Processus 100% --> csrss.exe infecté ?
Altazari
Messages postés
33
Statut
Membre
-
Altazari Messages postés 33 Statut Membre -
Altazari Messages postés 33 Statut Membre -
Bonjour,
Depuis 2 jours je vois dans le gestionnaire des tâches de windows que mon processeur monte sans cesse à 100%, puis redescend à 10, puis remonte et ainsi de suite même si je ne fais rien sur l'ordi (et si je fais quelque chose il rame un peu).
Pour info avant il tournait constamment entre 20 et 50% il me semble.
Est-ce que j'ai choppé un virus ?
Mon ordi est protégé par Spyware Terminator et Avast, et j'ai fait une recherche avec Multi Virus Cleaner mais aucun programme n'a relevé quelque chose.
En cherchant sur Internet j'ai vu que la source du problème vient peut-être de csrss.exe, qui apparaît 2 fois dans la liste des processus actif avec l'intitulé "Processus d'exécuttion client-serveur" (remarquez le double "t" d'exécution).
Je n'arrive pas à trouver une solution par contre, donc si quelqu'un sait m'aider ?
Merci
Clio
Depuis 2 jours je vois dans le gestionnaire des tâches de windows que mon processeur monte sans cesse à 100%, puis redescend à 10, puis remonte et ainsi de suite même si je ne fais rien sur l'ordi (et si je fais quelque chose il rame un peu).
Pour info avant il tournait constamment entre 20 et 50% il me semble.
Est-ce que j'ai choppé un virus ?
Mon ordi est protégé par Spyware Terminator et Avast, et j'ai fait une recherche avec Multi Virus Cleaner mais aucun programme n'a relevé quelque chose.
En cherchant sur Internet j'ai vu que la source du problème vient peut-être de csrss.exe, qui apparaît 2 fois dans la liste des processus actif avec l'intitulé "Processus d'exécuttion client-serveur" (remarquez le double "t" d'exécution).
Je n'arrive pas à trouver une solution par contre, donc si quelqu'un sait m'aider ?
Merci
Clio
A voir également:
- Processus d'execution client serveur gpu
- Cybera client - Télécharger - Divers Réseau & Wi-Fi
- Changer serveur dns - Guide
- Gpu z - Télécharger - Informations & Diagnostic
- Filezilla client - Télécharger - Téléchargement & Transfert
- Serveur diff message ✓ - Forum Mobile
39 réponses
"Ah et je crois que j'ai eu un faux espoir mon processeur retourne à 100% :@"
==> Sur une version "Search" d'un log...il est évident qu'aucune amériolation ne puiiisse être conhstatée.....
Relance List_Kill'em avec le raccourci blanc créé sur ton bureau.
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* Choisis l'Option Clean
* Une boite de dialogue t'indique que le PC va redémarrer
* Patiente pendant le travail de l'outil qui peut prendre plusieurs minutes
* Lorsque le scan est fini, la fenêtre se ferme et un rapport va se créer
* Héberge le rapport sur http://www.cijoint.fr
==> Sur une version "Search" d'un log...il est évident qu'aucune amériolation ne puiiisse être conhstatée.....
Relance List_Kill'em avec le raccourci blanc créé sur ton bureau.
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* Choisis l'Option Clean
* Une boite de dialogue t'indique que le PC va redémarrer
* Patiente pendant le travail de l'outil qui peut prendre plusieurs minutes
* Lorsque le scan est fini, la fenêtre se ferme et un rapport va se créer
* Héberge le rapport sur http://www.cijoint.fr
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ah ok jme disais bien que le rapport était particulier...
A demain alors ^^
Et merci beaucoup pour ton aide.
A demain alors ^^
Et merci beaucoup pour ton aide.
Bon toujours pareil ...on va faire autrement
Télécharge OTM (de Old_Timer) sur le bureau
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
* Lance OTM
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* La fenêtre principale de l'outil s'ouvre :
* Copie la liste en citation ci-dessous et colle-la dans le cadre "Paste instructions for Items to be Moved"
:Files
C:\Users\Clio\Documents\cc_20101002_135115.reg
C:\Users\Clio\AppData\Local\d3d9caps.dat
C:\Users\Clio\AppData\Local\GDIPFONTCACHEV1.DAT
C:\ProgramData\.zreglib
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
C:\Windows\Installer\39e57.msi
C:\Windows\System32\x64
C:\Windows\Temp\CabAC83.tmp
C:\Windows\Temp\CabD596.tmp
C:\Windows\Temp\TarAFCF.tmp
C:\Windows\Temp\TarD5E5.tmp
:Reg
[-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]
[-HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]
[-HKCU\Software\AppDataLow\Software\PriceGong]
[-HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[-HKLM\Software\Classes\Interface\{039b7df6-3103-48f0-bd6f-24291bc7e637}]
[-HKLM\Software\Classes\Interface\{1bd69f2f-96b4-41b3-accf-c46ed55e3a58}]
[-HKLM\Software\Classes\Interface\{2194682f-acb0-45ce-b900-3fcd2d13bfb5}]
[-HKLM\Software\Classes\Interface\{24d4e9fc-5097-483b-b0fe-6e3ef28bff4a}]
[-HKLM\Software\Classes\Interface\{382be372-d636-451d-8fa8-54c51569ad88}]
[-HKLM\Software\Classes\Interface\{3a60359d-0eb2-4437-ad15-a08bee794c14}]
[-HKLM\Software\Classes\Interface\{46902815-1008-40c8-ba07-4f3d2276e6d2}]
[-HKLM\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543d}]
[-HKLM\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543f}]
[-HKLM\Software\Classes\Interface\{7876dc2b-dd2e-48d3-b182-6e261698aadb}]
[-HKLM\Software\Classes\Interface\{9b7984e0-1b06-434d-a233-5323ab08f05f}]
[-HKLM\Software\Classes\Interface\{a0f36689-35ea-4b9b-8b16-2236b0581557}]
[-HKLM\Software\Classes\Interface\{b1ce34ce-dfa2-4a5e-a99a-5fdef5021994}]
[-HKLM\Software\Classes\Interface\{ce9cc21b-4f0c-4da5-9a2b-cb4d6a631228}]
[-HKLM\Software\Classes\Interface\{e0778c77-10e3-4ab3-9077-fe845de401b4}]
[-HKLM\Software\Classes\Interface\{e5b630a9-c1e3-42f3-b58b-9afa3662c010}]
[-HKLM\Software\Conduit]
:Commands
[emptytemp]
* Clique sur MoveIt ! pour lancer la suppression
* A la fin du processus le PC va redémarrer
* Poste le rapport dans qui se trouve dans le répertoire suivant C:\_OTM\MovedFile
Télécharge OTM (de Old_Timer) sur le bureau
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
* Lance OTM
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* La fenêtre principale de l'outil s'ouvre :
* Copie la liste en citation ci-dessous et colle-la dans le cadre "Paste instructions for Items to be Moved"
:Files
C:\Users\Clio\Documents\cc_20101002_135115.reg
C:\Users\Clio\AppData\Local\d3d9caps.dat
C:\Users\Clio\AppData\Local\GDIPFONTCACHEV1.DAT
C:\ProgramData\.zreglib
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
C:\Windows\Installer\39e57.msi
C:\Windows\System32\x64
C:\Windows\Temp\CabAC83.tmp
C:\Windows\Temp\CabD596.tmp
C:\Windows\Temp\TarAFCF.tmp
C:\Windows\Temp\TarD5E5.tmp
:Reg
[-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]
[-HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]
[-HKCU\Software\AppDataLow\Software\PriceGong]
[-HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[-HKLM\Software\Classes\Interface\{039b7df6-3103-48f0-bd6f-24291bc7e637}]
[-HKLM\Software\Classes\Interface\{1bd69f2f-96b4-41b3-accf-c46ed55e3a58}]
[-HKLM\Software\Classes\Interface\{2194682f-acb0-45ce-b900-3fcd2d13bfb5}]
[-HKLM\Software\Classes\Interface\{24d4e9fc-5097-483b-b0fe-6e3ef28bff4a}]
[-HKLM\Software\Classes\Interface\{382be372-d636-451d-8fa8-54c51569ad88}]
[-HKLM\Software\Classes\Interface\{3a60359d-0eb2-4437-ad15-a08bee794c14}]
[-HKLM\Software\Classes\Interface\{46902815-1008-40c8-ba07-4f3d2276e6d2}]
[-HKLM\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543d}]
[-HKLM\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543f}]
[-HKLM\Software\Classes\Interface\{7876dc2b-dd2e-48d3-b182-6e261698aadb}]
[-HKLM\Software\Classes\Interface\{9b7984e0-1b06-434d-a233-5323ab08f05f}]
[-HKLM\Software\Classes\Interface\{a0f36689-35ea-4b9b-8b16-2236b0581557}]
[-HKLM\Software\Classes\Interface\{b1ce34ce-dfa2-4a5e-a99a-5fdef5021994}]
[-HKLM\Software\Classes\Interface\{ce9cc21b-4f0c-4da5-9a2b-cb4d6a631228}]
[-HKLM\Software\Classes\Interface\{e0778c77-10e3-4ab3-9077-fe845de401b4}]
[-HKLM\Software\Classes\Interface\{e5b630a9-c1e3-42f3-b58b-9afa3662c010}]
[-HKLM\Software\Conduit]
:Commands
[emptytemp]
* Clique sur MoveIt ! pour lancer la suppression
* A la fin du processus le PC va redémarrer
* Poste le rapport dans qui se trouve dans le répertoire suivant C:\_OTM\MovedFile
All processes killed
========== FILES ==========
C:\Users\Clio\Documents\cc_20101002_135115.reg moved successfully.
C:\Users\Clio\AppData\Local\d3d9caps.dat moved successfully.
C:\Users\Clio\AppData\Local\GDIPFONTCACHEV1.DAT moved successfully.
C:\ProgramData\.zreglib moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
C:\Windows\Installer\39e57.msi moved successfully.
C:\Windows\System32\x64 folder moved successfully.
C:\Windows\Temp\CabAC83.tmp moved successfully.
C:\Windows\Temp\CabD596.tmp moved successfully.
C:\Windows\Temp\TarAFCF.tmp moved successfully.
C:\Windows\Temp\TarD5E5.tmp moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\PriceGong\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{039b7df6-3103-48f0-bd6f-24291bc7e637}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039b7df6-3103-48f0-bd6f-24291bc7e637}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1bd69f2f-96b4-41b3-accf-c46ed55e3a58}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1bd69f2f-96b4-41b3-accf-c46ed55e3a58}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2194682f-acb0-45ce-b900-3fcd2d13bfb5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2194682f-acb0-45ce-b900-3fcd2d13bfb5}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{24d4e9fc-5097-483b-b0fe-6e3ef28bff4a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24d4e9fc-5097-483b-b0fe-6e3ef28bff4a}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{382be372-d636-451d-8fa8-54c51569ad88}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{382be372-d636-451d-8fa8-54c51569ad88}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3a60359d-0eb2-4437-ad15-a08bee794c14}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a60359d-0eb2-4437-ad15-a08bee794c14}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{46902815-1008-40c8-ba07-4f3d2276e6d2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46902815-1008-40c8-ba07-4f3d2276e6d2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{777421f7-878b-426e-b7f7-593cbe6b543d}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{777421f7-878b-426e-b7f7-593cbe6b543f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{7876dc2b-dd2e-48d3-b182-6e261698aadb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7876dc2b-dd2e-48d3-b182-6e261698aadb}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9b7984e0-1b06-434d-a233-5323ab08f05f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9b7984e0-1b06-434d-a233-5323ab08f05f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{a0f36689-35ea-4b9b-8b16-2236b0581557}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0f36689-35ea-4b9b-8b16-2236b0581557}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{b1ce34ce-dfa2-4a5e-a99a-5fdef5021994}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1ce34ce-dfa2-4a5e-a99a-5fdef5021994}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{ce9cc21b-4f0c-4da5-9a2b-cb4d6a631228}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce9cc21b-4f0c-4da5-9a2b-cb4d6a631228}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{e0778c77-10e3-4ab3-9077-fe845de401b4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0778c77-10e3-4ab3-9077-fe845de401b4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{e5b630a9-c1e3-42f3-b58b-9afa3662c010}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b630a9-c1e3-42f3-b58b-9afa3662c010}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Conduit\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Clio
->Temp folder emptied: 13921658 bytes
->Temporary Internet Files folder emptied: 771952 bytes
->Java cache emptied: 69984546 bytes
->FireFox cache emptied: 41735856 bytes
->Google Chrome cache emptied: 263043322 bytes
->Apple Safari cache emptied: 14336 bytes
->Flash cache emptied: 1607 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7778 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 48421140 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 31492880 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 448,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 11192010_235350
Files moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== FILES ==========
C:\Users\Clio\Documents\cc_20101002_135115.reg moved successfully.
C:\Users\Clio\AppData\Local\d3d9caps.dat moved successfully.
C:\Users\Clio\AppData\Local\GDIPFONTCACHEV1.DAT moved successfully.
C:\ProgramData\.zreglib moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
C:\Windows\Installer\39e57.msi moved successfully.
C:\Windows\System32\x64 folder moved successfully.
C:\Windows\Temp\CabAC83.tmp moved successfully.
C:\Windows\Temp\CabD596.tmp moved successfully.
C:\Windows\Temp\TarAFCF.tmp moved successfully.
C:\Windows\Temp\TarD5E5.tmp moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\PriceGong\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{039b7df6-3103-48f0-bd6f-24291bc7e637}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039b7df6-3103-48f0-bd6f-24291bc7e637}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1bd69f2f-96b4-41b3-accf-c46ed55e3a58}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1bd69f2f-96b4-41b3-accf-c46ed55e3a58}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2194682f-acb0-45ce-b900-3fcd2d13bfb5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2194682f-acb0-45ce-b900-3fcd2d13bfb5}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{24d4e9fc-5097-483b-b0fe-6e3ef28bff4a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24d4e9fc-5097-483b-b0fe-6e3ef28bff4a}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{382be372-d636-451d-8fa8-54c51569ad88}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{382be372-d636-451d-8fa8-54c51569ad88}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3a60359d-0eb2-4437-ad15-a08bee794c14}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a60359d-0eb2-4437-ad15-a08bee794c14}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{46902815-1008-40c8-ba07-4f3d2276e6d2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46902815-1008-40c8-ba07-4f3d2276e6d2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{777421f7-878b-426e-b7f7-593cbe6b543d}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{777421f7-878b-426e-b7f7-593cbe6b543f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{777421f7-878b-426e-b7f7-593cbe6b543f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{7876dc2b-dd2e-48d3-b182-6e261698aadb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7876dc2b-dd2e-48d3-b182-6e261698aadb}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9b7984e0-1b06-434d-a233-5323ab08f05f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9b7984e0-1b06-434d-a233-5323ab08f05f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{a0f36689-35ea-4b9b-8b16-2236b0581557}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0f36689-35ea-4b9b-8b16-2236b0581557}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{b1ce34ce-dfa2-4a5e-a99a-5fdef5021994}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1ce34ce-dfa2-4a5e-a99a-5fdef5021994}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{ce9cc21b-4f0c-4da5-9a2b-cb4d6a631228}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce9cc21b-4f0c-4da5-9a2b-cb4d6a631228}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{e0778c77-10e3-4ab3-9077-fe845de401b4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0778c77-10e3-4ab3-9077-fe845de401b4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{e5b630a9-c1e3-42f3-b58b-9afa3662c010}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b630a9-c1e3-42f3-b58b-9afa3662c010}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Conduit\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Clio
->Temp folder emptied: 13921658 bytes
->Temporary Internet Files folder emptied: 771952 bytes
->Java cache emptied: 69984546 bytes
->FireFox cache emptied: 41735856 bytes
->Google Chrome cache emptied: 263043322 bytes
->Apple Safari cache emptied: 14336 bytes
->Flash cache emptied: 1607 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7778 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 48421140 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 31492880 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 448,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 11192010_235350
Files moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Voilà
<code>Rapport de ZHPDiag v1.27.129 par Nicolas Coolman, Update du 16/11/2010
Run by Clio at 23/11/2010 1:39:52
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005 (Defaut)
MFIE: Mozilla Firefox v3.6.10 (fr)
GCIE: Google Chrome v7.0.517.44
---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (57% free)
System drive C: has 68 GB (58%) free of 116 GB
---\\ Logged in mode
Computer Name: PC-DE-CLIO
User Name: Clio
All Users Names: Clio, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 116 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 115 Go)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 3:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 7:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 7:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]
---\\ Processus lancés
[MD5.98888488D0E6DB0256E5E661BCD35EB6] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.B40A9F894E1B267B288906336CDE0079] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480]
[MD5.6C887E9BA3AE7F62635F098BFC9853CD] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6037504]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152]
[MD5.1B8FEEC163DC70BEDDC8B61E21329162] - (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe [716800]
[MD5.7CEB241A5A11F4B49C7C3F3B68E31228] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1406024]
[MD5.318270684C812E88FE63DC4C3021FC2B] - (.ALWIL Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2756488]
[MD5.4507B76EBD4DF7FF231640D74C8E8DF9] - (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072]
[MD5.ABBABB9718848FD74C2D156BDFEDBCD5] - (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\ltmoh.exe [191552]
[MD5.5D29764082133F302126C85AB96ACB80] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [430080]
[MD5.15A4CA3541D32D60C593087BA5066087] - (.TOSHIBA Corporation. - SoundChanger.exe.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe [667648]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.09CFCEB5072C9FA0BFE0A551F6D5CE07] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]
[MD5.3EB1AF1EE719FA3E58452F76326688F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620032]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll (.not file.)
M0 - MFSP: prefs.js [Clio - zu9eyc9p.default] about:blank
M2 - MFEP: prefs.js [Clio - zu9eyc9p.default\engine@conduit.com] [] Conduit Engine v3.2.1.3 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Clio - zu9eyc9p.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [Clio - zu9eyc9p.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.2.1.3 (.Conduit Ltd..)
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [nahooofggegjbnodalhoibemeabkapop] "state": 1 v.pafkcccccfmnjkhhndjfffifnflhkpdo: { (Activé)
---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé orpheline
R3 - URLSearchHook: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} Clé orpheline
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\System32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Google EULA Launcher] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [HDMICtrlMan] . (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [SpywareTerminator] . (.Crawler.com - Spyware Terminator Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [avast5] . (.ALWIL Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [THGuard] . (.Mischel Internet Security - TrojanHunter Guard.) -- C:\Program Files\TrojanHunter 5.3\THGuard.exe
O4 - HKCU\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [SpywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\Clio\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Documents And Settings\Clio\Desktop\TrojanHunter.lnk . (.Mischel Internet Security.) -- C:\Program Files\TrojanHunter 5.3\TrojanHunter.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Clio\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Clio\Desktop\TrojanHunter.lnk . (.Mischel Internet Security.) -- C:\Program Files\TrojanHunter 5.3\TrojanHunter.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files\MiPony\MiPony.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk . (.Mischel Internet Security.) -- C:\Program Files\TrojanHunter 5.3\TrojanHunter.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll
O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files\MiPony\Browser\IEContext.htm
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} . (.Pas de propriétaire - Pas de description.) -- c:\toshiba\Webshops\ebay.ico
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} . (.Pas de propriétaire - Pas de description.) -- c:\toshiba\Webshops\amazon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.131.1 195.130.130.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.131.1 195.130.130.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.130.129 195.130.131.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.130.129 195.130.131.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CS2\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CS3\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.1 195.130.130.129
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Pas de propriétaire - Pas de description.) -- igfxdev.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.ALWIL Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: Service Google Update (gupdate1ca3fbdb5053a60) (gupdate1ca3fbdb5053a60) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com - Spyware Terminator Realtime Shield Service.) - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(.Pas de propriétaire - Pas de description.) - E:\Documents\Images\Wallpapers & Fonds d'écran\lightanddark.jpg
O24 - Desktop General: WallPaper - .(.Pas de propriétaire - Pas de description.) - E:\Documents\Images\Wallpapers & Fonds d'écran\lightanddark.jpg
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.E52F62AA37AA8B9D9E5DEF5C587C68B1] [APT] [{B2C548AF-7FB2-4656-B12F-5EBB4150D5E3}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\swdir.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r12.) -- C:\Windows\system32\Macromed\Flash\Flash10a.ocx
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Spyware Terminator Driver 2 (sp_rsdrv2) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\sp_rsdrv2.sys
O41 - Driver: Bluetooth RFCOMM (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\system32\Drivers\tosrfcom.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.) [HKLM] -- {B74D4E10-1033-0000-0000-000000000001}
O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] -- {8EDBA74D-0686-4C99-BFDD-F894678E5B39}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.) [HKLM] -- {E9787678-1033-0000-8E67-000000000001}
O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}
O42 - Logiciel: Adobe Reader 8.1.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81300000003}
O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] -- {786C5747-1033-0000-B58E-000000000001}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.) [HKLM] -- CCleaner
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {69E5255D-9D43-4CFF-8984-843ABD7753B7}
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE}
O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HDMI Control Manager - (.TOSHIBA.) [HKLM] -- {F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Macromedia Dreamweaver 4 - (.Macromedia.) [HKLM] -- {ABDA9912-5D00-11D4-BAE7-9367CA097955}
O42 - Logiciel: Macromedia Extension Manager - (.Macromedia.) [HKLM] -- {A5BA14E0-7384-11D4-BAE7-00409631A2C8}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}
O42 - Logiciel: MiPony 1.1.2 - (.Pas de propriétaire.) [HKLM] -- MiPony
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.10)
O42 - Logiciel: Multi Virus Cleaner 2008 - (.AxBx.) [HKLM] -- Multi Virus Cleaner 2008_is1
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PRS-500 USB driver - (.Sony.) [HKLM] -- {A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Skype(TM) 4.0 - (.Skype Technologies S.A..) [HKLM] -- {24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
O42 - Logiciel: Software Informer 1.0 BETA - (.Informer Technologies, Inc..) [HKLM] -- Software Informer_is1
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.) [HKLM] -- {AC76BA86-7AD7-5464-3428-800000000003}
O42 - Logiciel: Spyware Terminator - (.Crawler Inc..) [HKLM] -- Spyware Terminator_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- {C730E42C-935A-45BB-A0C5-37E5234D111B}
O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}
O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA SD Memory Utilities - (.TOSHIBA.) [HKLM] -- {EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
O42 - Logiciel: TOSHIBA Software Modem - (.Agere Systems.) [HKLM] -- TOSHIBA Software Modem
O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}
O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {2BA8A909-F17C-4AE5-85C1-9107B7A60D26}
O42 - Logiciel: TrojanHunter 5.3 - (.Mischel Internet Security.) [HKLM] -- TrojanHunter_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).) [HKLM] -- WampServer 2_is1
O42 - Logiciel: Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080) - (.Sony Corporation.) [HKLM] -- 75070B1806113224B16C70296B90DD1AD8A53479
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Amazon.com]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\BareDeSurf]
[HKCU\Software\Battle.net]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DiskSoftware]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EPSON]
[HKCU\Software\FileZilla Client]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Headlight]
[HKCU\Software\IM Providers]
[HKCU\Software\Informer Technologies, Inc.]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KingsIsle]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Lucent]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mobileleader]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Power Tab Software]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Spyware Terminator]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Telltale Games]
[HKCU\Software\TrojanHunter]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Vision Objects]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Canon]
[HKLM\Software\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DiskSoftware]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EPSON]
[HKLM\Software\FileZilla 3]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Insyde]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kungfu]
[HKLM\Software\Lucent]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mischel Internet Security]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Spyware Terminator]
[HKLM\Software\Swearware]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Sys Modules]
[HKLM\Software\TENGWU]
[HKLM\Software\Toshiba Tempro]
[HKLM\Software\Toshiba]
[HKLM\Software\TrendMicro]
[HKLM\Software\Ulead Systems]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Yahoo]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\Camera Assistant Software for Toshiba
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX
O43 - CFD:Common File Directory ----D- C:\Program Files\epson
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\LimeWire
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh
O43 - CFD:Common File Directory ----D- C:\Program Files\Macromedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\MarkAny
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliPoint
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\MiPony
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\myphotobook
O43 - CFD:Common File Directory ----D- C:\Program Files\Notepad++
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\Picasa2
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Software Informer
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Spyware Terminator
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\Toshiba
O43 - CFD:Common File Directory ----D- C:\Program Files\Toshiba TEMPRO
O43 - CFD:Common File Directory ----D- C:\Program Files\TrojanHunter 5.3
O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\WinClamAVShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Macromedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Toshiba Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe Systems
O43 - CFD:Common File Directory ----D- C:\ProgramData\Alwil Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\Astroburn Lite
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD:Common File Directory ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory ----D- C:\ProgramData\DivX
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\EPSON
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\IsolatedStorage
O43 - CFD:Common File Directory ----D- C:\ProgramData\KingsIsle Entertainment
O43 - CFD:Common File Directory ----D- C:\ProgramData\kinoma
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton
O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Office Genuine Advantage
O43 - CFD:Common File Directory ----D- C:\ProgramData\open-config
O43 - CFD:Common File Directory ----D- C:\ProgramData\Samsung
O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spyware Terminator
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sun
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\Toshiba
O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA Tempro
O43 - CFD:Common File Directory ----D- C:\ProgramData\ToshibaEurope
O43 - CFD:Common File Directory ----D- C:\ProgramData\TrojanHunter
O43 - CFD:
<code>Rapport de ZHPDiag v1.27.129 par Nicolas Coolman, Update du 16/11/2010
Run by Clio at 23/11/2010 1:39:52
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005 (Defaut)
MFIE: Mozilla Firefox v3.6.10 (fr)
GCIE: Google Chrome v7.0.517.44
---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (57% free)
System drive C: has 68 GB (58%) free of 116 GB
---\\ Logged in mode
Computer Name: PC-DE-CLIO
User Name: Clio
All Users Names: Clio, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 116 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 115 Go)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 3:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 7:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 7:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]
---\\ Processus lancés
[MD5.98888488D0E6DB0256E5E661BCD35EB6] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.B40A9F894E1B267B288906336CDE0079] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480]
[MD5.6C887E9BA3AE7F62635F098BFC9853CD] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6037504]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152]
[MD5.1B8FEEC163DC70BEDDC8B61E21329162] - (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe [716800]
[MD5.7CEB241A5A11F4B49C7C3F3B68E31228] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1406024]
[MD5.318270684C812E88FE63DC4C3021FC2B] - (.ALWIL Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2756488]
[MD5.4507B76EBD4DF7FF231640D74C8E8DF9] - (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072]
[MD5.ABBABB9718848FD74C2D156BDFEDBCD5] - (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\ltmoh.exe [191552]
[MD5.5D29764082133F302126C85AB96ACB80] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [430080]
[MD5.15A4CA3541D32D60C593087BA5066087] - (.TOSHIBA Corporation. - SoundChanger.exe.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe [667648]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.09CFCEB5072C9FA0BFE0A551F6D5CE07] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]
[MD5.3EB1AF1EE719FA3E58452F76326688F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620032]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll (.not file.)
M0 - MFSP: prefs.js [Clio - zu9eyc9p.default] about:blank
M2 - MFEP: prefs.js [Clio - zu9eyc9p.default\engine@conduit.com] [] Conduit Engine v3.2.1.3 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Clio - zu9eyc9p.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [Clio - zu9eyc9p.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.2.1.3 (.Conduit Ltd..)
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [nahooofggegjbnodalhoibemeabkapop] "state": 1 v.pafkcccccfmnjkhhndjfffifnflhkpdo: { (Activé)
---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé orpheline
R3 - URLSearchHook: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} Clé orpheline
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\System32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Google EULA Launcher] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [HDMICtrlMan] . (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [SpywareTerminator] . (.Crawler.com - Spyware Terminator Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [avast5] . (.ALWIL Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [THGuard] . (.Mischel Internet Security - TrojanHunter Guard.) -- C:\Program Files\TrojanHunter 5.3\THGuard.exe
O4 - HKCU\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [SpywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-21-145991659-1782934896-4108710449-1000\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\Clio\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Documents And Settings\Clio\Desktop\TrojanHunter.lnk . (.Mischel Internet Security.) -- C:\Program Files\TrojanHunter 5.3\TrojanHunter.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Clio\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Clio\Desktop\TrojanHunter.lnk . (.Mischel Internet Security.) -- C:\Program Files\TrojanHunter 5.3\TrojanHunter.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files\MiPony\MiPony.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk . (.Mischel Internet Security.) -- C:\Program Files\TrojanHunter 5.3\TrojanHunter.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Clio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll
O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files\MiPony\Browser\IEContext.htm
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} . (.Pas de propriétaire - Pas de description.) -- c:\toshiba\Webshops\ebay.ico
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} . (.Pas de propriétaire - Pas de description.) -- c:\toshiba\Webshops\amazon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.131.1 195.130.130.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.131.1 195.130.130.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.130.129 195.130.131.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{09C110BA-0B77-4453-9240-522CC83C5F8E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpNameServer = 195.130.130.129 195.130.131.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CS2\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CS3\Services\Tcpip\..\{48858613-D22F-4DC3-ABDB-F5F6721FE618}: DhcpDomain = telenet.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.1 195.130.130.129
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Pas de propriétaire - Pas de description.) -- igfxdev.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.ALWIL Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: Service Google Update (gupdate1ca3fbdb5053a60) (gupdate1ca3fbdb5053a60) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com - Spyware Terminator Realtime Shield Service.) - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(.Pas de propriétaire - Pas de description.) - E:\Documents\Images\Wallpapers & Fonds d'écran\lightanddark.jpg
O24 - Desktop General: WallPaper - .(.Pas de propriétaire - Pas de description.) - E:\Documents\Images\Wallpapers & Fonds d'écran\lightanddark.jpg
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.E52F62AA37AA8B9D9E5DEF5C587C68B1] [APT] [{B2C548AF-7FB2-4656-B12F-5EBB4150D5E3}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\swdir.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r12.) -- C:\Windows\system32\Macromed\Flash\Flash10a.ocx
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Spyware Terminator Driver 2 (sp_rsdrv2) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\sp_rsdrv2.sys
O41 - Driver: Bluetooth RFCOMM (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\system32\Drivers\tosrfcom.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.) [HKLM] -- {B74D4E10-1033-0000-0000-000000000001}
O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] -- {8EDBA74D-0686-4C99-BFDD-F894678E5B39}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.) [HKLM] -- {E9787678-1033-0000-8E67-000000000001}
O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}
O42 - Logiciel: Adobe Reader 8.1.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81300000003}
O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] -- {786C5747-1033-0000-B58E-000000000001}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.) [HKLM] -- CCleaner
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {69E5255D-9D43-4CFF-8984-843ABD7753B7}
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE}
O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HDMI Control Manager - (.TOSHIBA.) [HKLM] -- {F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Macromedia Dreamweaver 4 - (.Macromedia.) [HKLM] -- {ABDA9912-5D00-11D4-BAE7-9367CA097955}
O42 - Logiciel: Macromedia Extension Manager - (.Macromedia.) [HKLM] -- {A5BA14E0-7384-11D4-BAE7-00409631A2C8}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}
O42 - Logiciel: MiPony 1.1.2 - (.Pas de propriétaire.) [HKLM] -- MiPony
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.10)
O42 - Logiciel: Multi Virus Cleaner 2008 - (.AxBx.) [HKLM] -- Multi Virus Cleaner 2008_is1
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PRS-500 USB driver - (.Sony.) [HKLM] -- {A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Skype(TM) 4.0 - (.Skype Technologies S.A..) [HKLM] -- {24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
O42 - Logiciel: Software Informer 1.0 BETA - (.Informer Technologies, Inc..) [HKLM] -- Software Informer_is1
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.) [HKLM] -- {AC76BA86-7AD7-5464-3428-800000000003}
O42 - Logiciel: Spyware Terminator - (.Crawler Inc..) [HKLM] -- Spyware Terminator_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- {C730E42C-935A-45BB-A0C5-37E5234D111B}
O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}
O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA SD Memory Utilities - (.TOSHIBA.) [HKLM] -- {EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
O42 - Logiciel: TOSHIBA Software Modem - (.Agere Systems.) [HKLM] -- TOSHIBA Software Modem
O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}
O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {2BA8A909-F17C-4AE5-85C1-9107B7A60D26}
O42 - Logiciel: TrojanHunter 5.3 - (.Mischel Internet Security.) [HKLM] -- TrojanHunter_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).) [HKLM] -- WampServer 2_is1
O42 - Logiciel: Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080) - (.Sony Corporation.) [HKLM] -- 75070B1806113224B16C70296B90DD1AD8A53479
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Amazon.com]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\BareDeSurf]
[HKCU\Software\Battle.net]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DiskSoftware]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EPSON]
[HKCU\Software\FileZilla Client]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Headlight]
[HKCU\Software\IM Providers]
[HKCU\Software\Informer Technologies, Inc.]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KingsIsle]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Lucent]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mobileleader]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Power Tab Software]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Spyware Terminator]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Telltale Games]
[HKCU\Software\TrojanHunter]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Vision Objects]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Canon]
[HKLM\Software\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DiskSoftware]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EPSON]
[HKLM\Software\FileZilla 3]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Insyde]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kungfu]
[HKLM\Software\Lucent]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mischel Internet Security]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Spyware Terminator]
[HKLM\Software\Swearware]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Sys Modules]
[HKLM\Software\TENGWU]
[HKLM\Software\Toshiba Tempro]
[HKLM\Software\Toshiba]
[HKLM\Software\TrendMicro]
[HKLM\Software\Ulead Systems]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Yahoo]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\Camera Assistant Software for Toshiba
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX
O43 - CFD:Common File Directory ----D- C:\Program Files\epson
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\LimeWire
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh
O43 - CFD:Common File Directory ----D- C:\Program Files\Macromedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\MarkAny
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliPoint
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\MiPony
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\myphotobook
O43 - CFD:Common File Directory ----D- C:\Program Files\Notepad++
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\Picasa2
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Software Informer
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Spyware Terminator
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\Toshiba
O43 - CFD:Common File Directory ----D- C:\Program Files\Toshiba TEMPRO
O43 - CFD:Common File Directory ----D- C:\Program Files\TrojanHunter 5.3
O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\WinClamAVShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Macromedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Toshiba Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe Systems
O43 - CFD:Common File Directory ----D- C:\ProgramData\Alwil Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\Astroburn Lite
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD:Common File Directory ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory ----D- C:\ProgramData\DivX
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\EPSON
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\IsolatedStorage
O43 - CFD:Common File Directory ----D- C:\ProgramData\KingsIsle Entertainment
O43 - CFD:Common File Directory ----D- C:\ProgramData\kinoma
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton
O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Office Genuine Advantage
O43 - CFD:Common File Directory ----D- C:\ProgramData\open-config
O43 - CFD:Common File Directory ----D- C:\ProgramData\Samsung
O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spyware Terminator
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sun
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\Toshiba
O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA Tempro
O43 - CFD:Common File Directory ----D- C:\ProgramData\ToshibaEurope
O43 - CFD:Common File Directory ----D- C:\ProgramData\TrojanHunter
O43 - CFD:
Télécharge GMER Scanner de rootkit
http://www2.gmer.net/download.php
[*]télécharge le .exe sur ton Bureau . Retiens son nom car il est aléatoire.
[*]exécute le en faisant un double clic sur le fichier créé. Néglige les alertes.
[*]le chargement va prendre une minute.
[*]si des rootkits sont décelés, répond non quand on te demande si tu veux faire un scan complet (Full scan).
[*]règle les paramètres (fenêtre de droite) de la manière suivante :
# seule la partition système (en général C:\ ) doit rester cochée
# Show All : décochée
[*]clique sur "SCAN" puis patiente...
[*]En fin de traitement clique sur "SAVE" et enregistre sur le Bureau "051209.txt"
[*]Double clique sur "051209.txt" ; le fichier s'ouvre dans le Bloc-Notes
[*]Copie le contenu et colle le dans ta réponse.
http://www2.gmer.net/download.php
[*]télécharge le .exe sur ton Bureau . Retiens son nom car il est aléatoire.
[*]exécute le en faisant un double clic sur le fichier créé. Néglige les alertes.
[*]le chargement va prendre une minute.
[*]si des rootkits sont décelés, répond non quand on te demande si tu veux faire un scan complet (Full scan).
[*]règle les paramètres (fenêtre de droite) de la manière suivante :
# seule la partition système (en général C:\ ) doit rester cochée
# Show All : décochée
[*]clique sur "SCAN" puis patiente...
[*]En fin de traitement clique sur "SAVE" et enregistre sur le Bureau "051209.txt"
[*]Double clique sur "051209.txt" ; le fichier s'ouvre dans le Bloc-Notes
[*]Copie le contenu et colle le dans ta réponse.
Je l'ai téléchargé mais l'exécution bloque, il me dit que le fichier exe "n'est pas une application Win32 valide". Le re-télécharger n'y change rien.
GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-11-28 01:22:34 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.LV01 Running: 1gxmlngq.exe; Driver: C:\Users\Clio\AppData\Local\Temp\kwlyypob.sys ---- System - GMER 1.0.15 ---- SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwClose [0x9200788E] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateFile [0x920070EC] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateKey [0x92006DCE] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateSection [0x92008938] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteKey [0x92006ED8] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0x92006FC2] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwLoadDriver [0x92007BBC] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwOpenFile [0x920073F4] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0x92007526] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetValueKey [0x92006BFC] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0x92007B04] SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwWriteFile [0x9200770C] INT 0x51 ? 884C9CA0 INT 0x51 ? 884C9CA0 INT 0x51 ? 884C9CA0 INT 0x72 ? 884C9CA0 INT 0x82 ? 91007CD0 INT 0x92 ? 884C9CA0 INT 0xA2 ? 86B1EBF8 INT 0xA2 ? 884C9CA0 INT 0xA2 ? 884C9CA0 INT 0xA2 ? 86B1EBF8 Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0x9209B4FE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0x9209B322] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0x9209B45C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 1A9 836F690C 4 Bytes [8E, 78, 00, 92] .text ntkrnlpa.exe!KeSetEvent + 1D9 836F693C 4 Bytes [EC, 70, 00, 92] {IN AL, DX ; JO 0x3; XCHG EDX, EAX} .text ntkrnlpa.exe!KeSetEvent + 1E9 836F694C 4 Bytes [CE, 6D, 00, 92] .text ntkrnlpa.exe!KeSetEvent + 215 836F6978 4 Bytes [38, 89, 00, 92] .text ntkrnlpa.exe!KeSetEvent + 2D5 836F6A38 4 Bytes [D8, 6E, 00, 92] {FSUBR DWORD [ESI+0x0]; XCHG EDX, EAX} .text ... PAGE ntkrnlpa.exe!ZwLoadDriver 837B5DF0 7 Bytes JMP 9209B460 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8382128F 5 Bytes JMP 920974BA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!ObInsertObject 8387A063 5 Bytes JMP 92098972 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!NtCreateSection 8387B905 7 Bytes JMP 9209B326 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 838DB90A 7 Bytes JMP 9209B502 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ? System32\Drivers\spao.sys Le chemin d'accès spécifié est introuvable. ! .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8BF4F480, 0x3C939, 0xE8000020] .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8BF90900, 0x3CA, 0x48000040] .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x90010000, 0x1FB0FA, 0xE8000020] .text USBPORT.SYS!DllUnload 8FCD041B 5 Bytes JMP 884C9280 ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8068F6D6] \SystemRoot\System32\Drivers\spao.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8068F042] \SystemRoot\System32\Drivers\spao.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8068F800] \SystemRoot\System32\Drivers\spao.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8068F0C0] \SystemRoot\System32\Drivers\spao.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8068F13E] \SystemRoot\System32\Drivers\spao.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8069EB90] \SystemRoot\System32\Drivers\spao.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\system32\services.exe[880] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00130002 IAT C:\Windows\system32\services.exe[880] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00130000 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software) Device \FileSystem\Ntfs \Ntfs 86B211F8 AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF dynamique/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF dynamique/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl 86B1C1F8 Device \Driver\usbuhci \Device\USBPDO-0 884C41F8 Device \Driver\usbuhci \Device\USBPDO-1 884C41F8 Device \Driver\usbehci \Device\USBPDO-2 884D01F8 Device \Driver\usbuhci \Device\USBPDO-3 884C41F8 Device \Driver\usbuhci \Device\USBPDO-4 884C41F8 AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\usbuhci \Device\USBPDO-5 884C41F8 Device \Driver\usbuhci \Device\USBPDO-6 884C41F8 Device \Driver\volmgr \Device\HarddiskVolume1 86B1C1F8 Device \Driver\usbehci \Device\USBPDO-7 884D01F8 Device \Driver\volmgr \Device\HarddiskVolume2 86B1C1F8 Device \Driver\cdrom \Device\CdRom0 884EA1F8 Device \Driver\iaStor \Device\Ide\iaStor0 [8B8CBEB0] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [8B8CBEB0] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 [8B8CBEB0] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\volmgr \Device\HarddiskVolume3 86B1C1F8 Device \Driver\netbt \Device\NetBT_Tcpip_{3C5AFE31-25E5-4D28-8AD6-2006B2E2CF4D} 911CE500 Device \Driver\netbt \Device\NetBt_Wins_Export 911CE500 Device \Driver\netbt \Device\NetBT_Tcpip_{48858613-D22F-4DC3-ABDB-F5F6721FE618} 911CE500 Device \Driver\Smb \Device\NetbiosSmb 911E3500 Device \Driver\netbt \Device\NetBT_Tcpip_{09C110BA-0B77-4453-9240-522CC83C5F8E} 911CE500 Device \Driver\iScsiPrt \Device\RaidPort0 885CF1F8 AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\usbuhci \Device\USBFDO-0 884C41F8 Device \Driver\usbuhci \Device\USBFDO-1 884C41F8 Device \Driver\usbehci \Device\USBFDO-2 884D01F8 Device \Driver\usbuhci \Device\USBFDO-3 884C41F8 Device \Driver\usbuhci \Device\USBFDO-4 884C41F8 Device \Driver\usbuhci \Device\USBFDO-5 884C41F8 Device \Driver\usbuhci \Device\USBFDO-6 884C41F8 Device \Driver\usbehci \Device\USBFDO-7 884D01F8 Device \FileSystem\cdfs \Cdfs 940B0500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF8 0x4A 0x38 0x65 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x62 0x35 0x48 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x5E 0x00 0x8C 0xD5 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0xA9 0x9A 0xD8 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x1D 0x3D 0x99 0xFF ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF8 0x4A 0x38 0x65 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... ---- EOF - GMER 1.0.15 ----
