Se connecter / S'enregistrer
Votre question

RESOLU Cheval de troie Generic_c.RR

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Janvier 2009 06:43:35

Bonjour, Avg détecte Generic_c.RR et je n'arrive pas à le supprimer, comment faire?

Je joint l'analyse d'AVG et un rapport hijackthis

Merci

"C:\WINDOWS\system32\ftp.exe";"Cheval de Troie : Generic_c.RR";"L'objet est dans la liste blanche"






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:43:00, on 29/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\COMBAT~1\A-SQUA~1\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\V3CallCenter\V3faxecp.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/ServiceLogin?service=to...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=22028
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunServices: [nx] C:\WINDOWS\system32\nx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Program Files\V3CallCenter\V3faxecp.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O15 - Trusted Zone: http://www.achatvip.com
O15 - Trusted Zone: http://home.spaces.live.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: http://www.vente-privee.com
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-dbbd7c4540ea6df2.spaces.live.com/PhotoUpload...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EE35025-1138-486E-91FB-29A0AA1552B4}: NameServer = 202.3.225.115,202.3.225.10,202.3.225.125,202.3.225.20
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\COMBAT~1\A-SQUA~1\a2service.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - https://www.telepaiement.cp.finances.gouv.fr/satelit/V1...

--
End of file - 14315 bytes

Autres pages sur : resolu cheval troie generic

a c 267 8 Sécurité
a b 9 Windows
29 Janvier 2009 10:41:52

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    30 Janvier 2009 03:23:08

    Re bonjour voici les 2 rapports demandés


    info.txt logfile of random's system information tool 1.05 2009-01-30 03:18:36

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}\Setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
    Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
    AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
    ArcSoft Panorama Maker 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CABB679-3958-44AA-BFFF-4E68A2684255}\Setup.exe" -l0x40c -uninst
    a-squared Free 2.1-->"C:\combattre les virus\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    calimco2-->"C:\Program Files\calimco2\UninstallerData\Uninstall calimco2.exe"
    Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
    Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
    Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
    Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
    Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
    CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
    Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
    Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
    Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
    Canon Utilities Digital Photo Professional 2.2-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
    Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
    Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
    Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
    Collection Microsoft Encarta 2005-->MsiExec.exe /I{054600C0-64A6-4248-A026-9745C1E9E159}
    Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -IAt8VEN5a.inf
    Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
    ConvertXtoDVD 2.0.4-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
    Correctif pour Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB909095)-->"C:\WINDOWS\$NtUninstallKB909095$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB912436)-->"C:\WINDOWS\$NtUninstallKB912436$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB918005)-->"C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Correctif Windows XP - KB888239-->C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890546-->C:\WINDOWS\$NtUninstallKB890546$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891220-->C:\WINDOWS\$NtUninstallKB891220$\spuninst\spuninst.exe
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Correctif Windows XP - KB892559-->"C:\WINDOWS\$NtUninstallKB892559$\spuninst\spuninst.exe"
    DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
    EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
    EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
    EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
    EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
    ESCX3600 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESCX3600\REF_G\DOCUNINS.EXE
    ESCX3600 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESCX3600\PQU_G\DOCUNINS.EXE
    FREE CallCenter-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\V3CallCenter\Uninst.isu"
    GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
    Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Grand Prix 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Logiciels\GP4\setup.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hijackthis Version Française 1.99.0.1-->"C:\Program Files\Hijackthis Version Française\unins000.exe"
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    HP Help and Support-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x40c -removeonly
    HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
    HP Quick Launch Buttons 6.10 A2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x40c -removeonly uninst
    HP QuickPlay 2.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
    HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
    HP User Guides 0032-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E276E05A-FFE8-485B-A005-42E76EA72AC4}\Setup.exe" -l0x40c -removeonly
    HP Wireless Assistant 2.00 G2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x40c hpquninst
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
    LivePix-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\LivePix 2.0\Uninst.isu"
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
    Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
    Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
    Macromedia Shockwave Player-->MsiExec.exe /X{838A1BC9-95CA-4880-9BE3-2A7D23600A2B}
    Microsoft .NET Framework 1.0 Hotfix (KB887998)-->"C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
    Microsoft .NET Framework 1.0 Hotfix (KB930494)-->"C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
    Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
    Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911164)-->"C:\WINDOWS\$NtUninstallKB911164$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Nero 7 Premium-->MsiExec.exe /I{5241FB1B-9CF5-448C-3BFD-1AE58B061036}
    NetWaiting-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel
    Nikon View 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}\setup.exe" UNINSTALL
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    Orange Plug-in messagerie vocale 888-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}\Setup.exe" -l0x40c --AddRemove
    Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
    Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
    Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m\HXFSETUP.EXE -U -IAt8VEN5m.inf
    Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
    Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    SonicAC3Encoder-->MsiExec.exe /I{52FBAE98-D389-4281-8C14-21B4046CCB4E}
    SonicMPEGEncoder-->MsiExec.exe /I{B16AF568-A644-483C-A6DA-5028CD019C8C}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    USB MODEM Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\setup.exe" -l0x9 UNINSTALL
    VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"

    ======Hosts File======

    127.0.0.1 localhost
    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AVG Internet Security
    AV: avast! antivirus 4.8.1296 [VPS 090129-0]
    FW: AVG Firewall

    System event log

    Computer Name: AMELIE
    Event Code: 6005
    Message: Le service d'Enregistrement d'événement a démarré.

    Record Number: 42916
    Source Name: EventLog
    Time Written: 20080625030902.000000+120
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 6009
    Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

    Record Number: 42915
    Source Name: EventLog
    Time Written: 20080625030902.000000+120
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

    Record Number: 42914
    Source Name: Service Control Manager
    Time Written: 20080625030506.000000+120
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 42913
    Source Name: Service Control Manager
    Time Written: 20080625030500.000000+120
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 42912
    Source Name: Service Control Manager
    Time Written: 20080625030500.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Application event log

    Computer Name: AMELIE
    Event Code: 103
    Message: msnmsgr (6088) \\.\C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 22120
    Source Name: ESENT
    Time Written: 20081217043218.000000+060
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 704
    Message: msnmsgr (6088) La défragmentation en ligne de la base de données '\\.\C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\dfsr.db' a été interrompue et arrêtée. La prochaine fois qu'une défragmentation en ligne sera effectuée dans cette base de données, elle reprendra à l'endroit où elle a été interrompue.

    Record Number: 22119
    Source Name: ESENT
    Time Written: 20081217043218.000000+060
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 701
    Message: msnmsgr (6088) La défragmentation en ligne a terminé un passage complet dans la base de données '\\.\C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\dfsr.db'.

    Record Number: 22118
    Source Name: ESENT
    Time Written: 20081217040005.000000+060
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 700
    Message: msnmsgr (6088) La défragmentation en ligne commence un passage complet dans la base de données '\\.\C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\dfsr.db'.

    Record Number: 22117
    Source Name: ESENT
    Time Written: 20081217040005.000000+060
    Event Type: Informations
    User:

    Computer Name: AMELIE
    Event Code: 701
    Message: msnmsgr (6088) La défragmentation en ligne a terminé un passage complet dans la base de données '\\.\C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\dfsr.db'.

    Record Number: 22116
    Source Name: ESENT
    Time Written: 20081217030005.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=4802
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
    "PCTYPE"=PAVILION
    "PLATFORM"=MCD

    -----------------EOF-----------------




    Logfile of random's system information tool 1.05 (written by random/random)
    Run by david genot at 2009-01-30 03:18:07
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 31 GB (37%) free of 86 GB
    Total RAM: 2047 MB (55% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 03:18:32, on 30/01/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\COMBAT~1\A-SQUA~1\a2service.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\V3CallCenter\V3faxecp.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\david genot\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\david genot.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/ServiceLogin?service=to...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=22028
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
    O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\RunServices: [nx] C:\WINDOWS\system32\nx.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Program Files\V3CallCenter\V3faxecp.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    O15 - Trusted Zone: http://www.achatvip.com
    O15 - Trusted Zone: http://home.spaces.live.com
    O15 - Trusted Zone: http://www.secuser.com
    O15 - Trusted Zone: http://www.vente-privee.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-dbbd7c4540ea6df2.spaces.live.com/PhotoUpload...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4EE35025-1138-486E-91FB-29A0AA1552B4}: NameServer = 202.3.225.115,202.3.225.10,202.3.225.125,202.3.225.20
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\COMBAT~1\A-SQUA~1\a2service.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O24 - Desktop Component 0: (no name) - https://www.telepaiement.cp.finances.gouv.fr/satelit/V1...

    --
    End of file - 14294 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Norton Security Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-26 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-01-26 1968920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-11-11 2436160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-26 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-11-11 2436160]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-01-26 1968920]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
    "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-03 458752]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-18 7585792]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-18 86016]
    "nwiz"=nwiz.exe /installquiet /nodetect []
    "MsmqIntCert"=regsvr32 /s mqrt.dll []
    "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-06-02 61952]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-04-01 761946]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-11 102400]
    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840]
    "Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-05-30 40960]
    "RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
    "EPSON Stylus CX3600 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE [2004-03-04 98304]
    "AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2007-04-30 468480]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-26 1601304]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-04-21 94208]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 []
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-11-12 68856]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2007-08-31 1460560]
    "LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-01-06 20480]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-06 21898024]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    CallCenter Printer Interface.lnk - C:\Program Files\V3CallCenter\V3faxecp.exe
    Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    NkvMon.exe.lnk - C:\Program Files\Nikon\NkView6\NkvMon.exe

    C:\Documents and Settings\david genot\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-01-26 10520]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=FFFFFFFF
    "NoDriveTypeAutoRun"=36

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
    "C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser"
    "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\1exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\1exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\56exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\56exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\36exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\36exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\43exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\43exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\92exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\92exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\28exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\28exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\59exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\59exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\9exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\9exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\6exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\6exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\76exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\76exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\38exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\38exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\27ex
    Contenus similaires
    a c 267 8 Sécurité
    a b 9 Windows
    30 Janvier 2009 11:25:15

    Le rapport log n'est pas complet, peux-tu le reposter ?
    30 Janvier 2009 15:46:07

    Salut le voici


    Logfile of random's system information tool 1.05 (written by random/random)
    Run by david genot at 2009-01-30 03:18:07
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 31 GB (37%) free of 86 GB
    Total RAM: 2047 MB (55% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 03:18:32, on 30/01/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\COMBAT~1\A-SQUA~1\a2service.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\V3CallCenter\V3faxecp.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\david genot\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\david genot.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/ServiceLogin?service=to...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=22028
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
    O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\RunServices: [nx] C:\WINDOWS\system32\nx.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Program Files\V3CallCenter\V3faxecp.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    O15 - Trusted Zone: http://www.achatvip.com
    O15 - Trusted Zone: http://home.spaces.live.com
    O15 - Trusted Zone: http://www.secuser.com
    O15 - Trusted Zone: http://www.vente-privee.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-dbbd7c4540ea6df2.spaces.live.com/PhotoUpload...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4EE35025-1138-486E-91FB-29A0AA1552B4}: NameServer = 202.3.225.115,202.3.225.10,202.3.225.125,202.3.225.20
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\COMBAT~1\A-SQUA~1\a2service.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O24 - Desktop Component 0: (no name) - https://www.telepaiement.cp.finances.gouv.fr/satelit/V1...

    --
    End of file - 14294 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Norton Security Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-26 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-01-26 1968920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-11-11 2436160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-26 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-11-11 2436160]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-01-26 1968920]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
    "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-03 458752]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-18 7585792]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-18 86016]
    "nwiz"=nwiz.exe /installquiet /nodetect []
    "MsmqIntCert"=regsvr32 /s mqrt.dll []
    "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-06-02 61952]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-04-01 761946]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-11 102400]
    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840]
    "Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-05-30 40960]
    "RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
    "EPSON Stylus CX3600 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE [2004-03-04 98304]
    "AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2007-04-30 468480]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-26 1601304]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-04-21 94208]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 []
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-11-12 68856]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2007-08-31 1460560]
    "LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-01-06 20480]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-06 21898024]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    CallCenter Printer Interface.lnk - C:\Program Files\V3CallCenter\V3faxecp.exe
    Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    NkvMon.exe.lnk - C:\Program Files\Nikon\NkView6\NkvMon.exe

    C:\Documents and Settings\david genot\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-01-26 10520]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=FFFFFFFF
    "NoDriveTypeAutoRun"=36

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
    "C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser"
    "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\1exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\1exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\56exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\56exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\36exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\36exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\43exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\43exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\92exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\92exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\28exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\28exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\59exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\59exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\9exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\9exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\6exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\6exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\76exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\76exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\38exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\38exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\27exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\27exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\86exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\86exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\97exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\97exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\96exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\96exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\21exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\21exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\84exinjs.a4.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\84exinjs.a4.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\57exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\57exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\39exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\39exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\2exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\2exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\58exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\58exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\48exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\48exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\40exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\40exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\77exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\77exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\54exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\54exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\5exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\5exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\93exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\93exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\61exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\61exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\3exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\3exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a5.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a5.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\90exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\90exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\8exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\8exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\74exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\74exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\67exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\67exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\60exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\60exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\37exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\37exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\73exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\73exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\55exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\55exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\66exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\66exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\29exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\29exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\23exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\23exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\45exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\45exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\11exinjs.a6.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\11exinjs.a6.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a7.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a7.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a7.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a7.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\34exinjs.a7.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\34exinjs.a7.exe:*:Enabled:Microsoft Update"
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a7.exe"="C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a7.exe:*:Enabled:Microsoft Update"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480


    ======List of files/folders created in the last 1 months======

    2009-01-30 03:18:07 ----D---- C:\rsit
    2009-01-28 12:07:22 ----HD---- C:\$AVG8.VAULT$
    2009-01-26 00:05:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-01-26 00:05:13 ----D---- C:\Documents and Settings\david genot\Application Data\AVGTOOLBAR
    2009-01-26 00:04:30 ----A---- C:\WINDOWS\system32\avgfwdx.dll
    2009-01-26 00:04:27 ----D---- C:\Program Files\AVG
    2009-01-26 00:04:26 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-01-25 22:59:25 ----D---- C:\Documents and Settings\david genot\Application Data\Grisoft

    ======List of files/folders modified in the last 1 months======

    2009-01-30 03:18:06 ----D---- C:\WINDOWS\Prefetch
    2009-01-30 03:14:43 ----D---- C:\WINDOWS\Temp
    2009-01-30 03:07:09 ----D---- C:\Program Files\Mozilla Firefox
    2009-01-30 02:47:23 ----D---- C:\Documents and Settings\david genot\Application Data\Skype
    2009-01-30 00:08:06 ----D---- C:\Documents and Settings\david genot\Application Data\skypePM
    2009-01-30 00:07:05 ----D---- C:\WINDOWS
    2009-01-28 00:49:21 ----D---- C:\WINDOWS\system32
    2009-01-28 00:49:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-01-28 00:46:38 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
    2009-01-28 00:45:49 ----D---- C:\WINDOWS\Registration
    2009-01-28 00:45:46 ----A---- C:\hpqp.ini
    2009-01-28 00:44:20 ----A---- C:\XP_TV.ini
    2009-01-27 08:22:48 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-01-26 00:12:22 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-01-26 00:05:49 ----D---- C:\Documents and Settings
    2009-01-26 00:05:27 ----D---- C:\WINDOWS\system32\drivers
    2009-01-26 00:04:37 ----HD---- C:\WINDOWS\inf
    2009-01-26 00:04:27 ----RD---- C:\Program Files
    2009-01-26 00:04:16 ----SHD---- C:\WINDOWS\Installer
    2009-01-26 00:04:16 ----D---- C:\WINDOWS\WinSxS
    2009-01-26 00:04:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-01-26 00:04:16 ----D---- C:\Config.Msi
    2009-01-25 23:59:27 ----SD---- C:\Documents and Settings\david genot\Application Data\Microsoft
    2009-01-19 21:18:17 ----D---- C:\Documents and Settings\david genot\Application Data\ZoomBrowser EX
    2009-01-19 21:18:12 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2009-01-17 06:08:29 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-01-17 06:07:51 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-01-17 06:07:25 ----D---- C:\Program Files\Adobe
    2009-01-16 08:14:05 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-01-03 20:25:22 ----D---- C:\WINDOWS\Minidump
    2009-01-03 20:25:22 ----D---- C:\WINDOWS\Debug

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-26 325128]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-26 27656]
    R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-26 107272]
    R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
    R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2008-05-06 16512]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-14 12672]
    R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ; C:\WINDOWS\System32\Drivers\5U870CAP.sys [2006-06-06 61952]
    R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2006-06-09 19200]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-25 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
    R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-26 29208]
    R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-04-28 429184]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
    R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
    R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-06-02 572928]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-19 995712]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-19 208000]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
    R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-25 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-18 3687552]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-03 34176]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-03 13056]
    R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-06 11136]
    R3 pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-04-13 47360]
    R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-11-28 10368]
    R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
    R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
    R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-01 51584]
    R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
    R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2006-03-25 67584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-04-01 193056]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-25 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-19 727296]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
    S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
    S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-26 29208]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
    S3 HidIr;Pilote HID infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\hidir.sys [2005-06-29 19200]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 IrBus;Pilote de filtre de bus infrarouge pour les contrôles distants eHome; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2005-06-29 46592]
    S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
    S3 MODBDA2;DiBcom MOD3000 TV receiver; C:\WINDOWS\System32\Drivers\modbda2.sys [2006-07-16 32128]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 31547]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2006-03-25 11136]
    S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2006-03-25 10240]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
    S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
    S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752]
    S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008]
    S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
    S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240]
    S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088]
    S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2free;a-squared Free Service; C:\COMBAT~1\A-SQUA~1\a2service.exe [2009-01-27 419448]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-26 903960]
    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-26 298264]
    R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-01-26 1339600]
    R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
    R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
    R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
    R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
    R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
    R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2004-08-19 4608]
    R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2004-08-19 117248]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-18 143426]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-03-17 72704]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-11 138168]
    S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMConnectCDS;Service Windows Media Connect; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 856064]

    -----------------EOF-----------------


    Bonne journée
    a c 267 8 Sécurité
    a b 9 Windows
    30 Janvier 2009 16:08:01

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    31 Janvier 2009 00:53:08

    Hello, voici le rapport



    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1710
    Windows 5.1.2600 Service Pack 2

    31/01/2009 00:39:56
    mbam-log-2009-01-31 (00-39-56).txt

    Type de recherche: Examen rapide
    Eléments examinés: 54186
    Temps écoulé: 6 minute(s), 13 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)


    Bon courage
    a c 267 8 Sécurité
    a b 9 Windows
    31 Janvier 2009 01:19:10

    1/

  • Démarre Spybot, clique sur Mode, coche Mode avancé.
  • A gauche, clique sur Outils, puis sur Résident.
  • Décoche la case devant Résident "TeaTimer" :

  • Quitte Spybot.


    2/

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\1exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\56exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\36exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\43exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\92exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\28exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\59exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\9exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\6exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\76exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\38exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\27exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\86exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\97exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\96exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\21exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\84exinjs.a4.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\57exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\39exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\2exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\58exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\48exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\40exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\77exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\54exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\5exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\93exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\61exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\3exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a5.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\90exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\8exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\74exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\67exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\60exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\37exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\73exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\55exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\66exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\29exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\23exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\45exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\11exinjs.a6.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a7.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a7.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\34exinjs.a7.exe"=-
    "C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a7.exe"=-

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    31 Janvier 2009 03:39:08

    voici ce que tu m'as demandé



    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== REGISTRY ==========
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\1exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\56exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\36exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\43exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\92exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\28exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\59exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\9exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\6exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\76exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\38exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\27exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\86exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\97exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\96exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\21exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\84exinjs.a4.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\57exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\39exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\2exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\58exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\19exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\17exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\48exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\49exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\95exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\40exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\77exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\54exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\5exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\93exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\61exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\3exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\51exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a5.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\15exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\90exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\10exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\8exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\70exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\7exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\74exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\78exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\88exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\67exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\60exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\37exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\89exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\73exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\18exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\75exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\55exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\66exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\91exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\82exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\29exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\72exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\23exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\45exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\4exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\69exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\98exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\11exinjs.a6.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\64exinjs.a7.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\22exinjs.a7.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\34exinjs.a7.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\12exinjs.a7.exe deleted successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\etilqs_3oJENdDETxaB9hMBiiRo scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\IadHide4.dll scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFA37F.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFEAB1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFEAC5.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFFA41.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFFA55.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\529eec9f-2178-4cf5-bb95-35bd5a9a86ed.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\7ed07acd-53ef-4ed6-b1ab-8f1a470102a1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_198.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01312009_032109

    Files moved on Reboot...
    File C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\etilqs_3oJENdDETxaB9hMBiiRo not found!
    DllUnregisterServer procedure not found in C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\IadHide4.dll
    C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\IadHide4.dll NOT unregistered.
    C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\IadHide4.dll moved successfully.
    File C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFA37F.tmp not found!
    File C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFEAB1.tmp not found!
    File C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFEAC5.tmp not found!
    File C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFFA41.tmp not found!
    File C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~DFFA55.tmp not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
    C:\WINDOWS\temp\529eec9f-2178-4cf5-bb95-35bd5a9a86ed.tmp moved successfully.
    C:\WINDOWS\temp\7ed07acd-53ef-4ed6-b1ab-8f1a470102a1.tmp moved successfully.
    C:\WINDOWS\temp\Perflib_Perfdata_198.dat moved successfully.
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\XUL.mfl moved successfully.
    a c 267 8 Sécurité
    a b 9 Windows
    31 Janvier 2009 03:41:16

  • Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)

  • En bas à droite, clique sur Démarrer Online-scanner.

  • Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

  • Accepte les Contrôles ActiveX.

  • Choisis Poste de travail pour le scan.

  • Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

  • Pour t'aider à utiliser le scan en ligne : Tutoriel

    Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.
    31 Janvier 2009 07:14:00

    -------------------------------------------------------------------------------
    KASPERSKY ON-LINE SCANNER REPORT
    Saturday, January 31, 2009 7:12:06 AM
    Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.84.2
    Dernière mise à jour de la base antivirus Kaspersky : 31/01/2009
    Enregistrements dans la base antivirus Kaspersky : 1730568
    -------------------------------------------------------------------------------

    Paramètres d'analyse:
    Analyser avec la base antivirus suivante: étendue
    Analyser les archives: vrai
    Analyser les bases de messagerie: vrai

    Cible de l'analyse - Poste de travail:
    C:\
    D:\
    E:\
    F:\

    Statistiques de l'analyse:
    Total d'objets analysés: 92417
    Nombre de virus trouvés: 1
    Nombre d'objets infectés: 2 / 0
    Nombre d'objets suspects: 0
    Durée de l'analyse: 01:52:29

    Nom de l'objet infecté / Nom du virus / Dernière action
    C:\combattre les virus\a-squared Free\Quarantine\c27961de856fd71b2e1d035fa7c51c1b.a2q/Documents and Settings/david genot/Application Data/WinButler/WinBuninstaller.exe Infecté : Trojan-Downloader.Win32.Agent.dwe ignoré
    C:\combattre les virus\a-squared Free\Quarantine\c27961de856fd71b2e1d035fa7c51c1b.a2q ZIP: infecté - 1 ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Antispam\scoffset.bin.incr L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\AvgAm\avgam.lck L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\emc\Log\emc.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgam.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcfg.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcore.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgfw8u.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avglng.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgns.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgrs.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgsched.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgsrm.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgui.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgwd.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\commonpriv.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\commonpub.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\cert8.db L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\content-prefs.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\cookies.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\downloads.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\formhistory.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\key3.db L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\parent.lock L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\permissions.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\places.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\places.sqlite-journal L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\search.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\call256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\callmember256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\chat512.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\chatmember256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\chatmsg1024.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\chatmsg256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\chatmsg512.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\contactgroup256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\dyncontent\bundle.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\index2.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\profile4096.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\transfer256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\transfer512.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\user1024.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\user16384.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\user256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\user4096.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Application Data\Skype\soltasia\voicemail256.dbb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\dfsr.db L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\fsr.log L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\fsrtmp.log L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Messenger\amelie.david.genot@hotmail.fr\SharingMetadata\Working\database_1E92_101F_7F89_EEC2\tmp.edb L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Windows Live Contacts\amelie.david.genot@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Microsoft\Windows Live Contacts\amelie.david.genot@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Application Data\Mozilla\Firefox\Profiles\5un3and1.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Temp\etilqs_16qQHghmL4a35geGy4vO L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Temp\~DF9353.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Temp\~DF9370.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Temp\~DF9F80.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Temp\~DF9F94.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Local Settings\Temp\~DFD729.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\ntuser.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\david genot\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\chandir.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\chandir.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\chn.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\chn.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\D0000000.FCS L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\inuse.txt L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\L0000006.FCS L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\main.log L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_die.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_die.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_dnd.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_dnd.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_ext.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_ext.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_rcv.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\prs_rcv.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\storydb.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\david genot\Data\storydb.idx L'objet est verrouillé ignoré
    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP415\change.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt L'objet est verrouillé ignoré
    C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{60E70589-DA26-409F-A64C-0B3A4F008FF3}.crmlog L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\MsDtc\MSDTC.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\msmq\storage\QMLog L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\36f341b4-7a3b-4e63-88fd-1fa7754cafc0.tmp L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\8024cec1-031e-4978-97f1-6f42d5258ff2.tmp L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\Perflib_Perfdata_1d0.dat L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
    D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    Analyse terminée.
    a c 267 8 Sécurité
    a b 9 Windows
    31 Janvier 2009 23:05:55

    Tu as toujours des alertes ?

    Ne laisse pas deux antivirus.
    1 Février 2009 02:53:43

    Bonjour, je n'ai plus de message d'alerte, donc j'ai supprimé AVG.

    Merci de ton aide, car je ne savais pas quoi faire.
    a c 267 8 Sécurité
    a b 9 Windows
    1 Février 2009 15:33:11

    ---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
    (Sur le site, il faut cliquer sur Download Windows Binary (.zip file))
  • Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
  • Double-clique sur le répertoire JavaRa.
  • Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
  • Choisis Français puis clique sur Select.
  • Clique sur Recherche de mises à jour.
  • Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
  • Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
  • L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
  • Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
  • Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
  • Ferme l'application.

    Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
    2 Février 2009 00:41:09

    le voici



    JavaRa 1.13 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Feb 02 00:30:02 2009

    Found and removed: C:\Program Files\Java\jre1.5.0_06

    Found and removed: C:\Program Files\Java\jre1.6.0_01

    Found and removed: C:\Program Files\Java\jre1.6.0_03

    Found and removed: C:\Program Files\Java\jre1.6.0_05

    Found and removed: Software\JavaSoft\Java2D\1.5.0_06

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

    Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

    Found and removed: Software\Classes\JavaPlugin.160_01

    Found and removed: Software\Classes\JavaPlugin.160_03

    Found and removed: Software\Classes\JavaPlugin.160_05

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

    Found and removed: Software\JavaSoft\Java2D\1.6.0_01

    Found and removed: Software\JavaSoft\Java2D\1.6.0_03

    Found and removed: Software\JavaSoft\Java2D\1.6.0_05

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

    ------------------------------------

    Finished reporting.



    JavaRa 1.13 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Feb 02 00:39:01 2009

    Found and removed: C:\Program Files\Java\jre1.6.0_05

    Found and removed: C:\Program Files\Java\jre1.6.0_07

    ------------------------------------

    Finished reporting.



    a c 267 8 Sécurité
    a b 9 Windows
    2 Février 2009 00:47:09

    1/

  • Désinstalle HijackThis.
  • Supprime JavaRa.
  • Mets à jour Internet Explorer.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

  • Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


    ==Prévention==

    Je te conseille de remplacer Avast par Antivir.

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant sur Internet ;) 
    2 Février 2009 05:41:08

    Voici le rapport, antivir installé, noscript ok, le reste il faut que je l'étudie
    Merci





    [ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

    -->- Recherche:

    C:\_OtMoveIt: trouvé !
    C:\Rsit: trouvé !
    C:\combattre les virus\Dss.exe: trouvé !
    C:\combattre les virus\MsnFix: trouvé !
    C:\Deckard\System Scanner\20080305042711\backup\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~aupbdzn.tmp\HijackThis.exe: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Hijackthis Version Française\hijackthis.log: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
    C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
    C:\WINDOWS\msnfix.txt: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\combattre les virus\Dss.exe: supprimé !
    C:\Deckard\System Scanner\20080305042711\backup\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\~aupbdzn.tmp\HijackThis.exe: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\Program Files\Hijackthis Version Française\hijackthis.log: supprimé !
    C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
    C:\WINDOWS\msnfix.txt: supprimé !
    C:\_OtMoveIt: supprimé !
    C:\Rsit: supprimé !
    C:\combattre les virus\MsnFix: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Program Files\Navilog1: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    a c 267 8 Sécurité
    a b 9 Windows
    2 Février 2009 12:59:42

    Tu peux supprimer ToolsCleaner.

    Des questions ?
    2 Février 2009 15:43:50

    non, pas de questions, juste un grand merci car sans ton aide, je crois que je n'aurai plus de PC.

    Chao
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS