DF2B-4107-9E51-608A60A7671D}\Setup.exe"

Picasa 2-->"G:\Picasa2\Uninstall.exe"

Pinnacle device drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F866D37-22D0-435D-94F1-31A64D566D0E}\Setup.exe" -l0x40c

Pinnacle Hollywood FX for Studio-->C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\uninstal.log

proDAD Heroglyph 1.0-->"C:\Program Files\proDAD\Heroglyph-1.0\uninstall.exe" uninstall spcp

proDAD Heroglyph 2.0-->"C:\Program Files\proDAD\Heroglyph-2.0\uninstall.exe" uninstall spcp PATHVERSION 2.0

QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}

RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE

RegSupreme Pro-->"C:\Program Files\RegSupreme Pro\unins000.exe"

RT2500 Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA66A0D-E610-40B8-9D51-C1854285773A}\setup.exe" -l0x9 -removeonly

Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe"

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Smart Explorer 6.1-->"C:\Program Files\Smart Explorer\unins000.exe"

SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

Studio 9 Content CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B67624DE-75CE-4FAD-9F29-5C115773CE61}\Setup.exe" -l0x40c UNINSTALL

Studio 9-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E491AB7-4589-48CA-9CBB-874CB2788391}\Setup.exe" -l0x40c UNINSTALL

Studio Numérique de Lapin Malin-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B51AFA85-23A2-4FE8-BB82-AFDA97F36F31}\setup.exe" -l0x40c -removeonly

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

Ulead InstaMedia 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5D78185-94FD-4131-B7F0-7E7771C58E1B}\setup.exe" -l0x40c

Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}

Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}

Windows Live Contrôle parental-->MsiExec.exe /X{EE02C20E-E82B-4693-8106-862D6F6DB6E5}

Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}

Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}

Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}

Windows Live Toolbar-->MsiExec.exe /X{915809D6-1F93-45F2-9699-5F1DA64DC24B}

Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinHTTrack Website Copier 3.40-2-->"C:\Program Files\WinHTTrack\unins000.exe"

XnView 1.96-->"C:\Program Files\XnView\unins000.exe"

XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

======Security center information======

AV: Bitdefender Antivirus

FW: F-Secure Anti-Virus 2006 6.10 (disabled)

FW: NVIDIA Firewall

======System event log======

Computer Name: ATHLON

Event Code: 1005

Message: Votre ordinateur a détecté que l'adresse IP 82.232.226.40 pour la carte

avec l'adresse réseau 0007CB0000FF est déjà utilisée sur le réseau.

Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 214613

Source Name: Dhcp

Time Written: 20090503170256.000000+120

Event Type: Avertissement

User:

Computer Name: ATHLON

Event Code: 1005

Message: Votre ordinateur a détecté que l'adresse IP 82.232.226.40 pour la carte

avec l'adresse réseau 0007CB0000FF est déjà utilisée sur le réseau.

Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 214612

Source Name: Dhcp

Time Written: 20090503170256.000000+120

Event Type: Avertissement

User:

Computer Name: ATHLON

Event Code: 1005

Message: Votre ordinateur a détecté que l'adresse IP 82.232.226.40 pour la carte

avec l'adresse réseau 0007CB0000FF est déjà utilisée sur le réseau.

Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 214611

Source Name: Dhcp

Time Written: 20090503170245.000000+120

Event Type: Avertissement

User:

Computer Name: ATHLON

Event Code: 1005

Message: Votre ordinateur a détecté que l'adresse IP 82.232.226.40 pour la carte

avec l'adresse réseau 0007CB0000FF est déjà utilisée sur le réseau.

Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 214610

Source Name: Dhcp

Time Written: 20090503170245.000000+120

Event Type: Avertissement

User:

Computer Name: ATHLON

Event Code: 1005

Message: Votre ordinateur a détecté que l'adresse IP 82.232.226.40 pour la carte

avec l'adresse réseau 0007CB0000FF est déjà utilisée sur le réseau.

Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 214609

Source Name: Dhcp

Time Written: 20090502184959.000000+120

Event Type: Avertissement

User:

=====Application event log=====

Computer Name: ATHLON

Event Code: 1004

Message: L'utilisateur a accepté le CLUF.

Record Number: 58557

Source Name: WgaSetup

Time Written: 20090504014338.000000+120

Event Type: Informations

User:

Computer Name: ATHLON

Event Code: 1002

Message: Starting interactive setup.

Record Number: 58556

Source Name: WgaSetup

Time Written: 20090504014336.000000+120

Event Type: Informations

User:

Computer Name: ATHLON

Event Code: 1006

Message: Le CLUF a déjà été accepté.

Record Number: 58555

Source Name: WgaSetup

Time Written: 20090504014335.000000+120

Event Type: Informations

User:

Computer Name: ATHLON

Event Code: 0

Message:

Record Number: 58554

Source Name: gusvc

Time Written: 20090503214145.000000+120

Event Type: Informations

User:

Computer Name: ATHLON

Event Code: 0

Message:

Record Number: 58553

Source Name: gusvc

Time Written: 20090503214045.000000+120

Event Type: Informations

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD

"PROCESSOR_REVISION"=0c00

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip

-----------------EOF-----------------

Ichtos · le 9 mai 2009

Comment se comporte le PC ? Tout va bien ? Qu'en est-il des redirections ?

==> Tout semble OK. Plus de redirection. PC plus rapide, autres petits bugs réparés...

Gof · le 9 mai 2009

Bien. Il en reste encore.

Télécharge SystemLook de jpshortstuff sur ton Bureau.

Double-clique dessus afin de l'exécuter.
L'outil va s'ouvrir.
Assure toi que tes périphériques amovibles soient branchés, et allumés si nécessaire.
Copie-colle ce qui suit (en rouge dans mon post) dans la fenêtre de saisie de l'outil :

- :contents
  del /Q C:\WINDOWS\tasks\At1.job
  del /Q C:\WINDOWS\tasks\At10.job
  del /Q C:\WINDOWS\tasks\At100.job

Puis, clique sur Look
L'outil va travailler, et va ouvrir le Bloc-Notes contenant son rapport
Poste le contenu complet du rapport à la suite

Puis, télécharge le fichier del.bat sur ton Bureau.

Le fichier doit avoir cette icone :
Double-clique pour l'exécuter. Une fenêtre noire d'invite de commandes va s'ouvrir, laisse travailler.
Supprime ensuite le fichier.

Génère un nouveau rapport RSIT. Sur un autre registre, je vois que tu ne t'es pas débarrassé de EoRezo ?

Ichtos · le 9 mai 2009

Voila le log. Del bat OK

SystemLook v1.0 by jpshortstuff (24.04.09)

Log created at 19:03 on 09/05/2009 by Pascal (Administrator - Elevation successful)

========== contents ==========

del /Q C:\WINDOWS\tasks\At1.job - Unable to open file.

del /Q C:\WINDOWS\tasks\At10.job - Unable to open file.

del /Q C:\WINDOWS\tasks\At100.job - Unable to open file.

-=End Of File=-

concernant Eorezo, comment s'appelle le fichier ?

Nouveau RSIT

Logfile of random's system information tool 1.06 (written by random/random)

Run by Pascal at 2009-05-09 19:06:10

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 9 GB (22%) free of 41 GB

Total RAM: 1023 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:06:19, on 09/05/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Fichiers communs\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Windows Live\Family Safety\fsssvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe

C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Documents and Settings\Pascal\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\BitComet\BitComet.exe

C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe

C:\Program Files\Secunia\PSI\psi.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN

C:\Program Files\Adobe\Photoshop 6.0\Photoshp.exe

C:\Program Files\Fichiers communs\Adobe\Web\AOM.exe