Se connecter / S'enregistrer
Votre question

Besoin de retirer le virus gameraving toolbar!!

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Janvier 2010 01:56:45

g installé ss fre expres un toolbar gameraving! et g absolument besoin de le supprimer de mon pc, il s éteind à chaque fois! mrci pr votre aide!!!

Autres pages sur : besoin retirer virus gameraving toolbar

a c 267 8 Sécurité
5 Janvier 2010 02:46:47

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    5 Janvier 2010 02:51:32

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrator at 2010-01-05 02:50:30
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 87 GB (84%) free of 104 GB
    Total RAM: 2023 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:51:05, on 5/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
    C:\WINDOWS\SYSTEM32\WISPTIS.EXE
    C:\WINDOWS\System32\tabbtnu.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Intel\AMT\atchksrv.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\system32\ifxspmgt.exe
    C:\WINDOWS\system32\ifxtcs.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\system32\IfxPsdSv.exe
    C:\Documents and Settings\All Users\Application Data\QuestService\questservice115.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Novadigm\ManagementAgent\nvdkit.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
    C:\Program Files\Intel\AMT\atchk.exe
    C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
    C:\WINDOWS\system32\AccelerometerSt.exe
    C:\WINDOWS\snuvcdsm.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
    C:\Program Files\Intel\AMT\UNS.exe
    C:\Program Files\PDF Complete\pdfsty.exe
    C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\QuestService\questservice.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\documents and settings\administrator\local settings\application data\kifbavc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrator\Desktop\RSIT.exe
    C:\Program Files\trend micro\Administrator.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
    O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll
    O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll
    O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.2.0.2150\wso.dll
    O3 - Toolbar: GameRaving Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvb0.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
    O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
    O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
    O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
    O4 - HKLM\..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
    O4 - HKLM\..\Run: [Vodafone Mobile Connect] "C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe" -a
    O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [kifbavc] "c:\documents and settings\administrator\local settings\application data\kifbavc.exe" kifbavc
    O4 - HKCU\..\Run: [VideoBarApp] C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvbapp.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O20 - AppInit_DLLs: APSHook.dll
    O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
    O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
    O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
    O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice115.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Radia Management Agent (rma) - Unknown owner - C:/Novadigm/ManagementAgent/nvdkit.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe

    --
    End of file - 15225 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
    Automated Content Enhancer - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll [2009-12-29 217088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}]
    Customized Platform Advancer - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll [2009-12-29 249856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
    Content Management Wizard - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll [2009-12-30 1323008]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
    Textual Content Provider - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll [2009-12-30 434176]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-01 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
    Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 71192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-01 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}]
    Web Search Operator - C:\Program Files\Web Search Operator\4.2.0.2150\wso.dll [2009-12-29 262144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - GameRaving Toolbar - C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvb0.dll [2009-12-30 1290240]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
    "TabletWizard"=C:\WINDOWS\help\SplshWrp.exe [2008-04-14 16384]
    "TabletTip"=C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe [2008-04-14 271872]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
    "atchk"=C:\Program Files\Intel\AMT\atchk.exe [2007-05-01 404248]
    "PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
    "IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
    "CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
    "AccelerometerSysTrayApplet"=C:\WINDOWS\system32\AccelerometerSt.exe [2007-05-14 124928]
    "snp2uvc"=C:\WINDOWS\vsnp2uvc.exe []
    "tsnp2uvc"=C:\WINDOWS\tsnp2uvc.exe []
    "snuvcdsm"=C:\WINDOWS\snuvcdsm.exe [2007-05-23 20480]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
    "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-14 138008]
    "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-14 162584]
    "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-14 138008]
    "Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2007-05-03 57344]
    "PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
    ""= []
    "AT&T Communication Manager"=C:\Program Files\AT&T\Communication Manager\ATTCM.exe [2007-06-14 22528]
    "Vodafone Mobile Connect"=C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe [2007-07-31 81920]
    "AirCardEnabler"= []
    "WatcherHelper"=C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe [2007-07-24 120352]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-01 149280]
    "RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2007-02-02 1116920]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2007-05-23 192512]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-15 194104]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
    "Internet Today Task"=C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "kifbavc"=c:\documents and settings\administrator\local settings\application data\kifbavc.exe [2009-12-12 409600]
    "VideoBarApp"=C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvbapp.exe []

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

    C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
    OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="APSHook.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
    C:\WINDOWS\system32\DeviceNP.dll [2007-04-30 49152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\loginkey]
    C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll [2008-04-14 47104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
    C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [2007-02-07 74240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TabBtnWL]
    C:\WINDOWS\system32\TabBtnWL.dll [2002-08-29 11776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpgwlnotify]
    C:\WINDOWS\system32\tpgwlnot.dll [2008-04-14 32256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=SbHpNp
    scecli
    ASWLNPkg

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    ""=""
    "C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe"="C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe:*:Enabled:SwiApiMux"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    ======List of files/folders created in the last 1 months======

    2010-01-05 02:50:32 ----D---- C:\Program Files\trend micro
    2010-01-05 02:50:30 ----D---- C:\rsit
    2010-01-05 02:07:44 ----N---- C:\WINDOWS\system32\MpSigStub.exe
    2010-01-05 02:04:39 ----D---- C:\Program Files\Windows Defender
    2010-01-05 00:43:42 ----D---- C:\WINDOWS\ie8updates
    2010-01-05 00:41:19 ----D---- C:\WINDOWS\WBEM
    2010-01-05 00:37:02 ----HDC---- C:\WINDOWS\ie8
    2010-01-04 23:02:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2010-01-04 23:02:21 ----D---- C:\Program Files\Alwil Software
    2010-01-04 22:45:53 ----D---- C:\WINDOWS\system32\appmgmt
    2010-01-04 21:52:31 ----D---- C:\Program Files\QuestService
    2010-01-04 21:52:31 ----D---- C:\Documents and Settings\All Users\Application Data\QuestService
    2010-01-04 21:52:19 ----D---- C:\Program Files\Textual Content Provider
    2010-01-04 21:52:09 ----D---- C:\Program Files\Content Management Wizard
    2010-01-04 21:51:59 ----D---- C:\Program Files\Internet Today
    2010-01-04 21:51:51 ----D---- C:\Program Files\Customized Platform Advancer
    2010-01-04 21:51:43 ----D---- C:\Program Files\Automated Content Enhancer
    2010-01-04 21:51:34 ----D---- C:\Program Files\Web Search Operator
    2010-01-04 21:51:12 ----D---- C:\Program Files\GameRaving Toolbar
    2010-01-04 21:51:02 ----HDC---- C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}
    2009-12-27 00:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2009-12-27 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
    2009-12-24 14:15:44 ----D---- C:\WINDOWS\Prefetch
    2009-12-24 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
    2009-12-24 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
    2009-12-24 00:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-12-24 00:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2009-12-24 00:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-12-24 00:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
    2009-12-24 00:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
    2009-12-24 00:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
    2009-12-24 00:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-12-24 00:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-12-24 00:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-12-24 00:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
    2009-12-24 00:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-12-24 00:39:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-12-24 00:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
    2009-12-24 00:39:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-12-24 00:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-12-24 00:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-12-24 00:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-12-24 00:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
    2009-12-24 00:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-12-24 00:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-12-24 00:37:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-12-24 00:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-12-24 00:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-12-24 00:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-12-24 00:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-12-24 00:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-12-24 00:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-12-24 00:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-12-24 00:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-12-24 00:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-12-24 00:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-12-24 00:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-12-24 00:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-12-24 00:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-12-24 00:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-12-24 00:35:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-12-24 00:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-12-24 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-12-24 00:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
    2009-12-24 00:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-12-24 00:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-12-24 00:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-12-24 00:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-12-24 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-12-24 00:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-12-24 00:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-12-24 00:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-12-24 00:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-12-24 00:30:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-12-24 00:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-12-24 00:19:02 ----D---- C:\WINDOWS\system32\scripting
    2009-12-24 00:19:02 ----D---- C:\WINDOWS\l2schemas
    2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\en
    2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\bits
    2009-12-24 00:10:05 ----D---- C:\WINDOWS\network diagnostic
    2009-12-23 23:58:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-12-23 23:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
    2009-12-23 23:03:20 ----D---- C:\Documents and Settings\Administrator\Application Data\HpUpdate
    2009-12-23 23:03:13 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-12-15 14:25:14 ----SHD---- C:\RECYCLER
    2009-12-13 22:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-12-10 07:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
    2009-12-10 07:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
    2009-12-10 07:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB976325_0$
    2009-12-10 07:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
    2009-12-10 07:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
    2009-12-10 07:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
    2009-12-09 10:13:36 ----D---- C:\Program Files\isee systems
    2009-12-09 10:12:21 ----D---- C:\Documents and Settings\Administrator\Application Data\U3
    2009-12-08 13:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
    2009-12-08 13:38:04 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-12-08 13:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-12-08 13:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB920142$
    2009-12-08 00:29:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Windows Live Writer
    2009-12-06 09:05:48 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-12-06 09:05:31 ----D---- C:\Program Files\MSBuild
    2009-12-06 09:05:25 ----D---- C:\WINDOWS\system32\en-US
    2009-12-06 09:05:06 ----D---- C:\Program Files\Reference Assemblies
    2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-12-06 09:04:09 ----D---- C:\3b1c70944be34a36b107270f
    2009-12-06 08:57:22 ----HDC---- C:\WINDOWS\$NtUninstallWIC$

    ======List of files/folders modified in the last 1 months======

    2010-01-05 02:51:06 ----D---- C:\WINDOWS\Temp
    2010-01-05 02:50:32 ----RD---- C:\Program Files
    2010-01-05 02:08:38 ----D---- C:\WINDOWS\system32\CatRoot2
    2010-01-05 02:08:34 ----SD---- C:\WINDOWS\Tasks
    2010-01-05 02:07:44 ----D---- C:\WINDOWS\system32
    2010-01-05 02:05:28 ----SHD---- C:\WINDOWS\Installer
    2010-01-05 02:04:44 ----HD---- C:\WINDOWS\inf
    2010-01-05 02:04:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2010-01-05 00:49:26 ----D---- C:\WINDOWS
    2010-01-05 00:48:38 ----A---- C:\WINDOWS\system32\log.txt
    2010-01-05 00:48:09 ----D---- C:\WINDOWS\system32\config
    2010-01-05 00:48:02 ----D---- C:\Program Files\Internet Explorer
    2010-01-05 00:48:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2010-01-05 00:48:01 ----D---- C:\WINDOWS\Help
    2010-01-05 00:46:59 ----A---- C:\WINDOWS\SchedLgU.Txt
    2010-01-05 00:44:14 ----HD---- C:\WINDOWS\$hf_mig$
    2010-01-05 00:43:55 ----A---- C:\WINDOWS\imsins.BAK
    2010-01-05 00:40:46 ----D---- C:\WINDOWS\Media
    2010-01-05 00:35:56 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
    2010-01-04 23:32:46 ----D---- C:\Program Files\Live-Player
    2010-01-04 23:03:08 ----D---- C:\WINDOWS\system32\drivers
    2009-12-27 17:20:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-27 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-12-24 14:18:14 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-12-24 14:16:10 ----A---- C:\WINDOWS\setuplog.txt
    2009-12-24 14:14:47 ----D---- C:\WINDOWS\AppPatch
    2009-12-24 14:14:47 ----D---- C:\Program Files\Messenger
    2009-12-24 14:14:46 ----D---- C:\WINDOWS\system32\Setup
    2009-12-24 14:14:46 ----D---- C:\WINDOWS\ime
    2009-12-24 14:14:44 ----D---- C:\WINDOWS\system32\wbem
    2009-12-24 14:14:41 ----RSD---- C:\WINDOWS\Fonts
    2009-12-24 00:41:58 ----D---- C:\WINDOWS\system32\CatRoot
    2009-12-24 00:39:36 ----D---- C:\Program Files\Outlook Express
    2009-12-24 00:29:36 ----D---- C:\WINDOWS\security
    2009-12-24 00:26:06 ----RSD---- C:\WINDOWS\assembly
    2009-12-24 00:20:14 ----D---- C:\WINDOWS\WinSxS
    2009-12-24 00:19:47 ----D---- C:\Program Files\Windows Journal
    2009-12-24 00:19:24 ----D---- C:\WINDOWS\system32\inetsrv
    2009-12-24 00:19:03 ----D---- C:\WINDOWS\system32\usmt
    2009-12-24 00:19:01 ----D---- C:\WINDOWS\PeerNet
    2009-12-24 00:19:00 ----D---- C:\Program Files\Movie Maker
    2009-12-24 00:15:12 ----D---- C:\WINDOWS\ServicePackFiles
    2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\Restore
    2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\npp
    2009-12-24 00:14:52 ----D---- C:\WINDOWS\mui
    2009-12-24 00:14:49 ----D---- C:\WINDOWS\msagent
    2009-12-24 00:14:45 ----D---- C:\WINDOWS\srchasst
    2009-12-24 00:14:40 ----D---- C:\Program Files\NetMeeting
    2009-12-24 00:14:38 ----D---- C:\WINDOWS\system32\Com
    2009-12-24 00:14:33 ----D---- C:\Program Files\Windows Media Player
    2009-12-24 00:14:32 ----D---- C:\Program Files\Windows NT
    2009-12-24 00:14:24 ----D---- C:\Program Files\Common Files\System
    2009-12-24 00:13:44 ----D---- C:\WINDOWS\system32\oobe
    2009-12-24 00:13:40 ----D---- C:\WINDOWS\system
    2009-12-23 23:58:08 ----D---- C:\WINDOWS\ehome
    2009-12-23 23:04:25 ----D---- C:\Program Files\HP
    2009-12-09 10:13:36 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-08 18:47:59 ----D---- C:\WINDOWS\Microsoft.Net
    2009-12-08 13:38:09 ----D---- C:\WINDOWS\Debug
    2009-12-06 09:04:25 ----D---- C:\WINDOWS\system32\spool

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
    R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
    R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-04-18 39080]
    R1 RsvLock;RsvLock; C:\WINDOWS\system32\drivers\RsvLock.sys [2007-04-26 5808]
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-11 21425]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
    R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
    R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
    R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9400]
    R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
    R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
    R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
    R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
    R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
    R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
    R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
    R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-07-24 22016]
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-03-01 289792]
    R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
    R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-06-01 145288]
    R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
    R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
    R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-12 250776]
    R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-03-19 9216]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-04-06 44800]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-04-26 988032]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-04-26 210816]
    R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-16 5707744]
    R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-04-18 41216]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-03-01 2203520]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-06-14 26368]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-24 1742976]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-01-12 201856]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 WacomPen;Wacom Serial Pen HID Driver; C:\WINDOWS\system32\DRIVERS\wacompen.sys [2008-04-13 14208]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-04-26 731136]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DAMDrv;DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv.sys [2007-04-23 30008]
    S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
    S3 scrswi;Sierra Wireless Smart Card Reader; C:\WINDOWS\system32\DRIVERS\scrswi.sys [2007-03-26 43904]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 SWNC8U02;HP hs2300 MUX NDIS Driver (#02); C:\WINDOWS\system32\DRIVERS\SWNC8U02.sys [2007-03-12 102272]
    S3 SWUMX02;HP hs2300 USB MUX Driver (#02); C:\WINDOWS\system32\DRIVERS\swumx02.sys [2007-04-10 72576]
    S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ASBroker;Logon Session Broker; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
    R2 atchksrv;Intel(R) Active Management Technology System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-05-01 183064]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
    R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2007-04-27 221184]
    R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
    R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\ifxtcs.exe [2007-05-23 853536]
    R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-01 153376]
    R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2007-05-01 121624]
    R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
    R2 PersonalSecureDriveService;Personal Secure Drive service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-04-18 140832]
    R2 QuestService Service;QuestService Service; C:\Documents and Settings\All Users\Application Data\QuestService\questservice115.exe [2009-12-31 58744]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
    R2 rma;Radia Management Agent; C:/Novadigm/ManagementAgent/nvdkit.exe []
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
    R2 SPCSUtilityService;SPCSUtilityService; C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe [2007-09-05 131072]
    R2 SWIHPWMI;SWIHPWMI; C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [2006-12-04 292384]
    R2 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Intel\AMT\UNS.exe [2007-05-01 1489688]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
    R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
    R3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\WINDOWS\system32\flcdlock.exe [2007-04-30 172131]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    Contenus similaires
    5 Janvier 2010 02:52:27

    info.txt logfile of random's system information tool 1.06 2010-01-05 02:51:10

    ======Uninstall list======

    -->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
    -->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
    -->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
    -->MsiExec.exe /I{F42051C0-6158-4656-BEF4-C43D5C480DC0}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    AT&T Communication Manager-->MsiExec.exe /X{9C41CC3E-CB42-451F-9444-BA75FB12C0AC}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BIOS Configuration for HP ProtectTools-->MsiExec.exe /X{C74D0FA0-1D49-464F-A707-B427EE3385C1}
    Credential Manager for HP ProtectTools-->MsiExec.exe /X{BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0}
    Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
    Drive Encryption for HP ProtectTools-->MsiExec.exe /X{F843AC27-704C-4731-A590-F57841B488F2}
    Embedded Security for HP ProtectTools-->MsiExec.exe /I{F42CF6B5-8594-4D3A-B96F-30FD3BC1AAA5}
    Favorit-->"c:\documents and settings\administrator\local settings\application data\kifbavc.exe" -uninstall
    GameRaving Toolbar-->"C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
    GameRaving Toolbar-->C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}\Setup.exe
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
    HP 3D DriveGuard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{429E92A4-159F-4AEC-85A1-D693E1E4274D}\setup.exe" -l0x9 UNINSTALL
    HP Broadband Wireless Modules-->MsiExec.exe /X{E0742446-2B18-4204-8A46-DA70BB003318}
    HP Compaq 2710p Notebook PC tour-->MsiExec.exe /I{43DE6934-65F1-4D7B-87E5-3B0297476A37}
    HP Connection Manager-->MsiExec.exe /I{BED4104F-2480-421B-BA2F-8D3AC57B8CDB}
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
    HP Integrated Module with Bluetooth wireless technology-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
    HP ProtectTools Security Manager-->MsiExec.exe /I{2DB165DC-DDB4-403F-B985-19F3EC7D0357}
    HP Quick Launch Buttons-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
    HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
    HP User Guide Bluetooth Addendum 0062-->MsiExec.exe /I{7FD8231E-3991-48D7-A2C8-2C42A7075FB1}
    HP User Guides 0066-->MsiExec.exe /I{29BF3B6F-0F0A-428B-B5B2-9DC3E0D091B8}
    HP Webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly
    HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel(R) Active Management Technology Device Software-->C:\WINDOWS\system32\mesoludlg.exe -uninstall
    Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
    Intel(R) Management Engine Interface-->C:\WINDOWS\system32\heciudlg.exe -uninstall
    Intel(R) PRO Network Connections Drivers-->Prounstl.exe
    Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
    InterVideo DVD Check-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
    InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    ithink 8.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F7B424-7780-486C-9B4F-3BF8FFD85A64}\setup.exe" -l0x9
    Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Live-Player-->C:\Program Files\Live-Player\uninst.exe
    mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
    OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PDF Complete-->C:\Program Files\PDF Complete\pdfiutil.exe /UGUI
    Presto! BizCard 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{272253C3-D9DD-4C0C-A586-7E7ABC7E9AA2}\setup.exe" -l0x9 -uninst -removeonly
    QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
    QuestService 1.0 build 115-->C:\Program Files\QuestService\uninstall.exe
    RICOH R5C853 Driver Ver.1.00.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
    Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    Roxio Creator Basic v9-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
    Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpqZ3795\UIU32m.exe -U -IhpqZ3795.inf
    Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
    Sprint Mobile Broadband-->MsiExec.exe /I{0669CD2D-A407-48ED-960C-FF1AD0F4F752}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Tablet PC Edition 2005 Multilingual User Interface (MUI) Pack-->MsiExec.exe /I{EFA2630A-CB41-4CAC-8458-7D4EDC9A00E0}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
    Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
    Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
    Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
    Vodafone Mobile Connect-->MsiExec.exe /X{7AAA82A6-832C-46D1-AC45-5AAEBCEDF922}
    VZAccess Manager for HP-->MsiExec.exe /I{BEF3156B-CFC3-4606-B926-D50B07CC3F05}
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

    ======Security center information======

    AV: avast! antivirus 4.8.1368 [VPS 100104-0]

    ======System event log======

    Computer Name: HP-F33DFECE7FB1
    Event Code: 256
    Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

    Record Number: 1498
    Source Name: PlugPlayManager
    Time Written: 20091205155255.000000+060
    Event Type: warning
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 256
    Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

    Record Number: 1497
    Source Name: PlugPlayManager
    Time Written: 20091205155255.000000+060
    Event Type: warning
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 256
    Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

    Record Number: 1496
    Source Name: PlugPlayManager
    Time Written: 20091205155255.000000+060
    Event Type: warning
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 256
    Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

    Record Number: 1495
    Source Name: PlugPlayManager
    Time Written: 20091205155255.000000+060
    Event Type: warning
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 256
    Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

    Record Number: 1494
    Source Name: PlugPlayManager
    Time Written: 20091205155255.000000+060
    Event Type: warning
    User:

    =====Application event log=====

    Computer Name: HP-F33DFECE7FB1
    Event Code: 2002
    Message: [UNS] Failed to subscribe to local Intel(R) AMT.


    Record Number: 284
    Source Name: Intel(R) AMT
    Time Written: 20090914102156.000000+120
    Event Type: error
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 2001
    Message: [UNS] Failed to get EAC Status.


    Record Number: 280
    Source Name: Intel(R) AMT
    Time Written: 20090914102151.000000+120
    Event Type: warning
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 2002
    Message: [UNS] Failed to subscribe to local Intel(R) AMT.


    Record Number: 279
    Source Name: Intel(R) AMT
    Time Written: 20090914102151.000000+120
    Event Type: error
    User:

    Computer Name: HP-F33DFECE7FB1
    Event Code: 1517
    Message: Windows saved user HP-F33DFECE7FB1\Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


    This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

    Record Number: 267
    Source Name: Userenv
    Time Written: 20090911155124.000000+120
    Event Type: warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: HP-F33DFECE7FB1
    Event Code: 4354
    Message: The COM+ Event System failed to fire the Logoff method on subscription {4C2E468D-2D11-43E9-93C0-327D6BAE597E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004005.
    Record Number: 266
    Source Name: EventSystem
    Time Written: 20090911155105.000000+120
    Event Type: warning
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Hewlett-Packard\IAM\bin;C:\Program Files\Common Files\Roxio Shared\DLLShared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

    -----------------EOF-----------------
    5 Janvier 2010 02:53:04

    merci destrio pr ton aide!!!
    a c 267 8 Sécurité
    5 Janvier 2010 03:05:08

    Pas mal d'infections.

  • Désinstalle Favorit et QuestService.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    5 Janvier 2010 03:33:36

    rebonsoir,
    je n'y arrive pas!! mon pc s'éteind à chaque fois quand j'appuie sur le "L"et au démarrage il ne détecte pas le AD-R. par contre là, j'ai essayé de scanner "s" et il est entrain de faire son analyse... c toujours bon?
    5 Janvier 2010 03:33:55

    rebonsoir,
    je n'y arrive pas!! mon pc s'éteind à chaque fois quand j'appuie sur le "L"et au démarrage il ne détecte pas le AD-R. par contre là, j'ai essayé de scanner "s" et il est entrain de faire son analyse... c toujours bon?
    a c 267 8 Sécurité
    5 Janvier 2010 03:37:32

    Ok, fais l'option S puis poste le rapport.
    5 Janvier 2010 03:38:56

    .
    ======= LOGFILE OF AD-REMOVER 1.1.4.6_G | ONLY XP/VISTA/7 =======
    .
    Updated by C_XX on 04.01.2010 at 23:37
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Launch at: 3:31:07, mar. 05/01/2010 | Normal Boot | Option: SCAN
    Executed from: C:\Program Files\Ad-Remover\
    Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Computer Name: HP-F33DFECE7FB1 | Current user: Administrator

    .
    ============== FOUND ELEMENT(S) ==============
    .

    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cmw
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\liveplayer_exe.dat
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\liveplayer_skin.dat
    C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Live-Player
    C:\Program Files\Automated Content Enhancer
    C:\Program Files\Content Management Wizard
    C:\Program Files\Customized Platform Advancer
    C:\Program Files\Internet Today
    C:\Program Files\Live-Player
    C:\Program Files\Textual Content Provider
    C:\Program Files\Web Search Operator
    C:\DOCUME~1\ADMINI~1\APPLIC~1\live-player
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Today
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator
    C:\DOCUME~1\ALLUSE~1\Desktop\Live-Player.lnk
    .
    HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKCU\software\Automated Content Enhancer
    HKCU\software\CMW
    HKCU\software\Customized Platform Advancer
    HKCU\software\fcn
    HKCU\software\Live-Player
    HKCU\software\Media Access Startup
    HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
    HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\VideoBarApp
    HKCU\software\Web Search Operator
    HKLM\software\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKLM\software\appdatalow\software\Internet Today
    HKLM\software\Automated Content Enhancer
    HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
    HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
    HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
    HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
    HKLM\software\classes\ExplorerBar.CMW
    HKLM\software\classes\ExplorerBar.CMW.1
    HKLM\software\classes\ExplorerBar.FunExplorer
    HKLM\software\classes\ExplorerBar.FunExplorer.1
    HKLM\software\classes\ExplorerBar.FunRedirector
    HKLM\software\classes\ExplorerBar.FunRedirector.1
    HKLM\software\classes\ExplorerBar.TCP
    HKLM\software\classes\ExplorerBar.TCP.1
    HKLM\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
    HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
    HKLM\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
    HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
    HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
    HKLM\Software\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
    HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
    HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
    HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
    HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
    HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
    HKLM\software\Customized Platform Advancer
    HKLM\software\Live-Player
    HKLM\software\Media Access Startup
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
    HKLM\software\microsoft\windows\currentversion\uninstall\Live-Player
    HKLM\Software\Mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}
    HKLM\Software\Mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}
    HKLM\Software\Mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}
    HKLM\software\Web Search Operator
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Automated Content Enhancer
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\CMW
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Customized Platform Advancer
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\fcn
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Live-Player
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Media Access Startup
    HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Web Search Operator
    .
    ============== Added scan ==============
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Local Page: C:\WINDOWS\system32\blank.htm
    Show_ToolBar: yes
    Start Page: hxxp://www.google.be/
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Bar: hxxp://search.msn.fr/spbasic.htm
    Use Custom Search URL: 1 (0x1)
    Enable Browser Extensions: yes
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    7697 Byte(s) - C:\Ad-Report-SCAN[1].log
    .
    1561 File(s) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    511 File(s) - C:\WINDOWS\Temp
    129 File(s) - C:\WINDOWS\Prefetch
    .
    1 File(s) - C:\Program Files\Ad-Remover\BACKUP
    0 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    End at: 3:36:23 | mar. 05/01/2010 - SCAN[1]
    .
    ============== E.O.F ==============
    .
    5 Janvier 2010 03:40:40

    voilà!!! ne rigole pas mais franchement, je m'épate! jamais j'aurais cru pouvoir faire ça un jour, moi la nullleee en informatique! :-)
    a c 267 8 Sécurité
    5 Janvier 2010 03:41:28

    Tu ne peux pas faire l'option L ?
    5 Janvier 2010 03:44:37

    non... le pc me demande de redemarrer le pc, je n ai pas le choix, je dois appuier sur ok. ensuite au redémarrage, il ne trouve pas le ad-r, il me demande de le chercher moi meme. je ne sais pas si je me ss bien fait comprendre.... sorry :-(
    5 Janvier 2010 03:45:45

    et je n ai pas pu mettre la lettre f non plus, ct automatiquement en anglais.
    a c 267 8 Sécurité
    5 Janvier 2010 03:46:46

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    5 Janvier 2010 04:06:18

    Malwarebytes' Anti-Malware 1.43
    Version de la base de données: 3495
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    5/01/2010 4:05:42
    mbam-log-2010-01-05 (04-05-42).txt

    Type de recherche: Examen rapide
    Eléments examinés: 114149
    Temps écoulé: 14 minute(s), 57 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 9
    Clé(s) du Registre infectée(s): 67
    Valeur(s) du Registre infectée(s): 7
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 45
    Fichier(s) infecté(s): 226

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Web Search Operator\4.2.0.2150\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACECommon.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\lri.dll (Adware.Agent) -> Delete on reboot.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPACommon.dll (Adware.Agent) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{f5b8c69c-9b45-4a6a-9380-df225c546ae7} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{629cd6c2-e4c5-4554-aeb8-12e4e2cd40ff} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{2a743834-05f4-4ed4-8a1c-41332b10ac0c} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1081d532-7de4-40bd-b912-388fa6b27c78} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{5297e905-1dfb-4a9c-9871-a4f95fd58945} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\videobarapp (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Adware.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temp\cmw\newSetup (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\Data (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\Data (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\Data (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator\4.2.0.2150 (Adware.DoubleD) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvb0.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ExtractZipFile.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_RSS.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Today\1.2.0.1420\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\lri.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\WSOCommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_DomainInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_KeywordInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACECommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\lri.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\lri.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Content Management Wizard\1.2.0.2080\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-215145.507.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-215723.569.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-215733.960.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-220144.616.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222611.085.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222613.866.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222735.538.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222943.023.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223048.648.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223223.726.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223335.523.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223457.866.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223731.507.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223839.241.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223950.913.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-224505.382.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-224900.288.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225109.444.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225218.710.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225437.851.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225759.976.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225849.601.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225924.429.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-003032.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-003032.749.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-003645.630.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-005116.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010636.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010636.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010757.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010804.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-011829.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-012111.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-013355.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-013512.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-013614.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-014231.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-014411.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-021039.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-021210.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-021403.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-023844.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-031203.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-032744.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-033148.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-033824.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-215153.335.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-215723.694.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-215734.116.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-220144.741.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222611.194.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222613.991.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222735.648.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222943.132.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223048.773.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223223.835.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223335.648.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223457.976.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223731.632.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223839.366.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223951.023.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-224505.507.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-224900.398.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225109.569.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225218.819.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225437.960.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225800.085.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225849.726.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225924.554.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-003032.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-003032.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-003645.802.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-005120.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010639.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010639.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010758.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010805.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-011829.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-012111.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-013356.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-013513.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-013615.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-014232.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-014411.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-021040.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-021211.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-021403.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-023844.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-031203.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-032751.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-033148.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-033824.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_Data.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_DomainInterval.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_KeywordInterval.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator\4.2.0.2150\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    5 Janvier 2010 04:22:23

    je n'arrive toujours pas à le supprimer de la liste dans le panneau de configuration... de plus j'ai l'impression qu'il m'a ramené toutes les publicités intempestives du monde!! mon pc est devenu lent !!! grrrrrr merci encore pr ton aide !!!
    a c 267 8 Sécurité
    5 Janvier 2010 04:37:12

    Tu as redémarré le PC comme demandé ?
    a c 267 8 Sécurité
    5 Janvier 2010 04:47:15

  • Relance MBAM, va dans Quarantaine et supprime tout.

    L'option L d'Ad-Remover ne fonctionne toujours pas ?
    5 Janvier 2010 04:57:12

    non toujours pas... j'ai relancé AD-R, j'ai mis L, puis le pc a redemarré, et au démarage, ilme met toujours: impossible de trouver le fichier dans c:....
    a c 267 8 Sécurité
    5 Janvier 2010 05:01:00

  • Refais un scan RSIT et poste le rapport log.
    5 Janvier 2010 05:02:27

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrator at 2010-01-05 05:01:54
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 87 GB (84%) free of 104 GB
    Total RAM: 2023 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:02:04, on 5/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
    C:\WINDOWS\System32\tabbtnu.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Intel\AMT\atchksrv.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\system32\ifxspmgt.exe
    C:\WINDOWS\system32\ifxtcs.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\system32\IfxPsdSv.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Novadigm\ManagementAgent\nvdkit.exe
    C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\AMT\UNS.exe
    C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
    C:\Program Files\Intel\AMT\atchk.exe
    C:\WINDOWS\system32\AccelerometerSt.exe
    C:\WINDOWS\snuvcdsm.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
    C:\Program Files\PDF Complete\pdfsty.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Documents and Settings\Administrator\Desktop\RSIT.exe
    C:\Program Files\trend micro\Administrator.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
    O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
    O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
    O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
    O4 - HKLM\..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
    O4 - HKLM\..\Run: [Vodafone Mobile Connect] "C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe" -a
    O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O20 - AppInit_DLLs: APSHook.dll
    O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
    O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
    O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Radia Management Agent (rma) - Unknown owner - C:/Novadigm/ManagementAgent/nvdkit.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe

    --
    End of file - 13524 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-01 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
    Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 71192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-01 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
    "TabletWizard"=C:\WINDOWS\help\SplshWrp.exe [2008-04-14 16384]
    "TabletTip"=C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe [2008-04-14 271872]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
    "atchk"=C:\Program Files\Intel\AMT\atchk.exe [2007-05-01 404248]
    "PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
    "IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
    "CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
    "AccelerometerSysTrayApplet"=C:\WINDOWS\system32\AccelerometerSt.exe [2007-05-14 124928]
    "snp2uvc"=C:\WINDOWS\vsnp2uvc.exe []
    "tsnp2uvc"=C:\WINDOWS\tsnp2uvc.exe []
    "snuvcdsm"=C:\WINDOWS\snuvcdsm.exe [2007-05-23 20480]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
    "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-14 138008]
    "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-14 162584]
    "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-14 138008]
    "Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2007-05-03 57344]
    "PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
    ""= []
    "AT&T Communication Manager"=C:\Program Files\AT&T\Communication Manager\ATTCM.exe [2007-06-14 22528]
    "Vodafone Mobile Connect"=C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe [2007-07-31 81920]
    "AirCardEnabler"= []
    "WatcherHelper"=C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe [2007-07-24 120352]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-01 149280]
    "RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2007-02-02 1116920]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2007-05-23 192512]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-15 194104]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

    C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
    OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="APSHook.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
    C:\WINDOWS\system32\DeviceNP.dll [2007-04-30 49152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\loginkey]
    C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll [2008-04-14 47104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
    C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [2007-02-07 74240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TabBtnWL]
    C:\WINDOWS\system32\TabBtnWL.dll [2002-08-29 11776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpgwlnotify]
    C:\WINDOWS\system32\tpgwlnot.dll [2008-04-14 32256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=SbHpNp
    scecli
    ASWLNPkg

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    ""=""
    "C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe"="C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe:*:Enabled:SwiApiMux"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eda0bf50-9ebc-11de-b858-806d6172696f}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480


    ======List of files/folders created in the last 1 months======

    2010-01-05 03:49:14 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    2010-01-05 03:49:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-05 03:49:06 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2010-01-05 02:50:32 ----D---- C:\Program Files\trend micro
    2010-01-05 02:50:30 ----D---- C:\rsit
    2010-01-05 02:07:44 ----N---- C:\WINDOWS\system32\MpSigStub.exe
    2010-01-05 02:04:39 ----D---- C:\Program Files\Windows Defender
    2010-01-05 00:43:42 ----D---- C:\WINDOWS\ie8updates
    2010-01-05 00:41:19 ----D---- C:\WINDOWS\WBEM
    2010-01-05 00:37:02 ----HDC---- C:\WINDOWS\ie8
    2010-01-04 23:02:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2010-01-04 23:02:21 ----D---- C:\Program Files\Alwil Software
    2010-01-04 22:45:53 ----D---- C:\WINDOWS\system32\appmgmt
    2010-01-04 21:51:12 ----D---- C:\Program Files\GameRaving Toolbar
    2010-01-04 21:51:02 ----HDC---- C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}
    2009-12-27 00:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2009-12-27 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
    2009-12-24 14:15:44 ----D---- C:\WINDOWS\Prefetch
    2009-12-24 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
    2009-12-24 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
    2009-12-24 00:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-12-24 00:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2009-12-24 00:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-12-24 00:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
    2009-12-24 00:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
    2009-12-24 00:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
    2009-12-24 00:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-12-24 00:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-12-24 00:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-12-24 00:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
    2009-12-24 00:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-12-24 00:39:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-12-24 00:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
    2009-12-24 00:39:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-12-24 00:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-12-24 00:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-12-24 00:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-12-24 00:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
    2009-12-24 00:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-12-24 00:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-12-24 00:37:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-12-24 00:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-12-24 00:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-12-24 00:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-12-24 00:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-12-24 00:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-12-24 00:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-12-24 00:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-12-24 00:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-12-24 00:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-12-24 00:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-12-24 00:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-12-24 00:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-12-24 00:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-12-24 00:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-12-24 00:35:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-12-24 00:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-12-24 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-12-24 00:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
    2009-12-24 00:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-12-24 00:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-12-24 00:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-12-24 00:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-12-24 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-12-24 00:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-12-24 00:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-12-24 00:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-12-24 00:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-12-24 00:30:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-12-24 00:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-12-24 00:19:02 ----D---- C:\WINDOWS\system32\scripting
    2009-12-24 00:19:02 ----D---- C:\WINDOWS\l2schemas
    2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\en
    2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\bits
    2009-12-24 00:10:05 ----D---- C:\WINDOWS\network diagnostic
    2009-12-23 23:58:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-12-23 23:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
    2009-12-23 23:03:20 ----D---- C:\Documents and Settings\Administrator\Application Data\HpUpdate
    2009-12-23 23:03:13 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-12-15 14:25:14 ----SHD---- C:\RECYCLER
    2009-12-13 22:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-12-10 07:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
    2009-12-10 07:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
    2009-12-10 07:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB976325_0$
    2009-12-10 07:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
    2009-12-10 07:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
    2009-12-10 07:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
    2009-12-09 10:13:36 ----D---- C:\Program Files\isee systems
    2009-12-09 10:12:21 ----D---- C:\Documents and Settings\Administrator\Application Data\U3
    2009-12-08 13:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
    2009-12-08 13:38:04 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-12-08 13:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-12-08 13:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB920142$
    2009-12-08 00:29:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Windows Live Writer
    2009-12-06 09:05:48 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-12-06 09:05:31 ----D---- C:\Program Files\MSBuild
    2009-12-06 09:05:25 ----D---- C:\WINDOWS\system32\en-US
    2009-12-06 09:05:06 ----D---- C:\Program Files\Reference Assemblies
    2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-12-06 09:04:09 ----D---- C:\3b1c70944be34a36b107270f
    2009-12-06 08:57:22 ----HDC---- C:\WINDOWS\$NtUninstallWIC$

    ======List of files/folders modified in the last 1 months======

    2010-01-05 05:01:58 ----D---- C:\WINDOWS\Temp
    2010-01-05 04:54:09 ----D---- C:\WINDOWS\system32\CatRoot2
    2010-01-05 04:54:03 ----SD---- C:\WINDOWS\Tasks
    2010-01-05 04:51:10 ----A---- C:\WINDOWS\system32\log.txt
    2010-01-05 04:51:00 ----D---- C:\WINDOWS
    2010-01-05 04:49:41 ----A---- C:\WINDOWS\SchedLgU.Txt
    2010-01-05 04:49:05 ----RD---- C:\Program Files
    2010-01-05 04:08:41 ----D---- C:\WINDOWS\system32\drivers
    2010-01-05 02:07:44 ----D---- C:\WINDOWS\system32
    2010-01-05 02:05:28 ----SHD---- C:\WINDOWS\Installer
    2010-01-05 02:04:44 ----HD---- C:\WINDOWS\inf
    2010-01-05 02:04:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2010-01-05 00:48:09 ----D---- C:\WINDOWS\system32\config
    2010-01-05 00:48:02 ----D---- C:\Program Files\Internet Explorer
    2010-01-05 00:48:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2010-01-05 00:48:01 ----D---- C:\WINDOWS\Help
    2010-01-05 00:44:14 ----HD---- C:\WINDOWS\$hf_mig$
    2010-01-05 00:43:55 ----A---- C:\WINDOWS\imsins.BAK
    2010-01-05 00:40:46 ----D---- C:\WINDOWS\Media
    2010-01-05 00:35:56 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
    2010-01-04 23:32:46 ----D---- C:\Program Files\Live-Player
    2009-12-27 17:20:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-27 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-12-24 14:18:14 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-12-24 14:16:10 ----A---- C:\WINDOWS\setuplog.txt
    2009-12-24 14:14:47 ----D---- C:\WINDOWS\AppPatch
    2009-12-24 14:14:47 ----D---- C:\Program Files\Messenger
    2009-12-24 14:14:46 ----D---- C:\WINDOWS\system32\Setup
    2009-12-24 14:14:46 ----D---- C:\WINDOWS\ime
    2009-12-24 14:14:44 ----D---- C:\WINDOWS\system32\wbem
    2009-12-24 14:14:41 ----RSD---- C:\WINDOWS\Fonts
    2009-12-24 00:41:58 ----D---- C:\WINDOWS\system32\CatRoot
    2009-12-24 00:39:36 ----D---- C:\Program Files\Outlook Express
    2009-12-24 00:29:36 ----D---- C:\WINDOWS\security
    2009-12-24 00:26:06 ----RSD---- C:\WINDOWS\assembly
    2009-12-24 00:20:14 ----D---- C:\WINDOWS\WinSxS
    2009-12-24 00:19:47 ----D---- C:\Program Files\Windows Journal
    2009-12-24 00:19:24 ----D---- C:\WINDOWS\system32\inetsrv
    2009-12-24 00:19:03 ----D---- C:\WINDOWS\system32\usmt
    2009-12-24 00:19:01 ----D---- C:\WINDOWS\PeerNet
    2009-12-24 00:19:00 ----D---- C:\Program Files\Movie Maker
    2009-12-24 00:15:12 ----D---- C:\WINDOWS\ServicePackFiles
    2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\Restore
    2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\npp
    2009-12-24 00:14:52 ----D---- C:\WINDOWS\mui
    2009-12-24 00:14:49 ----D---- C:\WINDOWS\msagent
    2009-12-24 00:14:45 ----D---- C:\WINDOWS\srchasst
    2009-12-24 00:14:40 ----D---- C:\Program Files\NetMeeting
    2009-12-24 00:14:38 ----D---- C:\WINDOWS\system32\Com
    2009-12-24 00:14:33 ----D---- C:\Program Files\Windows Media Player
    2009-12-24 00:14:32 ----D---- C:\Program Files\Windows NT
    2009-12-24 00:14:24 ----D---- C:\Program Files\Common Files\System
    2009-12-24 00:13:44 ----D---- C:\WINDOWS\system32\oobe
    2009-12-24 00:13:40 ----D---- C:\WINDOWS\system
    2009-12-23 23:58:08 ----D---- C:\WINDOWS\ehome
    2009-12-23 23:04:25 ----D---- C:\Program Files\HP
    2009-12-09 10:13:36 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-08 18:47:59 ----D---- C:\WINDOWS\Microsoft.Net
    2009-12-08 13:38:09 ----D---- C:\WINDOWS\Debug
    2009-12-06 09:04:25 ----D---- C:\WINDOWS\system32\spool

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
    R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
    R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-04-18 39080]
    R1 RsvLock;RsvLock; C:\WINDOWS\system32\drivers\RsvLock.sys [2007-04-26 5808]
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-11 21425]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
    R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
    R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
    R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9400]
    R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
    R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
    R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
    R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
    R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
    R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
    R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
    R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-07-24 22016]
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-03-01 289792]
    R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
    R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-06-01 145288]
    R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
    R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
    R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-12 250776]
    R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-03-19 9216]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-04-06 44800]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-04-26 988032]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-04-26 210816]
    R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-16 5707744]
    R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-04-18 41216]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-03-01 2203520]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-06-14 26368]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-24 1742976]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-01-12 201856]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 WacomPen;Wacom Serial Pen HID Driver; C:\WINDOWS\system32\DRIVERS\wacompen.sys [2008-04-13 14208]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-04-26 731136]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DAMDrv;DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv.sys [2007-04-23 30008]
    S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
    S3 scrswi;Sierra Wireless Smart Card Reader; C:\WINDOWS\system32\DRIVERS\scrswi.sys [2007-03-26 43904]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 SWNC8U02;HP hs2300 MUX NDIS Driver (#02); C:\WINDOWS\system32\DRIVERS\SWNC8U02.sys [2007-03-12 102272]
    S3 SWUMX02;HP hs2300 USB MUX Driver (#02); C:\WINDOWS\system32\DRIVERS\swumx02.sys [2007-04-10 72576]
    S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ASBroker;Logon Session Broker; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
    R2 atchksrv;Intel(R) Active Management Technology System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-05-01 183064]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
    R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2007-04-27 221184]
    R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
    R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\ifxtcs.exe [2007-05-23 853536]
    R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-01 153376]
    R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2007-05-01 121624]
    R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
    R2 PersonalSecureDriveService;Personal Secure Drive service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-04-18 140832]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
    R2 rma;Radia Management Agent; C:/Novadigm/ManagementAgent/nvdkit.exe []
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
    R2 SPCSUtilityService;SPCSUtilityService; C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe [2007-09-05 131072]
    R2 SWIHPWMI;SWIHPWMI; C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [2006-12-04 292384]
    R2 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Intel\AMT\UNS.exe [2007-05-01 1489688]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
    R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\WINDOWS\system32\flcdlock.exe [2007-04-30 172131]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 267 8 Sécurité
    5 Janvier 2010 05:10:17

    C'est beaucoup mieux d'après ce rapport.

    Tu souhaites conserver Avast ?
    5 Janvier 2010 05:12:07

    qu'en penses tu? je n'avais pas d anti virus. en plus je l ai aussi installé pour empecher les publicités intempestives d'apparaitre... mais en vain! que me proposes tu? tu as quelque chose de meilleur? je n'y connais rien... :-)
    a c 267 8 Sécurité
    5 Janvier 2010 05:17:34

  • Désinstalle Avast.

  • Installe AntiVir et mets-le à jour.
  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)

    Je m'absente ;) 
    5 Janvier 2010 05:56:01

    je v dormir, je suis ko... on peut continuer demain? :-)
    a c 267 8 Sécurité
    5 Janvier 2010 16:27:12

    Pas de souci.
    10 Janvier 2010 03:35:38

    BONSOIR!!! désolée pour l'absence... mais je ss en plein exam et je me ss concentrée sur mes cours... j'ai tj ce virus apparement et me ralentit mon pc! de plus, j'ai tj ces pub intempestives qui rendent mes travaux impossible à réaliser! please helppppppp merci:-)
    a c 267 8 Sécurité
    10 Janvier 2010 03:49:16

    Tu as fait la manip' avec AntiVir ?
    10 Janvier 2010 03:52:52

    je ss entrain de vérifier le système intégral... je te poste le rapport dès que c finit... :-(
    10 Janvier 2010 05:32:23



    Avira AntiVir Personal
    Date de création du fichier de rapport : 10 January 2010 03:52

    La recherche porte sur 1499407 souches de virus.

    Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
    Numéro de série : 0000149996-ADJIE-0000001
    Plateforme : Windows XP
    Version de Windows : (Service Pack 3) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur : HP-F33DFECE7FB1

    Informations de version :
    BUILD.DAT : 9.0.0.74 21698 Bytes 4/12/2009 13:56:00
    AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:25:46
    AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/03/2009 09:21:02
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
    LUKERES.DLL : 9.0.2.0 13569 Bytes 3/03/2009 09:21:31
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 06:35:52
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 05:08:17
    VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 05:08:17
    VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 05:08:17
    VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 05:08:18
    VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 05:08:18
    VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 05:08:18
    VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 05:08:18
    VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 05:08:18
    VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 05:08:18
    VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 05:08:18
    VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 05:08:18
    VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 05:08:19
    VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 05:08:19
    VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 05:08:20
    VBASE015.VDF : 7.10.1.178 195584 Bytes 7/12/2009 05:08:20
    VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 05:08:21
    VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 05:08:22
    VBASE018.VDF : 7.10.2.30 198144 Bytes 21/12/2009 05:08:22
    VBASE019.VDF : 7.10.2.63 187392 Bytes 24/12/2009 05:08:23
    VBASE020.VDF : 7.10.2.93 195072 Bytes 29/12/2009 05:08:23
    VBASE021.VDF : 7.10.2.94 2048 Bytes 29/12/2009 05:08:24
    VBASE022.VDF : 7.10.2.95 2048 Bytes 29/12/2009 05:08:24
    VBASE023.VDF : 7.10.2.96 2048 Bytes 29/12/2009 05:08:25
    VBASE024.VDF : 7.10.2.97 2048 Bytes 29/12/2009 05:08:25
    VBASE025.VDF : 7.10.2.98 2048 Bytes 29/12/2009 05:08:25
    VBASE026.VDF : 7.10.2.99 2048 Bytes 29/12/2009 05:08:25
    VBASE027.VDF : 7.10.2.100 2048 Bytes 29/12/2009 05:08:25
    VBASE028.VDF : 7.10.2.101 2048 Bytes 29/12/2009 05:08:25
    VBASE029.VDF : 7.10.2.102 2048 Bytes 29/12/2009 05:08:25
    VBASE030.VDF : 7.10.2.103 2048 Bytes 29/12/2009 05:08:26
    VBASE031.VDF : 7.10.2.119 167424 Bytes 4/01/2010 05:08:27
    Version du moteur : 8.2.1.130
    AEVDF.DLL : 8.1.1.2 106867 Bytes 8/11/2009 06:38:52
    AESCRIPT.DLL : 8.1.3.7 594296 Bytes 5/01/2010 05:08:38
    AESCN.DLL : 8.1.3.0 127348 Bytes 5/01/2010 05:08:37
    AESBX.DLL : 8.1.1.1 246132 Bytes 8/11/2009 06:38:44
    AERDL.DLL : 8.1.3.4 479605 Bytes 5/01/2010 05:08:36
    AEPACK.DLL : 8.2.0.4 422263 Bytes 5/01/2010 05:08:36
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 8/11/2009 06:38:38
    AEHEUR.DLL : 8.1.0.192 2195833 Bytes 5/01/2010 05:08:35
    AEHELP.DLL : 8.1.9.0 237943 Bytes 5/01/2010 05:08:31
    AEGEN.DLL : 8.1.1.83 369014 Bytes 5/01/2010 05:08:29
    AEEMU.DLL : 8.1.1.0 393587 Bytes 8/11/2009 06:38:26
    AECORE.DLL : 8.1.9.1 180598 Bytes 5/01/2010 05:08:28
    AEBB.DLL : 8.1.0.3 53618 Bytes 8/11/2009 06:38:20
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
    AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:13:31
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 7/11/2008 14:24:42
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:20:57
    NETNT.DLL : 9.0.0.0 11521 Bytes 7/11/2008 14:40:59
    RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26
    RCTEXT.DLL : 9.0.73.0 88321 Bytes 2/11/2009 15:58:32

    Configuration pour la recherche actuelle :
    Nom de la tâche...............................: Contrôle intégral du système
    Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Documentation.................................: bas
    Action principale.............................: interactif
    Action secondaire.............................: ignorer
    Recherche sur les secteurs d'amorçage maître..: marche
    Recherche sur les secteurs d'amorçage.........: marche
    Secteurs d'amorçage...........................: C:, D:, E:,
    Recherche dans les programmes actifs..........: marche
    Recherche en cours sur l'enregistrement.......: marche
    Recherche de Rootkits.........................: marche
    Contrôle d'intégrité de fichiers système......: arrêt
    Fichier mode de recherche.....................: Tous les fichiers
    Recherche sur les archives....................: marche
    Limiter la profondeur de récursivité..........: 20
    Archive Smart Extensions......................: marche
    Heuristique de macrovirus.....................: marche
    Heuristique fichier...........................: moyen

    Début de la recherche : 10 January 2010 03:52

    La recherche d'objets cachés commence.
    '85103' objets ont été contrôlés, '0' objets cachés ont été trouvés.

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WudfHost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Dot1XCfg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'HpqToaster.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Com4QLBEx.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'PSDrt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpqWmiEx.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'soffice.bin' - '1' module(s) sont contrôlés
    Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'BTSTAC~1.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'BTTray.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SWIHPWMI.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'UNS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SPCSUtilityService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'nvdkit.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'IfxPsdSv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MSASCui.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'pdfsvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'LMS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'hpwuschd2.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'QLBCtrl.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'DVDCheck.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iFrmewrk.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ZCfgSvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iviRegMgr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'DrgToDsc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'IFXTCS.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WaHelper.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'IFXSPMGT.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'HPWAMain.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ATCHKSRV.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'igfxsrvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'pdfsty.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'igfxpers.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hkcmd.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'igfxtray.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'snuvcdsm.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'accelerometerST.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'pthosttr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ATCHK.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'tabtip.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smax4pnp.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'tcserver.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'scardsvr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'tabbtnu.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'asghost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wisptis.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'keyboardsurrogate.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'btwdins.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MsMpEng.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'HpFkCrypt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '84' processus ont été contrôlés avec '84' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'D:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'E:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence :
    Le registre a été contrôlé ( '77' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\'
    C:\hiberfil.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
    C:\Documents and Settings\Administrator\Desktop\AD-R.exe
    [0] Type d'archive: NSIS
    --> ProgramFilesDir/List.dat
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Malicious.ActiveX.Gen
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XHEJPJ8V\AD-R[1].exe
    [0] Type d'archive: NSIS
    --> ProgramFilesDir/List.dat
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Malicious.ActiveX.Gen
    C:\Program Files\Live-Player\uninst.exe
    [RESULTAT] Contient le cheval de Troie TR/Dldr.Wintrim.BX.45
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011151.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011152.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011153.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011154.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011155.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011156.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011158.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011160.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011161.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011162.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011163.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011164.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011166.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011167.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011168.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011169.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011170.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011171.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011173.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011174.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011175.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011176.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011178.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011179.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011180.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011181.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    C:\WINDOWS\system32\drivers\SafeBoot.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    Recherche débutant dans 'D:\' <HP_RECOVERY>
    Recherche débutant dans 'E:\' <OS_TOOLS>

    Début de la désinfection :
    C:\Documents and Settings\Administrator\Desktop\AD-R.exe
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b765768.qua' !
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XHEJPJ8V\AD-R[1].exe
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a000c09.qua' !
    C:\Program Files\Live-Player\uninst.exe
    [RESULTAT] Contient le cheval de Troie TR/Dldr.Wintrim.BX.45
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bb25796.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011151.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b795758.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011152.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4af06571.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011153.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4afc4451.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011154.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4af17d39.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011155.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4afe75c1.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011156.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aff4d89.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011158.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b795759.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011160.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6a4c22.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011161.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6d741a.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011162.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6f7c4a.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011163.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575a.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011164.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575b.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011166.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575c.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011167.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f631d6d.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011168.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6206a5.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011169.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f650e9d.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011170.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6436d5.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011171.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f673e0d.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011173.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575d.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011174.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f592fbe.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011175.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f58d7f6.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011176.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5bdf2e.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011178.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5ac766.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011179.dll
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5dcf5e.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011180.dll
    [RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5cc896.qua' !
    C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011181.exe
    [RESULTAT] Contient le cheval de Troie TR/Trash.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5ff0ce.qua' !


    Fin de la recherche : 10 January 2010 05:27
    Temps nécessaire: 1:34:48 Heure(s)

    La recherche a été effectuée intégralement

    9274 Les répertoires ont été contrôlés
    522325 Des fichiers ont été contrôlés
    29 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    0 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    29 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    3 Impossible de contrôler des fichiers
    522293 Fichiers non infectés
    4633 Les archives ont été contrôlées
    3 Avertissements
    31 Consignes
    85103 Des objets ont été contrôlés lors du Rootkitscan
    0 Des objets cachés ont été trouvés

    10 Janvier 2010 05:48:23

    merci infiniment !!! c'est génial ce que vous faites vraiment! merci pour tout ....
    a c 267 8 Sécurité
    10 Janvier 2010 07:52:01

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe pour le lancer.
    (Sous Vista, clique droit sur Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur 1 puis valide avec Entrée pour choisir Français.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    10 Janvier 2010 21:58:22

    Fix Navipromo version 4.0.6 commencé le dim. 10/01/2010 21:47:14,84

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU U7700 @ 1.33GHz )
    BIOS : KBC Version 74.3A
    USER : Administrator ( Administrator )
    BOOT : Normal boot

    Antivirus : AntiVir Desktop 9.0.1.32 (Activated)


    C:\ (Local Disk) - NTFS - Total:101 Go (Free:83 Go)
    D:\ (Local Disk) - NTFS - Total:8 Go (Free:2 Go)
    E:\ (Local Disk) - NTFS - Total:1 Go (Free:1 Go)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\Program Files\Live-Player supprimé !
    c:\docume~1\alluse~1\startm~1\programs\Live-Player supprimé !
    C:\Documents and Settings\Administrator\applic~1\Live-Player supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Administrator\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok




    *** Scan terminé dim. 10/01/2010 21:54:45,85 ***

    a c 267 8 Sécurité
    11 Janvier 2010 04:54:43

    Tu as toujours des pubs ?
    11 Janvier 2010 05:26:04

    non! merci bcp ! je pense ke tout est reglo maintenant...
    11 Janvier 2010 05:26:56

    merci encore! je peux supprimer ts les logiciels que j'ai installé pour enlever ce virus??
    a c 267 8 Sécurité
    11 Janvier 2010 06:29:46

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    11 Janvier 2010 20:09:26

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\cleannavi.txt: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Administrator\Desktop\Navilog1.exe: trouvé !
    C:\Documents and Settings\Administrator\Desktop\Rsit.exe: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Navilog1\Navilog1.bat: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\Administrator\Desktop\Navilog1.exe: supprimé !
    C:\Program Files\Navilog1\Navilog1.bat: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\Documents and Settings\Administrator\Desktop\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\Rsit: supprimé !
    C:\Program Files\Navilog1: supprimé !
    a c 267 8 Sécurité
    11 Janvier 2010 20:12:28

    Tu peux supprimer ToolsCleaner.

    Bonne soirée ;) 
    11 Janvier 2010 21:02:22

    bonsoir,

    je n'arrive toujours pas à supprimer gameraving de la liste des programmes à supprimer, dans panneau des configuration. Le message suivant m'apparait à chaque fois!!! : "setup was enable to locate the Pixel Log Program on your system ( error code: 3008)." comment faire pour le supprimer définitevement??

    et encore merci pour tout!
    a c 267 8 Sécurité
    14 Janvier 2010 06:04:55

    Tu peux le supprimer de la liste avec CCleaner.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS