Besoin de retirer le virus gameraving toolbar!!

Bonjour,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-05 02:50:30
Microsoft Windows XP Professional Service Pack 3
System drive C: has 87 GB (84%) free of 104 GB
Total RAM: 2023 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:51:05, on 5/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\Documents and Settings\All Users\Application Data\QuestService\questservice115.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Novadigm\ManagementAgent\nvdkit.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\system32\AccelerometerSt.exe
C:\WINDOWS\snuvcdsm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\QuestService\questservice.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\documents and settings\administrator\local settings\application data\kifbavc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.2.0.2150\wso.dll
O3 - Toolbar: GameRaving Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvb0.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
O4 - HKLM\..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [Vodafone Mobile Connect] "C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe" -a
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kifbavc] "c:\documents and settings\administrator\local settings\application data\kifbavc.exe" kifbavc
O4 - HKCU\..\Run: [VideoBarApp] C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvbapp.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestService\questservice115.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Radia Management Agent (rma) - Unknown owner - C:/Novadigm/ManagementAgent/nvdkit.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe

--
End of file - 15225 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
Automated Content Enhancer - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll [2009-12-29 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}]
Customized Platform Advancer - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll [2009-12-29 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
Content Management Wizard - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll [2009-12-30 1323008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
Textual Content Provider - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll [2009-12-30 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 71192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}]
Web Search Operator - C:\Program Files\Web Search Operator\4.2.0.2150\wso.dll [2009-12-29 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - GameRaving Toolbar - C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvb0.dll [2009-12-30 1290240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"TabletWizard"=C:\WINDOWS\help\SplshWrp.exe [2008-04-14 16384]
"TabletTip"=C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe [2008-04-14 271872]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"atchk"=C:\Program Files\Intel\AMT\atchk.exe [2007-05-01 404248]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
"CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
"AccelerometerSysTrayApplet"=C:\WINDOWS\system32\AccelerometerSt.exe [2007-05-14 124928]
"snp2uvc"=C:\WINDOWS\vsnp2uvc.exe []
"tsnp2uvc"=C:\WINDOWS\tsnp2uvc.exe []
"snuvcdsm"=C:\WINDOWS\snuvcdsm.exe [2007-05-23 20480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-14 138008]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-14 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-14 138008]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2007-05-03 57344]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
""= []
"AT&T Communication Manager"=C:\Program Files\AT&T\Communication Manager\ATTCM.exe [2007-06-14 22528]
"Vodafone Mobile Connect"=C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe [2007-07-31 81920]
"AirCardEnabler"= []
"WatcherHelper"=C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe [2007-07-24 120352]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-01 149280]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2007-02-02 1116920]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2007-05-23 192512]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-15 194104]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"Internet Today Task"=C:\Program Files\Internet Today\1.2.0.1420\InternetToday.exe []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"kifbavc"=c:\documents and settings\administrator\local settings\application data\kifbavc.exe [2009-12-12 409600]
"VideoBarApp"=C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvbapp.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\WINDOWS\system32\DeviceNP.dll [2007-04-30 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\loginkey]
C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll [2008-04-14 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [2007-02-07 74240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TabBtnWL]
C:\WINDOWS\system32\TabBtnWL.dll [2002-08-29 11776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpgwlnotify]
C:\WINDOWS\system32\tpgwlnot.dll [2008-04-14 32256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=SbHpNp
scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
""=""
"C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe"="C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe:*:Enabled:SwiApiMux"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-01-05 02:50:32 ----D---- C:\Program Files\trend micro
2010-01-05 02:50:30 ----D---- C:\rsit
2010-01-05 02:07:44 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-01-05 02:04:39 ----D---- C:\Program Files\Windows Defender
2010-01-05 00:43:42 ----D---- C:\WINDOWS\ie8updates
2010-01-05 00:41:19 ----D---- C:\WINDOWS\WBEM
2010-01-05 00:37:02 ----HDC---- C:\WINDOWS\ie8
2010-01-04 23:02:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-04 23:02:21 ----D---- C:\Program Files\Alwil Software
2010-01-04 22:45:53 ----D---- C:\WINDOWS\system32\appmgmt
2010-01-04 21:52:31 ----D---- C:\Program Files\QuestService
2010-01-04 21:52:31 ----D---- C:\Documents and Settings\All Users\Application Data\QuestService
2010-01-04 21:52:19 ----D---- C:\Program Files\Textual Content Provider
2010-01-04 21:52:09 ----D---- C:\Program Files\Content Management Wizard
2010-01-04 21:51:59 ----D---- C:\Program Files\Internet Today
2010-01-04 21:51:51 ----D---- C:\Program Files\Customized Platform Advancer
2010-01-04 21:51:43 ----D---- C:\Program Files\Automated Content Enhancer
2010-01-04 21:51:34 ----D---- C:\Program Files\Web Search Operator
2010-01-04 21:51:12 ----D---- C:\Program Files\GameRaving Toolbar
2010-01-04 21:51:02 ----HDC---- C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}
2009-12-27 00:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-12-27 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-12-24 14:15:44 ----D---- C:\WINDOWS\Prefetch
2009-12-24 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2009-12-24 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-24 00:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-24 00:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-24 00:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-24 00:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-12-24 00:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-24 00:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-24 00:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-24 00:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-24 00:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-24 00:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-24 00:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-24 00:39:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-24 00:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-24 00:39:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-24 00:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-24 00:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-24 00:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-24 00:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-24 00:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-24 00:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-24 00:37:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-24 00:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-24 00:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-24 00:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-12-24 00:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-24 00:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-24 00:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-12-24 00:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-24 00:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-24 00:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-24 00:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-24 00:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-24 00:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-24 00:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-24 00:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-24 00:35:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-24 00:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-24 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-24 00:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2009-12-24 00:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-24 00:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-24 00:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-24 00:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-24 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-24 00:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-24 00:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-24 00:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-24 00:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-24 00:30:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-24 00:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-24 00:19:02 ----D---- C:\WINDOWS\system32\scripting
2009-12-24 00:19:02 ----D---- C:\WINDOWS\l2schemas
2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\en
2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\bits
2009-12-24 00:10:05 ----D---- C:\WINDOWS\network diagnostic
2009-12-23 23:58:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-23 23:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-12-23 23:03:20 ----D---- C:\Documents and Settings\Administrator\Application Data\HpUpdate
2009-12-23 23:03:13 ----D---- C:\WINDOWS\Hewlett-Packard
2009-12-15 14:25:14 ----SHD---- C:\RECYCLER
2009-12-13 22:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-12-10 07:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2009-12-10 07:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2009-12-10 07:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB976325_0$
2009-12-10 07:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-10 07:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2009-12-10 07:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2009-12-09 10:13:36 ----D---- C:\Program Files\isee systems
2009-12-09 10:12:21 ----D---- C:\Documents and Settings\Administrator\Application Data\U3
2009-12-08 13:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2009-12-08 13:38:04 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-08 13:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-12-08 13:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB920142$
2009-12-08 00:29:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Windows Live Writer
2009-12-06 09:05:48 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-06 09:05:31 ----D---- C:\Program Files\MSBuild
2009-12-06 09:05:25 ----D---- C:\WINDOWS\system32\en-US
2009-12-06 09:05:06 ----D---- C:\Program Files\Reference Assemblies
2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-06 09:04:09 ----D---- C:\3b1c70944be34a36b107270f
2009-12-06 08:57:22 ----HDC---- C:\WINDOWS\$NtUninstallWIC$

======List of files/folders modified in the last 1 months======

2010-01-05 02:51:06 ----D---- C:\WINDOWS\Temp
2010-01-05 02:50:32 ----RD---- C:\Program Files
2010-01-05 02:08:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-05 02:08:34 ----SD---- C:\WINDOWS\Tasks
2010-01-05 02:07:44 ----D---- C:\WINDOWS\system32
2010-01-05 02:05:28 ----SHD---- C:\WINDOWS\Installer
2010-01-05 02:04:44 ----HD---- C:\WINDOWS\inf
2010-01-05 02:04:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-05 00:49:26 ----D---- C:\WINDOWS
2010-01-05 00:48:38 ----A---- C:\WINDOWS\system32\log.txt
2010-01-05 00:48:09 ----D---- C:\WINDOWS\system32\config
2010-01-05 00:48:02 ----D---- C:\Program Files\Internet Explorer
2010-01-05 00:48:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-05 00:48:01 ----D---- C:\WINDOWS\Help
2010-01-05 00:46:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-05 00:44:14 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-05 00:43:55 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 00:40:46 ----D---- C:\WINDOWS\Media
2010-01-05 00:35:56 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-01-04 23:32:46 ----D---- C:\Program Files\Live-Player
2010-01-04 23:03:08 ----D---- C:\WINDOWS\system32\drivers
2009-12-27 17:20:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-27 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-24 14:18:14 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-24 14:16:10 ----A---- C:\WINDOWS\setuplog.txt
2009-12-24 14:14:47 ----D---- C:\WINDOWS\AppPatch
2009-12-24 14:14:47 ----D---- C:\Program Files\Messenger
2009-12-24 14:14:46 ----D---- C:\WINDOWS\system32\Setup
2009-12-24 14:14:46 ----D---- C:\WINDOWS\ime
2009-12-24 14:14:44 ----D---- C:\WINDOWS\system32\wbem
2009-12-24 14:14:41 ----RSD---- C:\WINDOWS\Fonts
2009-12-24 00:41:58 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-24 00:39:36 ----D---- C:\Program Files\Outlook Express
2009-12-24 00:29:36 ----D---- C:\WINDOWS\security
2009-12-24 00:26:06 ----RSD---- C:\WINDOWS\assembly
2009-12-24 00:20:14 ----D---- C:\WINDOWS\WinSxS
2009-12-24 00:19:47 ----D---- C:\Program Files\Windows Journal
2009-12-24 00:19:24 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-24 00:19:03 ----D---- C:\WINDOWS\system32\usmt
2009-12-24 00:19:01 ----D---- C:\WINDOWS\PeerNet
2009-12-24 00:19:00 ----D---- C:\Program Files\Movie Maker
2009-12-24 00:15:12 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\Restore
2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\npp
2009-12-24 00:14:52 ----D---- C:\WINDOWS\mui
2009-12-24 00:14:49 ----D---- C:\WINDOWS\msagent
2009-12-24 00:14:45 ----D---- C:\WINDOWS\srchasst
2009-12-24 00:14:40 ----D---- C:\Program Files\NetMeeting
2009-12-24 00:14:38 ----D---- C:\WINDOWS\system32\Com
2009-12-24 00:14:33 ----D---- C:\Program Files\Windows Media Player
2009-12-24 00:14:32 ----D---- C:\Program Files\Windows NT
2009-12-24 00:14:24 ----D---- C:\Program Files\Common Files\System
2009-12-24 00:13:44 ----D---- C:\WINDOWS\system32\oobe
2009-12-24 00:13:40 ----D---- C:\WINDOWS\system
2009-12-23 23:58:08 ----D---- C:\WINDOWS\ehome
2009-12-23 23:04:25 ----D---- C:\Program Files\HP
2009-12-09 10:13:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-08 18:47:59 ----D---- C:\WINDOWS\Microsoft.Net
2009-12-08 13:38:09 ----D---- C:\WINDOWS\Debug
2009-12-06 09:04:25 ----D---- C:\WINDOWS\system32\spool

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-04-18 39080]
R1 RsvLock;RsvLock; C:\WINDOWS\system32\drivers\RsvLock.sys [2007-04-26 5808]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-11 21425]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-07-24 22016]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-03-01 289792]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-06-01 145288]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-12 250776]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-03-19 9216]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-04-06 44800]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-04-26 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-04-26 210816]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-16 5707744]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-04-18 41216]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-03-01 2203520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-06-14 26368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-24 1742976]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-01-12 201856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WacomPen;Wacom Serial Pen HID Driver; C:\WINDOWS\system32\DRIVERS\wacompen.sys [2008-04-13 14208]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-04-26 731136]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DAMDrv;DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv.sys [2007-04-23 30008]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 scrswi;Sierra Wireless Smart Card Reader; C:\WINDOWS\system32\DRIVERS\scrswi.sys [2007-03-26 43904]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SWNC8U02;HP hs2300 MUX NDIS Driver (#02); C:\WINDOWS\system32\DRIVERS\SWNC8U02.sys [2007-03-12 102272]
S3 SWUMX02;HP hs2300 USB MUX Driver (#02); C:\WINDOWS\system32\DRIVERS\swumx02.sys [2007-04-10 72576]
S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASBroker;Logon Session Broker; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 atchksrv;Intel(R) Active Management Technology System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-05-01 183064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2007-04-27 221184]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\ifxtcs.exe [2007-05-23 853536]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-01 153376]
R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2007-05-01 121624]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R2 PersonalSecureDriveService;Personal Secure Drive service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-04-18 140832]
R2 QuestService Service;QuestService Service; C:\Documents and Settings\All Users\Application Data\QuestService\questservice115.exe [2009-12-31 58744]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 rma;Radia Management Agent; C:/Novadigm/ManagementAgent/nvdkit.exe []
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
R2 SPCSUtilityService;SPCSUtilityService; C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe [2007-09-05 131072]
R2 SWIHPWMI;SWIHPWMI; C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [2006-12-04 292384]
R2 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Intel\AMT\UNS.exe [2007-05-01 1489688]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
R3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\WINDOWS\system32\flcdlock.exe [2007-04-30 172131]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2010-01-05 02:51:10

======Uninstall list======

-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
-->MsiExec.exe /I{F42051C0-6158-4656-BEF4-C43D5C480DC0}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AT&T Communication Manager-->MsiExec.exe /X{9C41CC3E-CB42-451F-9444-BA75FB12C0AC}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BIOS Configuration for HP ProtectTools-->MsiExec.exe /X{C74D0FA0-1D49-464F-A707-B427EE3385C1}
Credential Manager for HP ProtectTools-->MsiExec.exe /X{BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0}
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
Drive Encryption for HP ProtectTools-->MsiExec.exe /X{F843AC27-704C-4731-A590-F57841B488F2}
Embedded Security for HP ProtectTools-->MsiExec.exe /I{F42CF6B5-8594-4D3A-B96F-30FD3BC1AAA5}
Favorit-->"c:\documents and settings\administrator\local settings\application data\kifbavc.exe" -uninstall
GameRaving Toolbar-->"C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
GameRaving Toolbar-->C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}\Setup.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
HP 3D DriveGuard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{429E92A4-159F-4AEC-85A1-D693E1E4274D}\setup.exe" -l0x9 UNINSTALL
HP Broadband Wireless Modules-->MsiExec.exe /X{E0742446-2B18-4204-8A46-DA70BB003318}
HP Compaq 2710p Notebook PC tour-->MsiExec.exe /I{43DE6934-65F1-4D7B-87E5-3B0297476A37}
HP Connection Manager-->MsiExec.exe /I{BED4104F-2480-421B-BA2F-8D3AC57B8CDB}
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Integrated Module with Bluetooth wireless technology-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
HP ProtectTools Security Manager-->MsiExec.exe /I{2DB165DC-DDB4-403F-B985-19F3EC7D0357}
HP Quick Launch Buttons-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
HP User Guide Bluetooth Addendum 0062-->MsiExec.exe /I{7FD8231E-3991-48D7-A2C8-2C42A7075FB1}
HP User Guides 0066-->MsiExec.exe /I{29BF3B6F-0F0A-428B-B5B2-9DC3E0D091B8}
HP Webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly
HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Active Management Technology Device Software-->C:\WINDOWS\system32\mesoludlg.exe -uninstall
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) Management Engine Interface-->C:\WINDOWS\system32\heciudlg.exe -uninstall
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterVideo DVD Check-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
ithink 8.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F7B424-7780-486C-9B4F-3BF8FFD85A64}\setup.exe" -l0x9
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Live-Player-->C:\Program Files\Live-Player\uninst.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Complete-->C:\Program Files\PDF Complete\pdfiutil.exe /UGUI
Presto! BizCard 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{272253C3-D9DD-4C0C-A586-7E7ABC7E9AA2}\setup.exe" -l0x9 -uninst -removeonly
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
QuestService 1.0 build 115-->C:\Program Files\QuestService\uninstall.exe
RICOH R5C853 Driver Ver.1.00.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpqZ3795\UIU32m.exe -U -IhpqZ3795.inf
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Sprint Mobile Broadband-->MsiExec.exe /I{0669CD2D-A407-48ED-960C-FF1AD0F4F752}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Tablet PC Edition 2005 Multilingual User Interface (MUI) Pack-->MsiExec.exe /I{EFA2630A-CB41-4CAC-8458-7D4EDC9A00E0}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Vodafone Mobile Connect-->MsiExec.exe /X{7AAA82A6-832C-46D1-AC45-5AAEBCEDF922}
VZAccess Manager for HP-->MsiExec.exe /I{BEF3156B-CFC3-4606-B926-D50B07CC3F05}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100104-0]

======System event log======

Computer Name: HP-F33DFECE7FB1
Event Code: 256
Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

Record Number: 1498
Source Name: PlugPlayManager
Time Written: 20091205155255.000000+060
Event Type: warning
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 256
Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

Record Number: 1497
Source Name: PlugPlayManager
Time Written: 20091205155255.000000+060
Event Type: warning
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 256
Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

Record Number: 1496
Source Name: PlugPlayManager
Time Written: 20091205155255.000000+060
Event Type: warning
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 256
Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

Record Number: 1495
Source Name: PlugPlayManager
Time Written: 20091205155255.000000+060
Event Type: warning
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 256
Message: Timed out sending notification of device interface change to window of "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

Record Number: 1494
Source Name: PlugPlayManager
Time Written: 20091205155255.000000+060
Event Type: warning
User:

=====Application event log=====

Computer Name: HP-F33DFECE7FB1
Event Code: 2002
Message: [UNS] Failed to subscribe to local Intel(R) AMT.


Record Number: 284
Source Name: Intel(R) AMT
Time Written: 20090914102156.000000+120
Event Type: error
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 2001
Message: [UNS] Failed to get EAC Status.


Record Number: 280
Source Name: Intel(R) AMT
Time Written: 20090914102151.000000+120
Event Type: warning
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 2002
Message: [UNS] Failed to subscribe to local Intel(R) AMT.


Record Number: 279
Source Name: Intel(R) AMT
Time Written: 20090914102151.000000+120
Event Type: error
User:

Computer Name: HP-F33DFECE7FB1
Event Code: 1517
Message: Windows saved user HP-F33DFECE7FB1\Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 267
Source Name: Userenv
Time Written: 20090911155124.000000+120
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: HP-F33DFECE7FB1
Event Code: 4354
Message: The COM+ Event System failed to fire the Logoff method on subscription {4C2E468D-2D11-43E9-93C0-327D6BAE597E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004005.
Record Number: 266
Source Name: EventSystem
Time Written: 20090911155105.000000+120
Event Type: warning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Hewlett-Packard\IAM\bin;C:\Program Files\Common Files\Roxio Shared\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

-----------------EOF-----------------

merci destrio pr ton aide!!!

Pas mal d'infections.

Désinstalle Favorit et QuestService.

Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)

Choisis la langue F pour français.

Au menu principal, choisis l'option L.

/!\ Laisse travailler l'outil /!\

Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

rebonsoir,
je n'y arrive pas!! mon pc s'éteind à chaque fois quand j'appuie sur le "L"et au démarrage il ne détecte pas le AD-R. par contre là, j'ai essayé de scanner "s" et il est entrain de faire son analyse... c toujours bon?

rebonsoir,
je n'y arrive pas!! mon pc s'éteind à chaque fois quand j'appuie sur le "L"et au démarrage il ne détecte pas le AD-R. par contre là, j'ai essayé de scanner "s" et il est entrain de faire son analyse... c toujours bon?

Ok, fais l'option S puis poste le rapport.

.
======= LOGFILE OF AD-REMOVER 1.1.4.6_G | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 04.01.2010 at 23:37
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 3:31:07, mar. 05/01/2010 | Normal Boot | Option: SCAN
Executed from: C:\Program Files\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: HP-F33DFECE7FB1 | Current user: Administrator

.
============== FOUND ELEMENT(S) ==============
.

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cmw
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\liveplayer_exe.dat
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\liveplayer_skin.dat
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Live-Player
C:\Program Files\Automated Content Enhancer
C:\Program Files\Content Management Wizard
C:\Program Files\Customized Platform Advancer
C:\Program Files\Internet Today
C:\Program Files\Live-Player
C:\Program Files\Textual Content Provider
C:\Program Files\Web Search Operator
C:\DOCUME~1\ADMINI~1\APPLIC~1\live-player
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Today
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider
C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator
C:\DOCUME~1\ALLUSE~1\Desktop\Live-Player.lnk
.
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\software\Automated Content Enhancer
HKCU\software\CMW
HKCU\software\Customized Platform Advancer
HKCU\software\fcn
HKCU\software\Live-Player
HKCU\software\Media Access Startup
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\VideoBarApp
HKCU\software\Web Search Operator
HKLM\software\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\software\appdatalow\software\Internet Today
HKLM\software\Automated Content Enhancer
HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\software\classes\ExplorerBar.CMW
HKLM\software\classes\ExplorerBar.CMW.1
HKLM\software\classes\ExplorerBar.FunExplorer
HKLM\software\classes\ExplorerBar.FunExplorer.1
HKLM\software\classes\ExplorerBar.FunRedirector
HKLM\software\classes\ExplorerBar.FunRedirector.1
HKLM\software\classes\ExplorerBar.TCP
HKLM\software\classes\ExplorerBar.TCP.1
HKLM\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKLM\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKLM\Software\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM\software\Customized Platform Advancer
HKLM\software\Live-Player
HKLM\software\Media Access Startup
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
HKLM\software\microsoft\windows\currentversion\uninstall\Live-Player
HKLM\Software\Mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}
HKLM\Software\Mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}
HKLM\Software\Mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}
HKLM\software\Web Search Operator
HKU\s-1-5-21-1482476501-1958367476-725345543-500\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Automated Content Enhancer
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\CMW
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Customized Platform Advancer
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\fcn
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Live-Player
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Media Access Startup
HKU\s-1-5-21-1482476501-1958367476-725345543-500\software\Web Search Operator
.
============== Added scan ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://www.google.be/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Bar: hxxp://search.msn.fr/spbasic.htm
Use Custom Search URL: 1 (0x1)
Enable Browser Extensions: yes
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
7697 Byte(s) - C:\Ad-Report-SCAN[1].log
.
1561 File(s) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
511 File(s) - C:\WINDOWS\Temp
129 File(s) - C:\WINDOWS\Prefetch
.
1 File(s) - C:\Program Files\Ad-Remover\BACKUP
0 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
End at: 3:36:23 | mar. 05/01/2010 - SCAN[1]
.
============== E.O.F ==============
.

voilà!!! ne rigole pas mais franchement, je m'épate! jamais j'aurais cru pouvoir faire ça un jour, moi la nullleee en informatique! :-)

Tu ne peux pas faire l'option L ?

non... le pc me demande de redemarrer le pc, je n ai pas le choix, je dois appuier sur ok. ensuite au redémarrage, il ne trouve pas le ad-r, il me demande de le chercher moi meme. je ne sais pas si je me ss bien fait comprendre.... sorry :-(

et je n ai pas pu mettre la lettre f non plus, ct automatiquement en anglais.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3495
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/01/2010 4:05:42
mbam-log-2010-01-05 (04-05-42).txt

Type de recherche: Examen rapide
Eléments examinés: 114149
Temps écoulé: 14 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 9
Clé(s) du Registre infectée(s): 67
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 45
Fichier(s) infecté(s): 226

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Web Search Operator\4.2.0.2150\WSOCommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACECommon.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\lri.dll (Adware.Agent) -> Delete on reboot.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPACommon.dll (Adware.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f5b8c69c-9b45-4a6a-9380-df225c546ae7} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{629cd6c2-e4c5-4554-aeb8-12e4e2cd40ff} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{2a743834-05f4-4ed4-8a1c-41332b10ac0c} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1081d532-7de4-40bd-b912-388fa6b27c78} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5297e905-1dfb-4a9c-9871-a4f95fd58945} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\videobarapp (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Adware.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\cmw\newSetup (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator\4.2.0.2150 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\GameRaving Toolbar\2.2.0.7580\mvb0.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ExtractZipFile.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_RSS.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.2.0.1420\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\lri.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\WSOCommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\4.2.0.2150\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_DomainInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.2.0.2040\data\TP_KeywordInterval.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACECommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\lri.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\lri.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\LRI.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.2.0.2080\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-215145.507.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-215723.569.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-215733.960.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-220144.616.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222611.085.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222613.866.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222735.538.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-222943.023.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223048.648.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223223.726.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223335.523.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223457.866.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223731.507.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223839.241.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-223950.913.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-224505.382.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-224900.288.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225109.444.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225218.710.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225437.851.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225759.976.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225849.601.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100104-225924.429.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-003032.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-003032.749.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-003645.630.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-005116.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010636.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010636.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010757.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-010804.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-011829.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-012111.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-013355.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-013512.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-013614.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-014231.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-014411.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-021039.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-021210.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-021403.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-023844.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-031203.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-032744.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-033148.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\NP_20100105-033824.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Automated Content Enhancer\4.2.0.5360\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-215153.335.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-215723.694.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-215734.116.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-220144.741.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222611.194.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222613.991.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222735.648.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-222943.132.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223048.773.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223223.835.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223335.648.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223457.976.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223731.632.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223839.366.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-223951.023.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-224505.507.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-224900.398.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225109.569.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225218.819.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225437.960.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225800.085.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225849.726.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100104-225924.554.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-003032.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-003032.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-003645.802.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-005120.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010639.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010639.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010758.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-010805.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-011829.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-012111.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-013356.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-013513.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-013615.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-014232.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-014411.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-021040.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-021211.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-021403.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-023844.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-031203.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-032751.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-033148.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Customized Platform Advancer\4.2.0.2050\HJHP_20100105-033824.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_Data.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_DomainInterval.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Textual Content Provider\1.2.0.2040\Data\TP_KeywordInterval.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Web Search Operator\4.2.0.2150\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.

je n'arrive toujours pas à le supprimer de la liste dans le panneau de configuration... de plus j'ai l'impression qu'il m'a ramené toutes les publicités intempestives du monde!! mon pc est devenu lent !!! grrrrrr merci encore pr ton aide !!!

Tu as redémarré le PC comme demandé ?

oui!

Relance MBAM, va dans Quarantaine et supprime tout.

L'option L d'Ad-Remover ne fonctionne toujours pas ?

non toujours pas... j'ai relancé AD-R, j'ai mis L, puis le pc a redemarré, et au démarage, ilme met toujours: impossible de trouver le fichier dans c:....

Refais un scan RSIT et poste le rapport log.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-05 05:01:54
Microsoft Windows XP Professional Service Pack 3
System drive C: has 87 GB (84%) free of 104 GB
Total RAM: 2023 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:02:04, on 5/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Novadigm\ManagementAgent\nvdkit.exe
C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\WINDOWS\system32\AccelerometerSt.exe
C:\WINDOWS\snuvcdsm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
O4 - HKLM\..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [Vodafone Mobile Connect] "C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe" -a
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Radia Management Agent (rma) - Unknown owner - C:/Novadigm/ManagementAgent/nvdkit.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe

--
End of file - 13524 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 71192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-01 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"TabletWizard"=C:\WINDOWS\help\SplshWrp.exe [2008-04-14 16384]
"TabletTip"=C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe [2008-04-14 271872]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"atchk"=C:\Program Files\Intel\AMT\atchk.exe [2007-05-01 404248]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
"CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
"AccelerometerSysTrayApplet"=C:\WINDOWS\system32\AccelerometerSt.exe [2007-05-14 124928]
"snp2uvc"=C:\WINDOWS\vsnp2uvc.exe []
"tsnp2uvc"=C:\WINDOWS\tsnp2uvc.exe []
"snuvcdsm"=C:\WINDOWS\snuvcdsm.exe [2007-05-23 20480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-14 138008]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-14 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-14 138008]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2007-05-03 57344]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
""= []
"AT&T Communication Manager"=C:\Program Files\AT&T\Communication Manager\ATTCM.exe [2007-06-14 22528]
"Vodafone Mobile Connect"=C:\Program Files\Vodafone\Mobile Connect Embedded\VodafoneMC.exe [2007-07-31 81920]
"AirCardEnabler"= []
"WatcherHelper"=C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe [2007-07-24 120352]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-01 149280]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2007-02-02 1116920]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2007-05-23 192512]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-15 194104]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\WINDOWS\system32\DeviceNP.dll [2007-04-30 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\loginkey]
C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll [2008-04-14 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [2007-02-07 74240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TabBtnWL]
C:\WINDOWS\system32\TabBtnWL.dll [2002-08-29 11776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpgwlnotify]
C:\WINDOWS\system32\tpgwlnot.dll [2008-04-14 32256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=SbHpNp
scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
""=""
"C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe"="C:\Program Files\HPQ\HP Connection Manager\SwiApiMux.exe:*:Enabled:SwiApiMux"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eda0bf50-9ebc-11de-b858-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480


======List of files/folders created in the last 1 months======

2010-01-05 03:49:14 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2010-01-05 03:49:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-05 03:49:06 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-05 02:50:32 ----D---- C:\Program Files\trend micro
2010-01-05 02:50:30 ----D---- C:\rsit
2010-01-05 02:07:44 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-01-05 02:04:39 ----D---- C:\Program Files\Windows Defender
2010-01-05 00:43:42 ----D---- C:\WINDOWS\ie8updates
2010-01-05 00:41:19 ----D---- C:\WINDOWS\WBEM
2010-01-05 00:37:02 ----HDC---- C:\WINDOWS\ie8
2010-01-04 23:02:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-04 23:02:21 ----D---- C:\Program Files\Alwil Software
2010-01-04 22:45:53 ----D---- C:\WINDOWS\system32\appmgmt
2010-01-04 21:51:12 ----D---- C:\Program Files\GameRaving Toolbar
2010-01-04 21:51:02 ----HDC---- C:\Documents and Settings\All Users\Application Data\{48AECF59-0268-47F9-86A0-AFE0790C3969}
2009-12-27 00:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-12-27 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-12-24 14:15:44 ----D---- C:\WINDOWS\Prefetch
2009-12-24 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2009-12-24 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-24 00:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-24 00:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-24 00:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-24 00:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-12-24 00:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-24 00:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-24 00:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-24 00:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-24 00:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-24 00:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-24 00:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-24 00:39:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-24 00:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-24 00:39:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-24 00:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-24 00:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-24 00:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-24 00:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-24 00:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-24 00:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-24 00:37:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-24 00:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-24 00:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-24 00:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-12-24 00:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-24 00:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-24 00:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-12-24 00:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-24 00:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-24 00:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-24 00:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-24 00:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-24 00:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-24 00:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-24 00:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-24 00:35:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-24 00:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-24 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-24 00:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2009-12-24 00:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-24 00:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-24 00:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-24 00:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-24 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-24 00:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-24 00:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-24 00:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-24 00:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-24 00:30:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-24 00:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-24 00:19:02 ----D---- C:\WINDOWS\system32\scripting
2009-12-24 00:19:02 ----D---- C:\WINDOWS\l2schemas
2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\en
2009-12-24 00:19:01 ----D---- C:\WINDOWS\system32\bits
2009-12-24 00:10:05 ----D---- C:\WINDOWS\network diagnostic
2009-12-23 23:58:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-23 23:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-12-23 23:03:20 ----D---- C:\Documents and Settings\Administrator\Application Data\HpUpdate
2009-12-23 23:03:13 ----D---- C:\WINDOWS\Hewlett-Packard
2009-12-15 14:25:14 ----SHD---- C:\RECYCLER
2009-12-13 22:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-12-10 07:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2009-12-10 07:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2009-12-10 07:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB976325_0$
2009-12-10 07:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-10 07:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2009-12-10 07:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2009-12-09 10:13:36 ----D---- C:\Program Files\isee systems
2009-12-09 10:12:21 ----D---- C:\Documents and Settings\Administrator\Application Data\U3
2009-12-08 13:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2009-12-08 13:38:04 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-08 13:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-12-08 13:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB920142$
2009-12-08 00:29:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Windows Live Writer
2009-12-06 09:05:48 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-06 09:05:31 ----D---- C:\Program Files\MSBuild
2009-12-06 09:05:25 ----D---- C:\WINDOWS\system32\en-US
2009-12-06 09:05:06 ----D---- C:\Program Files\Reference Assemblies
2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-06 09:04:10 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-06 09:04:09 ----D---- C:\3b1c70944be34a36b107270f
2009-12-06 08:57:22 ----HDC---- C:\WINDOWS\$NtUninstallWIC$

======List of files/folders modified in the last 1 months======

2010-01-05 05:01:58 ----D---- C:\WINDOWS\Temp
2010-01-05 04:54:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-05 04:54:03 ----SD---- C:\WINDOWS\Tasks
2010-01-05 04:51:10 ----A---- C:\WINDOWS\system32\log.txt
2010-01-05 04:51:00 ----D---- C:\WINDOWS
2010-01-05 04:49:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-05 04:49:05 ----RD---- C:\Program Files
2010-01-05 04:08:41 ----D---- C:\WINDOWS\system32\drivers
2010-01-05 02:07:44 ----D---- C:\WINDOWS\system32
2010-01-05 02:05:28 ----SHD---- C:\WINDOWS\Installer
2010-01-05 02:04:44 ----HD---- C:\WINDOWS\inf
2010-01-05 02:04:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-05 00:48:09 ----D---- C:\WINDOWS\system32\config
2010-01-05 00:48:02 ----D---- C:\Program Files\Internet Explorer
2010-01-05 00:48:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-05 00:48:01 ----D---- C:\WINDOWS\Help
2010-01-05 00:44:14 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-05 00:43:55 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 00:40:46 ----D---- C:\WINDOWS\Media
2010-01-05 00:35:56 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-01-04 23:32:46 ----D---- C:\Program Files\Live-Player
2009-12-27 17:20:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-27 00:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-24 14:18:14 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-24 14:16:10 ----A---- C:\WINDOWS\setuplog.txt
2009-12-24 14:14:47 ----D---- C:\WINDOWS\AppPatch
2009-12-24 14:14:47 ----D---- C:\Program Files\Messenger
2009-12-24 14:14:46 ----D---- C:\WINDOWS\system32\Setup
2009-12-24 14:14:46 ----D---- C:\WINDOWS\ime
2009-12-24 14:14:44 ----D---- C:\WINDOWS\system32\wbem
2009-12-24 14:14:41 ----RSD---- C:\WINDOWS\Fonts
2009-12-24 00:41:58 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-24 00:39:36 ----D---- C:\Program Files\Outlook Express
2009-12-24 00:29:36 ----D---- C:\WINDOWS\security
2009-12-24 00:26:06 ----RSD---- C:\WINDOWS\assembly
2009-12-24 00:20:14 ----D---- C:\WINDOWS\WinSxS
2009-12-24 00:19:47 ----D---- C:\Program Files\Windows Journal
2009-12-24 00:19:24 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-24 00:19:03 ----D---- C:\WINDOWS\system32\usmt
2009-12-24 00:19:01 ----D---- C:\WINDOWS\PeerNet
2009-12-24 00:19:00 ----D---- C:\Program Files\Movie Maker
2009-12-24 00:15:12 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\Restore
2009-12-24 00:14:53 ----D---- C:\WINDOWS\system32\npp
2009-12-24 00:14:52 ----D---- C:\WINDOWS\mui
2009-12-24 00:14:49 ----D---- C:\WINDOWS\msagent
2009-12-24 00:14:45 ----D---- C:\WINDOWS\srchasst
2009-12-24 00:14:40 ----D---- C:\Program Files\NetMeeting
2009-12-24 00:14:38 ----D---- C:\WINDOWS\system32\Com
2009-12-24 00:14:33 ----D---- C:\Program Files\Windows Media Player
2009-12-24 00:14:32 ----D---- C:\Program Files\Windows NT
2009-12-24 00:14:24 ----D---- C:\Program Files\Common Files\System
2009-12-24 00:13:44 ----D---- C:\WINDOWS\system32\oobe
2009-12-24 00:13:40 ----D---- C:\WINDOWS\system
2009-12-23 23:58:08 ----D---- C:\WINDOWS\ehome
2009-12-23 23:04:25 ----D---- C:\Program Files\HP
2009-12-09 10:13:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-08 18:47:59 ----D---- C:\WINDOWS\Microsoft.Net
2009-12-08 13:38:09 ----D---- C:\WINDOWS\Debug
2009-12-06 09:04:25 ----D---- C:\WINDOWS\system32\spool

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-04-18 39080]
R1 RsvLock;RsvLock; C:\WINDOWS\system32\drivers\RsvLock.sys [2007-04-26 5808]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-11 21425]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-07-24 22016]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-03-01 289792]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-06-01 145288]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-12 250776]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-03-19 9216]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-04-06 44800]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-04-26 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-04-26 210816]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-16 5707744]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-04-18 41216]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-03-01 2203520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-06-14 26368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-24 1742976]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-01-12 201856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WacomPen;Wacom Serial Pen HID Driver; C:\WINDOWS\system32\DRIVERS\wacompen.sys [2008-04-13 14208]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-04-26 731136]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DAMDrv;DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv.sys [2007-04-23 30008]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 scrswi;Sierra Wireless Smart Card Reader; C:\WINDOWS\system32\DRIVERS\scrswi.sys [2007-03-26 43904]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SWNC8U02;HP hs2300 MUX NDIS Driver (#02); C:\WINDOWS\system32\DRIVERS\SWNC8U02.sys [2007-03-12 102272]
S3 SWUMX02;HP hs2300 USB MUX Driver (#02); C:\WINDOWS\system32\DRIVERS\swumx02.sys [2007-04-10 72576]
S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASBroker;Logon Session Broker; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 atchksrv;Intel(R) Active Management Technology System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-05-01 183064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2007-04-27 221184]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2007-05-23 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\ifxtcs.exe [2007-05-23 853536]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-01 153376]
R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2007-05-01 121624]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R2 PersonalSecureDriveService;Personal Secure Drive service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-04-18 140832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 rma;Radia Management Agent; C:/Novadigm/ManagementAgent/nvdkit.exe []
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
R2 SPCSUtilityService;SPCSUtilityService; C:\Program Files\Sprint-HP\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe [2007-09-05 131072]
R2 SWIHPWMI;SWIHPWMI; C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [2006-12-04 292384]
R2 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Intel\AMT\UNS.exe [2007-05-01 1489688]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\WINDOWS\system32\flcdlock.exe [2007-04-30 172131]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

C'est beaucoup mieux d'après ce rapport.

Tu souhaites conserver Avast ?

qu'en penses tu? je n'avais pas d anti virus. en plus je l ai aussi installé pour empecher les publicités intempestives d'apparaitre... mais en vain! que me proposes tu? tu as quelque chose de meilleur? je n'y connais rien... :-)

Désinstalle Avast.

Installe AntiVir et mets-le à jour.

Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.

Dans AntiVir, choisis Outils puis Configuration.

Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.

Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

Tutoriel : Scanner le(s) disque(s) dur(s)

Je m'absente  

je v dormir, je suis ko... on peut continuer demain? :-)

Pas de souci.

BONSOIR!!! désolée pour l'absence... mais je ss en plein exam et je me ss concentrée sur mes cours... j'ai tj ce virus apparement et me ralentit mon pc! de plus, j'ai tj ces pub intempestives qui rendent mes travaux impossible à réaliser! please helppppppp merci:-)

Tu as fait la manip' avec AntiVir ?

je ss entrain de vérifier le système intégral... je te poste le rapport dès que c finit... :-(

Avira AntiVir Personal
Date de création du fichier de rapport : 10 January 2010 03:52

La recherche porte sur 1499407 souches de virus.

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur : HP-F33DFECE7FB1

Informations de version :
BUILD.DAT : 9.0.0.74 21698 Bytes 4/12/2009 13:56:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:25:46
AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 3/03/2009 09:21:31
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 06:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 05:08:17
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 05:08:17
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 05:08:17
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 05:08:18
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 05:08:18
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 05:08:18
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 05:08:18
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 05:08:18
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 05:08:18
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 05:08:18
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 05:08:18
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 05:08:19
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 05:08:19
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 05:08:20
VBASE015.VDF : 7.10.1.178 195584 Bytes 7/12/2009 05:08:20
VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 05:08:21
VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 05:08:22
VBASE018.VDF : 7.10.2.30 198144 Bytes 21/12/2009 05:08:22
VBASE019.VDF : 7.10.2.63 187392 Bytes 24/12/2009 05:08:23
VBASE020.VDF : 7.10.2.93 195072 Bytes 29/12/2009 05:08:23
VBASE021.VDF : 7.10.2.94 2048 Bytes 29/12/2009 05:08:24
VBASE022.VDF : 7.10.2.95 2048 Bytes 29/12/2009 05:08:24
VBASE023.VDF : 7.10.2.96 2048 Bytes 29/12/2009 05:08:25
VBASE024.VDF : 7.10.2.97 2048 Bytes 29/12/2009 05:08:25
VBASE025.VDF : 7.10.2.98 2048 Bytes 29/12/2009 05:08:25
VBASE026.VDF : 7.10.2.99 2048 Bytes 29/12/2009 05:08:25
VBASE027.VDF : 7.10.2.100 2048 Bytes 29/12/2009 05:08:25
VBASE028.VDF : 7.10.2.101 2048 Bytes 29/12/2009 05:08:25
VBASE029.VDF : 7.10.2.102 2048 Bytes 29/12/2009 05:08:25
VBASE030.VDF : 7.10.2.103 2048 Bytes 29/12/2009 05:08:26
VBASE031.VDF : 7.10.2.119 167424 Bytes 4/01/2010 05:08:27
Version du moteur : 8.2.1.130
AEVDF.DLL : 8.1.1.2 106867 Bytes 8/11/2009 06:38:52
AESCRIPT.DLL : 8.1.3.7 594296 Bytes 5/01/2010 05:08:38
AESCN.DLL : 8.1.3.0 127348 Bytes 5/01/2010 05:08:37
AESBX.DLL : 8.1.1.1 246132 Bytes 8/11/2009 06:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 5/01/2010 05:08:36
AEPACK.DLL : 8.2.0.4 422263 Bytes 5/01/2010 05:08:36
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 8/11/2009 06:38:38
AEHEUR.DLL : 8.1.0.192 2195833 Bytes 5/01/2010 05:08:35
AEHELP.DLL : 8.1.9.0 237943 Bytes 5/01/2010 05:08:31
AEGEN.DLL : 8.1.1.83 369014 Bytes 5/01/2010 05:08:29
AEEMU.DLL : 8.1.1.0 393587 Bytes 8/11/2009 06:38:26
AECORE.DLL : 8.1.9.1 180598 Bytes 5/01/2010 05:08:28
AEBB.DLL : 8.1.0.3 53618 Bytes 8/11/2009 06:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:13:31
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 7/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 7/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26
RCTEXT.DLL : 9.0.73.0 88321 Bytes 2/11/2009 15:58:32

Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:, D:, E:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen

Début de la recherche : 10 January 2010 03:52

La recherche d'objets cachés commence.
'85103' objets ont été contrôlés, '0' objets cachés ont été trouvés.

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WudfHost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Dot1XCfg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HpqToaster.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Com4QLBEx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PSDrt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqWmiEx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'soffice.bin' - '1' module(s) sont contrôlés
Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BTSTAC~1.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'BTTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SWIHPWMI.exe' - '1' module(s) sont contrôlés
Processus de recherche 'UNS.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SPCSUtilityService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvdkit.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'IfxPsdSv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MSASCui.exe' - '1' module(s) sont contrôlés
Processus de recherche 'pdfsvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LMS.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'hpwuschd2.exe' - '1' module(s) sont contrôlés
Processus de recherche 'QLBCtrl.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DVDCheck.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iFrmewrk.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ZCfgSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iviRegMgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DrgToDsc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'IFXTCS.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WaHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'IFXSPMGT.exe' - '1' module(s) sont contrôlés
Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HPWAMain.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ATCHKSRV.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'igfxsrvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'pdfsty.exe' - '1' module(s) sont contrôlés
Processus de recherche 'igfxpers.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hkcmd.exe' - '1' module(s) sont contrôlés
Processus de recherche 'igfxtray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés
Processus de recherche 'snuvcdsm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'accelerometerST.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'pthosttr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ATCHK.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'tabtip.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smax4pnp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'tcserver.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'scardsvr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'tabbtnu.exe' - '1' module(s) sont contrôlés
Processus de recherche 'asghost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wisptis.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'keyboardsurrogate.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'btwdins.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MsMpEng.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HpFkCrypt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'84' processus ont été contrôlés avec '84' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'E:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '77' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\hiberfil.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\Documents and Settings\Administrator\Desktop\AD-R.exe
[0] Type d'archive: NSIS
--> ProgramFilesDir/List.dat
[RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Malicious.ActiveX.Gen
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XHEJPJ8V\AD-R[1].exe
[0] Type d'archive: NSIS
--> ProgramFilesDir/List.dat
[RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Malicious.ActiveX.Gen
C:\Program Files\Live-Player\uninst.exe
[RESULTAT] Contient le cheval de Troie TR/Dldr.Wintrim.BX.45
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011151.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011152.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011153.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011154.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011155.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011156.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011158.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011160.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011161.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011162.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011163.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011164.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011166.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011167.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011168.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011169.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011170.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011171.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011173.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011174.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011175.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011176.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011178.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011179.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011180.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011181.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
C:\WINDOWS\system32\drivers\SafeBoot.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
Recherche débutant dans 'D:\' <HP_RECOVERY>
Recherche débutant dans 'E:\' <OS_TOOLS>

Début de la désinfection :
C:\Documents and Settings\Administrator\Desktop\AD-R.exe
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b765768.qua' !
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XHEJPJ8V\AD-R[1].exe
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a000c09.qua' !
C:\Program Files\Live-Player\uninst.exe
[RESULTAT] Contient le cheval de Troie TR/Dldr.Wintrim.BX.45
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bb25796.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011151.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b795758.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011152.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4af06571.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011153.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4afc4451.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011154.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4af17d39.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011155.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4afe75c1.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011156.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aff4d89.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011158.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b795759.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011160.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6a4c22.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011161.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6d741a.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011162.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6f7c4a.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011163.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575a.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011164.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575b.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011166.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575c.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011167.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f631d6d.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011168.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6206a5.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011169.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f650e9d.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011170.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f6436d5.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011171.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f673e0d.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011173.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b79575d.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011174.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f592fbe.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011175.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f58d7f6.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011176.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5bdf2e.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011178.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5ac766.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011179.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5dcf5e.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011180.dll
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5cc896.qua' !
C:\System Volume Information\_restore{81D1954A-E764-45B8-A17A-40E70FDA4C46}\RP70\A0011181.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f5ff0ce.qua' !


Fin de la recherche : 10 January 2010 05:27
Temps nécessaire: 1:34:48 Heure(s)

La recherche a été effectuée intégralement

9274 Les répertoires ont été contrôlés
522325 Des fichiers ont été contrôlés
29 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
29 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
3 Impossible de contrôler des fichiers
522293 Fichiers non infectés
4633 Les archives ont été contrôlées
3 Avertissements
31 Consignes
85103 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés

merci infiniment !!! c'est génial ce que vous faites vraiment! merci pour tout ....

Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.

Double-clique sur Navilog1.exe pour le lancer.
(Sous Vista, clique droit sur Navilog1 et choisis Exécuter en tant qu'administrateur)

Appuie sur 1 puis valide avec Entrée pour choisir Français.

Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.

Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.

Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.

Patiente jusqu'au message : *** Scan terminé le ..... ***

Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.

Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt

Fix Navipromo version 4.0.6 commencé le dim. 10/01/2010 21:47:14,84

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU U7700 @ 1.33GHz )
BIOS : KBC Version 74.3A
USER : Administrator ( Administrator )
BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Activated)


C:\ (Local Disk) - NTFS - Total:101 Go (Free:83 Go)
D:\ (Local Disk) - NTFS - Total:8 Go (Free:2 Go)
E:\ (Local Disk) - NTFS - Total:1 Go (Free:1 Go)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\Program Files\Live-Player supprimé !
c:\docume~1\alluse~1\startm~1\programs\Live-Player supprimé !
C:\Documents and Settings\Administrator\applic~1\Live-Player supprimé !


Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Administrator\locals~1\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé dim. 10/01/2010 21:54:45,85 ***

Tu as toujours des pubs ?

non! merci bcp ! je pense ke tout est reglo maintenant...

merci encore! je peux supprimer ts les logiciels que j'ai installé pour enlever ce virus??

1/

Désinstalle HijackThis.

Télécharge ToolsCleaner2 sur ton Bureau.

Double-clique sur ToolsCleaner2.exe pour le lancer.

Clique sur Recherche et laisse le scan agir.

Clique sur Suppression pour finaliser.

Tu peux, si tu le souhaites, te servir des Options Facultatives.

Clique sur Quitter pour obtenir le rapport.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


2/

Télécharge et installe CCleaner Slim.

Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....

Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


3/

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


==Prévention==

Pour supprimer les popups d'AntiVir : Lien

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.

Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


==Problème résolu ?==

--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer .

Ajoute la mention [Résolu] devant le titre.

Clique ensuite sur Valider votre message.


Sois plus vigilant(e) sur Internet  

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\cleannavi.txt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Administrator\Desktop\Navilog1.exe: trouvé !
C:\Documents and Settings\Administrator\Desktop\Rsit.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Administrator\Desktop\Navilog1.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\cleannavi.txt: supprimé !
C:\Documents and Settings\Administrator\Desktop\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Rsit: supprimé !
C:\Program Files\Navilog1: supprimé !

Tu peux supprimer ToolsCleaner.

Bonne soirée  

bonsoir,

je n'arrive toujours pas à supprimer gameraving de la liste des programmes à supprimer, dans panneau des configuration. Le message suivant m'apparait à chaque fois!!! : "setup was enable to locate the Pixel Log Program on your system ( error code: 3008)." comment faire pour le supprimer définitevement??

et encore merci pour tout!

Tu peux le supprimer de la liste avec CCleaner.