Spam, DLL, Win32 prob.

Résolu

iyad2009 -
Utilisateur anonyme - 26 janv. 2011 à 07:33

Bonjour tout le monde,

Recement jai eu un prob. avec mon ordinateur, infecté par un fameux systemesecurity2011 Spam. Bref, j'ai réussi à l'effacer avec de l'aide des logiciels antispam, SuperAntiSpam, Uniblue qui fixe les probleme de registre. Mais j'ai remarqué toujours des bobos, le systeme est plus lent. IE gele avec probleme win32 sur l'ecran.

" erreur .dll qui apparaissent egalement lors du redemarrage de mon ordinateur :
mtonbd40.dll & obekihevatepinuk.dll
Malgré que j'ai acheté le loficiel Uniblue Registry Booster mais les prob. persistent toujours.

Alors avant de passer au formatage, j'ai besoin votre aide si quelqu'un à une meilleur vision pour ce probleme.

Merci en avance

Afficher la suite

A voir également:

Spam, DLL, Win32 prob.
Spam messenger - Guide
Puadimanager win32/offercore ✓ - Forum Virus
Messagerie le bon coin bloquée par spam ✓ - Forum Consommation & Internet
Spam whatsapp - Accueil - Messagerie instantanée
Advapi32.dll ccleaner - Forum Windows 7

21 réponses

Réponse 1 / 21

Utilisateur anonyme

bonsoir,
suis ces opérations dans l'ordre :

* Télécharge sur le bureau RogueKiller (par tigzy)
https://www.luanagames.com/index.fr.html
* Quitte tous tes programmes en cours
* Lance RogueKiller.exe.
* Sous Vista/Seven, clique droit, lancer en tant qu'administrateur
tu n'as qu'à cliquer dessus ou les lancer!
* "Si rogueKiller te demande pour le proxy, tape 1"
* Lorsque demandé, tape 2 et valide
* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.

Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

ou ici :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

/!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »

. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Réponse 2 / 21

iyad2009

Merci Electricien pour ta réponse,

*** J'ai efféctué les tests en SAFE mode, j'espère que ca n'affecte pas ces testes.

Voici le 1er rapport
====================
RogueKiller V3.8.1 by Tigzy
contact at https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.luanagames.com/index.fr.html

Operating System: Windows XP (5.1.2600 Service Pack 3) version 32 bits
User: Admin
Mode: Scan -- Time : 24/01/2011 13:27:12

Bad processes:

Found:
HKCR\CLSID\...\InprocServer32: C:\WINDOWS\System32\wbem\wbemcore.dll

Fichier HOSTS:

Finished

====================

Voic le 2eme
==========
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5590

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

24/01/2011 2:29:22 PM
mbam-log-2011-01-24 (14-29-22).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 345230
Temps écoulé: 52 minute(s), 5 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\WINDOWS\system32\config\systemprofile\start menu\Programs\total security (Rogue.TotalSecurity) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\WINDOWS\system32\ljkjjk.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\documents and settings\ahmad\application data\Adobe\plugs\KB460671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\Desktop\total security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\start menu\Programs\total security\total security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.

==========

Merci encore une fois

Réponse 3 / 21

Utilisateur anonyme

ce qui me semblait, il y a un rogue sur ton pc !

relance MBAM, vide sa quarantaine seulement,

* Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Réponse 4 / 21

iyad2009

Salut Elec,

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 21

iyad2009

désolé mais je n'arrive pas à repondre avec le rapport coller en bas de ma reponse
Ni au niveau des 3 liens mentionné dans ton message
ca donne toujours soit probleme de connexion (malgré que je suis bien connecté)
et sur le 3eme lien ca donne :

Progression : % ( / )
Débit :
Temps restant estimé :
Temps écoulé :

mais rien ne bouge

autre suggestions ?

iyad2009

et finalement, j'ai trouvé un truc, je l'ai zipé ;)

voici le lien :
http://ww38.toofiles.com/fr/oip/documents/zip/6166_zhpdiag.html

a+

Réponse 6 / 21

Utilisateur anonyme

bonsoir,
rapport reçu :-)

* Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
Copie/colle les lignes suivantes en gras et place les dans ZHPFix :

----------------------------------------------------------

O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe

----------------------------------------------------------

- Clique sur « Tous », puis sur « Nettoyer »
- Copie/colle la totalité du rapport dans ta prochaine réponse
Tuto :
http://www.premiumorange.com/zeb-help-process/zhpfix.html

* Télécharge TDSSKiller sur ton bureau :

https://support.kaspersky.com/downloads/utils/tdsskiller.exe

* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

* Clique sur [Start Scan] pour démarrer l'analyse.

* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

* Un rapport s'ouvrira au redémarrage du PC.

* Copie/Colle son contenu dans ta prochaine réponse.

Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.

Réponse 7 / 21

iyad2009

Bonjour, et voila la 1er rapport

Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010
Fichier d'export Registre : C:\ZHPExportRegistry-25-01-2011-12-33-53 PM.txt
Run by ahmad at 25/01/2011 12:33:53 PM
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Registry Key ==========
O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry Key removed successfully
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Registry Key removed successfully
[HKCR\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Registry Key removed successfully

========== Registry Value ==========
O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry key value removed successfully
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Registry key value removed successfully
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Registry key value not found

========== Registry Data Items ==========
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry key value data not removed

========== File ==========
c:\program files\vshare\vshare_toolbar.dll => Quarantined and Deleted successfully

========== Summary ==========
3 : Registry Key
3 : Registry Value
1 : Registry Data Items
1 : File

End of the scan

Réponse 8 / 21

iyad2009

et le deuxieme :

2011/01/25 12:38:05.0484 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
2011/01/25 12:38:05.0484 ================================================================================
2011/01/25 12:38:05.0484 SystemInfo:
2011/01/25 12:38:05.0484
2011/01/25 12:38:05.0484 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/25 12:38:05.0484 Product type: Workstation
2011/01/25 12:38:05.0484 ComputerName: AZM
2011/01/25 12:38:05.0484 UserName: ahmad
2011/01/25 12:38:05.0484 Windows directory: C:\WINDOWS
2011/01/25 12:38:05.0484 System windows directory: C:\WINDOWS
2011/01/25 12:38:05.0484 Processor architecture: Intel x86
2011/01/25 12:38:05.0484 Number of processors: 2
2011/01/25 12:38:05.0484 Page size: 0x1000
2011/01/25 12:38:05.0484 Boot type: Normal boot
2011/01/25 12:38:05.0484 ================================================================================
2011/01/25 12:38:06.0140 Initialize success
2011/01/25 12:38:07.0906 ================================================================================
2011/01/25 12:38:07.0906 Scan started
2011/01/25 12:38:07.0906 Mode: Manual;
2011/01/25 12:38:07.0906 ================================================================================
2011/01/25 12:38:13.0109 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/25 12:38:13.0406 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/01/25 12:38:13.0703 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/25 12:38:13.0828 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
2011/01/25 12:38:13.0984 AgereSoftModem (052343cd49c8da20c48958cfe73c7d44) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/01/25 12:38:14.0562 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2011/01/25 12:38:14.0687 ALCXWDM (4dd2c10fc6434fedcb7c71fbdc1f107a) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/01/25 12:38:14.0921 ApfiltrService (69b381c46330f7ac497c33cb135060c1) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/01/25 12:38:15.0328 AR5211 (32bf9185a7dc622c00791113d5568662) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2011/01/25 12:38:15.0421 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/01/25 12:38:15.0656 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/25 12:38:15.0750 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/25 12:38:15.0890 ati2mtag (05e891b470f869866b38cb9ce1e39a16) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/01/25 12:38:16.0531 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/25 12:38:16.0671 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/25 12:38:16.0781 Avgfwdx (0c5941af0b6bf2fdf378937392865217) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
2011/01/25 12:38:16.0828 Avgfwfd (0c5941af0b6bf2fdf378937392865217) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
2011/01/25 12:38:16.0921 AVGIDSDriver (0c61f066f4d94bd67063dc6691935143) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
2011/01/25 12:38:17.0156 AVGIDSEH (84853f800cd69252c3c764fe50d0346f) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
2011/01/25 12:38:17.0218 AVGIDSFilter (28d6adcd03e10f3838488b9b5d407dd4) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
2011/01/25 12:38:17.0296 AVGIDSShim (0eb16f4dbbb946360af30d2b13a52d1d) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
2011/01/25 12:38:17.0359 Avgldx86 (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
2011/01/25 12:38:17.0437 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
2011/01/25 12:38:17.0703 Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
2011/01/25 12:38:17.0781 Avgtdix (660788ec46f10ece80274d564fa8b4aa) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
2011/01/25 12:38:17.0906 b57w2k (b9391a83f075351c923c3a37c53af396) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/01/25 12:38:18.0921 BatteryChecker (2e76e2a479259a6054d3e5621e2c8ac2) C:\WINDOWS\system32\Drivers\BtryChkr.sys
2011/01/25 12:38:19.0546 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/25 12:38:19.0703 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/01/25 12:38:19.0750 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/01/25 12:38:19.0890 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
2011/01/25 12:38:20.0250 BsStor (e44e9b8db06148f82d54a4a03f8e40a1) C:\WINDOWS\system32\drivers\BsStor.sys
2011/01/25 12:38:20.0468 BsUDF (8ead370116b3e18a8478b327f2aa22f7) C:\WINDOWS\system32\drivers\BsUDF.sys
2011/01/25 12:38:20.0781 caboagp (906fcf0d1dc5b573015bbd21ef54bd88) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys
2011/01/25 12:38:21.0265 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/25 12:38:21.0656 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/01/25 12:38:21.0828 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/25 12:38:21.0921 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/25 12:38:21.0984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/25 12:38:22.0109 CDRPDACC (f4dd5641576334e4eeabfe50b065e572) D:\Program Files\Platinum\Shared\CDRPDACC.SYS
2011/01/25 12:38:22.0531 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/01/25 12:38:22.0640 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/01/25 12:38:22.0828 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
2011/01/25 12:38:23.0078 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
2011/01/25 12:38:23.0312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/25 12:38:23.0375 DKbFltr (81bb67653a68db2a71702849d40697a4) C:\WINDOWS\system32\Drivers\DKbFltr.sys
2011/01/25 12:38:23.0609 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/25 12:38:23.0890 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/25 12:38:24.0046 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/25 12:38:24.0109 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/25 12:38:24.0218 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/25 12:38:24.0312 EPOWER (0b07768ae046f9ed6a75e5bc75660828) C:\WINDOWS\system32\Drivers\hkdrv.sys
2011/01/25 12:38:24.0671 EPPSCSIx (2dedff09f97f50ac1adadd64a1ec98f2) C:\WINDOWS\system32\DRIVERS\EPPSCAN.sys
2011/01/25 12:38:25.0000 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/25 12:38:25.0171 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/25 12:38:25.0281 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/25 12:38:25.0343 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/25 12:38:25.0468 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/25 12:38:26.0125 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/25 12:38:27.0093 FTDIBUS (47b9cf937ac479046da289bd5a769ce9) C:\WINDOWS\system32\drivers\ftdibus.sys
2011/01/25 12:38:27.0359 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/25 12:38:27.0437 FTSER2K (216b9a2191676034999785c7f94fa5d6) C:\WINDOWS\system32\drivers\ftser2k.sys
2011/01/25 12:38:27.0640 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/01/25 12:38:27.0718 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
2011/01/25 12:38:28.0062 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/25 12:38:28.0281 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/25 12:38:28.0500 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/25 12:38:28.0984 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/25 12:38:29.0078 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/25 12:38:29.0343 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/25 12:38:29.0437 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/25 12:38:29.0734 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/25 12:38:29.0984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/25 12:38:30.0218 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/25 12:38:30.0296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/25 12:38:30.0375 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/01/25 12:38:30.0546 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/25 12:38:30.0640 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/25 12:38:30.0765 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/25 12:38:31.0046 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/25 12:38:31.0218 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/25 12:38:31.0437 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
2011/01/25 12:38:31.0656 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/01/25 12:38:31.0906 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/01/25 12:38:32.0093 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
2011/01/25 12:38:32.0265 MDC8021X (4fe6172e2fa816c6f55b31e99784fc33) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
2011/01/25 12:38:32.0531 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/25 12:38:32.0718 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/25 12:38:32.0781 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/25 12:38:32.0859 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/25 12:38:32.0937 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/25 12:38:33.0000 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/01/25 12:38:33.0359 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/25 12:38:33.0468 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/25 12:38:33.0578 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/25 12:38:33.0796 MSIRCOMM (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
2011/01/25 12:38:33.0984 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/25 12:38:34.0046 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/25 12:38:34.0093 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/25 12:38:34.0187 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/25 12:38:34.0296 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/01/25 12:38:34.0437 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/25 12:38:34.0593 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/01/25 12:38:34.0859 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/25 12:38:34.0968 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/01/25 12:38:35.0062 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/25 12:38:35.0203 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/25 12:38:35.0265 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/25 12:38:35.0484 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/25 12:38:35.0546 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/25 12:38:35.0671 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/25 12:38:35.0828 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
2011/01/25 12:38:36.0171 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/01/25 12:38:36.0312 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys
2011/01/25 12:38:36.0531 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys
2011/01/25 12:38:36.0781 nmwcdcj (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcj.sys
2011/01/25 12:38:36.0906 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys
2011/01/25 12:38:36.0968 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/25 12:38:37.0156 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/25 12:38:37.0421 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/25 12:38:37.0515 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/25 12:38:37.0640 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/25 12:38:37.0734 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/01/25 12:38:37.0875 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/25 12:38:38.0125 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/25 12:38:38.0187 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/25 12:38:38.0359 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/25 12:38:38.0468 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/25 12:38:38.0609 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/01/25 12:38:38.0843 Pcouffin (62c72e912a04aa927d9eaf9a0b157aaf) C:\WINDOWS\system32\Drivers\Pcouffin.sys
2011/01/25 12:38:39.0203 pepifilter (b20f958b207e6aaac5f70d04dd2c30d8) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/01/25 12:38:39.0546 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
2011/01/25 12:38:39.0906 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/25 12:38:40.0031 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/01/25 12:38:40.0109 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/25 12:38:40.0187 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/25 12:38:40.0484 PxHelp20 (352cf968df88760fef225c3fbe7184a7) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2011/01/25 12:38:40.0796 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/25 12:38:40.0890 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/01/25 12:38:41.0296 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/25 12:38:41.0359 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/25 12:38:41.0437 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/25 12:38:41.0546 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/25 12:38:41.0890 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/25 12:38:42.0546 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/01/25 12:38:42.0750 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/25 12:38:43.0156 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/25 12:38:43.0343 RTL8023 (29f9879a1fd386f7251ae9fdadb2cbf1) C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys
2011/01/25 12:38:43.0406 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/01/25 12:38:43.0625 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) D:\Program Files\spybotsearchanddestry\SASDIFSV.SYS
2011/01/25 12:38:43.0718 SASKUTIL (61db0d0756a99506207fd724e3692b25) D:\Program Files\spybotsearchanddestry\SASKUTIL.SYS
2011/01/25 12:38:44.0125 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/01/25 12:38:44.0171 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/25 12:38:44.0343 Ser2pl (b490ad520257dda26c1d587a71e527b5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
2011/01/25 12:38:44.0734 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/25 12:38:44.0812 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/01/25 12:38:44.0906 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/01/25 12:38:44.0968 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/01/25 12:38:45.0187 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/25 12:38:45.0390 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/01/25 12:38:45.0671 SMCIRDA (f5fec5b4b985fbf81927844e75dd5bd1) C:\WINDOWS\system32\DRIVERS\smcirda.sys
2011/01/25 12:38:46.0015 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/01/25 12:38:46.0265 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/25 12:38:46.0390 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/25 12:38:46.0828 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/25 12:38:46.0953 SrvcEKIOMngr (970019198659034220ef39a9fc2bc3f6) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
2011/01/25 12:38:47.0203 SrvcEPIOMngr (6f6b70e24080b663c805ecf7cf4b66d9) C:\WINDOWS\system32\Drivers\EPIoMngr.sys
2011/01/25 12:38:47.0359 SrvcSSIOMngr (5ec69165a76042ddc1f0b81a0bf296c1) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
2011/01/25 12:38:47.0500 SrvcTPIOMngr (4b00a4572f8c793e4918be9032491917) C:\WINDOWS\system32\Drivers\TPIoMngr.sys
2011/01/25 12:38:47.0671 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/01/25 12:38:47.0890 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/25 12:38:48.0093 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/25 12:38:48.0515 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/25 12:38:48.0828 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/25 12:38:49.0171 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/25 12:38:49.0343 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/25 12:38:49.0468 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/25 12:38:49.0796 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/25 12:38:50.0203 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/25 12:38:51.0250 USB28xxBGA (9477298f1acc08292ebd3869193de489) C:\WINDOWS\system32\DRIVERS\emBDA.sys
2011/01/25 12:38:51.0765 USB28xxOEM (408a7bf7752a7b559ea80a3a6337878d) C:\WINDOWS\system32\DRIVERS\emOEM.sys
2011/01/25 12:38:52.0156 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/01/25 12:38:52.0406 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/01/25 12:38:52.0515 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/25 12:38:52.0656 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/25 12:38:52.0984 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/25 12:38:53.0156 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/01/25 12:38:53.0296 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/01/25 12:38:53.0437 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/25 12:38:53.0890 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/25 12:38:54.0078 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/25 12:38:54.0265 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/25 12:38:54.0781 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/25 12:38:55.0015 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/25 12:38:55.0625 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/01/25 12:38:56.0000 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/01/25 12:38:56.0140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/01/25 12:38:56.0468 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/01/25 12:38:57.0031 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/01/25 12:38:57.0046 ================================================================================
2011/01/25 12:38:57.0046 Scan finished
2011/01/25 12:38:57.0046 ================================================================================
2011/01/25 12:38:57.0093 Detected object count: 1
2011/01/25 12:39:04.0281 \HardDisk0 - will be cured after reboot
2011/01/25 12:39:04.0281 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/01/25 12:39:28.0078 Deinitialize success

Réponse 9 / 21

Utilisateur anonyme

super:-)

redemarre ton pc,

repasse un autrezhpdiag tout frais :P

fais comme tu l'as faite pour que je vois le rapport, compressé ou non;-)

Réponse 10 / 21

iyad2009

et voila,

Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010
Run by ahmad at 25/01/2011 1:09:04 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023.0 MB (20% free)
System drive C: has 2 GB (8%) free of 20 GB

---\\ Logged in mode
Computer Name: AZM
User Name: ahmad
All Users Names: SUPPORT_388945a0, LogMeInRemoteUser, HelpAssistant, Guest, ahmad, Administrator,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 55 Go)
E:\ CD-ROM drive (Free 0 Go of 3 Go)
F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Search Generic System Files
[MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows Explorer.) (.14/04/2008 5:42:20 AM.) -- C:\Windows\Explorer.exe [1033728]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.14/04/2008 5:42:40 AM.) -- C:\Windows\System32\Winlogon.exe [507904]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 12:10:32 AM.) -- C:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 12:45:54 AM.) -- C:\Windows\System32\drivers\ntfs.sys [574976]

---\\ Running Processes
[MD5.4ABB39045C597B358334B16F6483F60A] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Ati2evxx.exe [397312]
[MD5.65010AEDF6217A0568226AFD0BC8A288] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
[MD5.DAB3F0E885C1011D87F14F2FD1850EDC] - (.AVG - PC Tuneup 2011.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [749384]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.9698E78329BBA262F7C931A85B02BE5D] - (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [450560]
[MD5.B8E684DF9A97497EDD2F87444A6307FB] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269]
[MD5.E840A9AEA5D59A5E9C1C4F1AB24D197A] - (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe [141608]
[MD5.4719ED2A9E1F0FF37BC3FC1999F4FFC4] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe [2747744]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.C9989C1C9EEDE0F71C024F549E9C68E1] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872]
[MD5.A7A0ED26C68892135F23F4D4F176E2E3] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536]
[MD5.7B9E9A8C71C77DD03CF97FA7C996C3C9] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe [2424560]
[MD5.1964BD18D97745FAFEF098B5CA66DE4C] - (.Atheros Communications, Inc. - Atheros Client Utility.) -- C:\Program Files\Atheros\ACU.exe [1343488]
[MD5.0CCE84F6F693478A769BFC1E993CBF67] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe [737872]
[MD5.2E3E53A6AEF23E24F402C7855B9B1542] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144176]
[MD5.18EDC2F3076D32C6C6B98F11EB85D2CB] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files\AVG\AVG10\avgfws.exe [3226632]
[MD5.4AF61A15B3614FEF25FE93EA2FABD620] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe [265400]
[MD5.5AB58C337AC65837FE404462AD6265AB] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.EDFB15C5AF45B381277E6A275680C81D] - (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) -- C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe [36973]
[MD5.F7945E2D5767485C960403DD7FF5033D] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [28672]
[MD5.E731921DB2E17DCD3DB472FAD5549C57] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.1D28B53C50CC57062692862B8E083020] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904]
[MD5.5A9679D184A408982D5F0BD79874B44F] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [150040]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.ED6235C93981D8658FA433092A809303] - (.Memeo - MemeoBackgroundService.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824]
[MD5.B4139011FADDBDAE615961548E75E5C5] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [7520337]
[MD5.8E757A20B2267AA38B09BA718CEBD13C] - (.DataFocus, Inc. - NuTCRACKER Service.) -- C:\WINDOWS\System32\nutsrv4.exe [277272]
[MD5.A1A36682DF22777834E1C37F3C79AEC2] - (.WDC - WD Drive Manager Service.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400]
[MD5.668056D5C3C11AB7D266819A96B964E8] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\system32\MsPMSPSv.exe [53248]
[MD5.F4F5FD5B414AD2F9AD72CB97D64B5D30] - (.AVG Technologies CZ, s.r.o. - AVG Alert Manager.) -- C:\Program Files\AVG\AVG10\avgam.exe [745824]
[MD5.288778D9E2D1C7E8A5DBD5C6DB8046B0] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [6128720]
[MD5.7E6741A17CFDCD700DA5B6EC624F83B3] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG10\avgnsx.exe [1084256]
[MD5.F92048E22CB392BBC3C38EF393C0E4A6] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]
[MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]
[MD5.79D4CCA7D30DDADCD0BACEBE7215C2AD] - (.Skype Technologies S.A. - SkypeNames.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe [234792]

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Unknown owner - No comment.) -- D:\Program Files\itunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2027] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2088] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1040] - (.RealNetworks, Inc. - 6.0.12.1040.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

---\\ Internet Explorer Extensions, Start, Search (R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ca/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [WD Drive Manager] . (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [WD Anywhere Backup] . (.Memeo Inc. - Memeo AutoBackup Launcher.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTimes\qttask.exe
O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.)
O4 - HKLM\..\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [ATIModeChange] . (.ATI Technologies, Inc. - ATI 2D Mode component.) -- C:\Windows\System32\Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Atheros Client Utility.lnk . (.Atheros Communications, Inc..) -- C:\Program Files\Atheros\ACU.exe

---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inscription de Toshiba.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\OOBE\msoobe.exe

---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Unknown owner - No comment.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} () - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} () - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} () - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} () - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Extra protocols and protocol Hijackers (O18)
O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll

---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- D:\Program Files\spybotsearchanddestry\SASWINLO.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Unknown owner - No comment.) -- WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll

---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.Unknown owner - No comment.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG IDS application.) - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (CeEPwrSvc) . (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
O23 - Service: (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: (MemeoBackgroundService) . (.Memeo - MemeoBackgroundService.) - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
O23 - Service: (NuTCRACKERService) . (.DataFocus, Inc. - NuTCRACKER Service.) - C:\WINDOWS\System32\nutsrv4.exe
O23 - Service: (WDBtnMgrSvc.exe) . (.WDC - WD Drive Manager Service.) - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/ahmad/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: My Current Home Page - file:About:Home
O24 - Default MHTML Editor: Last - .(.Unknown owner - No comment.) - "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)

---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
[MD5.DAB3F0E885C1011D87F14F2FD1850EDC] [APT] [AVG PC Tuneup 2011 Integrator Start On Windows Logon] (.AVG.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
[MD5.65010AEDF6217A0568226AFD0BC8A288] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe

---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Macromedia Shockwave Director 9.0 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\macromed\Director\SwDir.dll
O40 - ASIC: Adobe Shockwave Director 10.2 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\wmp10.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx

---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx86.sys
O41 - Driver: (Avgmfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx86.sys
O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdix.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - D:\Program Files\spybotsearchanddestry\SASDIFSV.sys
O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - D:\Program Files\spybotsearchanddestry\SASKUTIL.sys
O41 - Driver: (SrvcEKIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EKIoMngr.sys
O41 - Driver: (SrvcEPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EPIoMngr.sys
O41 - Driver: (SrvcSSIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\SSIoMngr.sys
O41 - Driver: (SrvcTPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\TPIoMngr.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: VGA Display Controller. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

---\\ Software installed (O42)
O42 - Logiciel: ATI - Software Uninstall Utility - (.Unknown owner.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Control Panel - (.Unknown owner.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- AVG
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {04E7A3BB-DB38-481C-A809-35FA60C78EDF}
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {F4C68898-EBA5-46A9-82B3-2D30426086BF}
O42 - Logiciel: AVG PC Tuneup 2011 - (.AVG.) [HKLM] -- {50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.2 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A92000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {B2D328BE-45AD-4D92-96F9-2151490A203E}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {85991ED2-010C-4930-96FA-52F43C2CE98A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0CB9668D-F979-4F31-B8B8-67FE90F929F8}
O42 - Logiciel: Brother MFL-Pro Suite - (.Unknown owner.) [HKLM] -- {D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
O42 - Logiciel: Data Lifeguard Diagnostic for Windows - (.Western Digital Corporation.) [HKLM] -- {E40CE517-0D42-4198-96B4-C8232B257EB5}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: InterVideo FilterSDK for Hauppauge - (.InterVideo Inc..) [HKLM] -- {2227E1FA-01F5-483C-AB0E-2A308E900B3D}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150010}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Live Global Bid Bid Control Kit Setup - (.Unknown owner.) [HKLM] -- Live Global Bid Bid Control Kit Setup
O42 - Logiciel: Logitech High Quality Video - (.Logitech, Inc..) [HKLM] -- {281D28EC-1357-4778-B2D7-DEA56D70EF96}
O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {6444D9D9-CD6C-4464-B970-55C606C944DC}
O42 - Logiciel: Logitech Updater - (.Logitech, Inc..) [HKLM] -- {53735ECE-E461-4FD0-B742-23A352436D3A}
O42 - Logiciel: Logitech Webcam Software Driver Package - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {90110409-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: MiraScan V3.42 - (.Unknown owner.) [HKCU] -- MiraScan V3.42
O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Unknown owner.) [HKCU] -- Octoshape add-in for Adobe Flash Player
O42 - Logiciel: PaperPort - (.ScanSoft, Inc..) [HKLM] -- {A17EABB6-D0C6-44E5-820C-72DC7F495064}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {1A9E151D-05DD-4937-9FDB-82B7140734A5}
O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {F22B6F59-D6A5-4FA1-A913-D821A9F53DD6}
O42 - Logiciel: Realtek AC'97 Audio - (.Unknown owner.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: TOSHIBA ConfigFree - (.Unknown owner.) [HKLM] -- {BDD83DC9-BEE9-4654-A5DA-CC46C250088D}
O42 - Logiciel: TOSHIBA PC Diagnostic Tool - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV
O42 - Logiciel: WD Anywhere Backup - (.Memeo Inc..) [HKLM] -- {68131B0A-D78D-4aed-B74E-33A6C7324E50}
O42 - Logiciel: WD Drive Manager (x86) - (.Western Digital.) [HKLM] -- {CCD04643-5246-48AC-9D8C-F43A37BB8F36}
O42 - Logiciel: WinRAR archiver - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {F6BD194C-4190-4D73-B1B1-C48C99921BFE}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {A85FD55B-891B-4314-97A5-EA96C0BD80B5}
O42 - Logiciel: Windows Live Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9422C8EA-B0C6-4197-B8FC-DC797658CA00}
O42 - Logiciel: Windows Live Upload Tool - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}
O42 - Logiciel: vShare Plugin - (.Unknown owner.) [HKLM] -- vShare

---\\ HKCU & HKLM Software Keys
[HKCU\Software\321Studios]
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVG]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AntiVirus System 2011]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Ariadne Genomics]
[HKCU\Software\Arrowkey]
[HKCU\Software\Atari]
[HKCU\Software\Atheros]
[HKCU\Software\Aurigma]
[HKCU\Software\Auslogics]
[HKCU\Software\BCL Technologies]
[HKCU\Software\BasicScript Program Settings]
[HKCU\Software\Bogosoft]
[HKCU\Software\Brother]
[HKCU\Software\CDDB]
[HKCU\Software\COMPAL]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Colubris Networks]
[HKCU\Software\Conduit]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\D2]
[HKCU\Software\DVD X Copy Platinum]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Drag'n Drop CD+DVD]
[HKCU\Software\Elecard]
[HKCU\Software\Electronic Arts]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hauppauge]
[HKCU\Software\HubTech]
[HKCU\Software\IM Providers]
[HKCU\Software\IZSoftware]
[HKCU\Software\InterTrust]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\KMPlayer]
[HKCU\Software\KasperskyLab]
[HKCU\Software\LGB]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Local Wall Application]
[HKCU\Software\LogMeIn]
[HKCU\Software\LogiShared]
[HKCU\Software\Logitech]
[HKCU\Software\LogoMedia]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (HCW)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Martin Prikryl]
[HKCU\Software\Mediachance]
[HKCU\Software\Meetstream]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\MultimediaPhoto]
[HKCU\Software\MyExplorer]
[HKCU\Software\Netscape]
[HKCU\Software\Nico Mak Computing]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\OPENTECH]
[HKCU\Software\Osprey]
[HKCU\Software\PCSuite]
[HKCU\Software\PIXELA]
[HKCU\Software\Pegasys Inc.]
[HKCU\Software\PepiMK Software]
[HKCU\Software\PictureMall]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PriceGong]
[HKCU\Software\Protein Lounge]
[HKCU\Software\RadialPoint]
[HKCU\Software\Rational Software]
[HKCU\Software\RealNetworks]
[HKCU\Software\Replay AV 8]
[HKCU\Software\SGooPE]
[HKCU\Software\SSH Communications Security]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\SWI]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\ScanSoft]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Smart Projects]
[HKCU\Software\SmartTweak]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sunbelt Software]
[HKCU\Software\Sysinternals]
[HKCU\Software\TOSHIBA]
[HKCU\Software\TVANTS]
[HKCU\Software\Trolltech]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Unlimited Possibilities]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Veetle]
[HKCU\Software\VicMan Software]
[HKCU\Software\Videotron]
[HKCU\Software\Viscom Software]
[HKCU\Software\Visioneer]
[HKCU\Software\Voice]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\WinZip Computing]
[HKCU\Software\Winamp]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ZipZag2]
[HKCU\Software\ZipZag]
[HKCU\Software\eBay]
[HKCU\Software\eFilm Medical]
[HKCU\Software\ej-technologies]
[HKCU\Software\mmtwn]
[HKCU\Software\roxio]
[HKCU\Software\uTorrent]
[HKCU\Software\vShare]
[HKLM\Software\15897034]
[HKLM\Software\321Studios]
[HKLM\Software\ACE Compression Software]
[HKLM\Software\ALPS]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMPing]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer Peripherals Inc.]
[HKLM\Software\Acudata]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Applian]
[HKLM\Software\Ariadne Genomics]
[HKLM\Software\Arrowkey]
[HKLM\Software\Atheros Communications]
[HKLM\Software\AviSynth]
[HKLM\Software\B.H.A]
[HKLM\Software\BCL Technologies]
[HKLM\Software\Brooktree]
[HKLM\Software\Brother]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\COMPAL]
[HKLM\Software\Chilkat Software, Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Colubris Networks]
[HKLM\Software\Conduit]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\D-Tools]
[HKLM\Software\DataFocus]
[HKLM\Software\Deckard]
[HKLM\Software\DigiOn Inc. and Easy Systems Japan Ltd.]
[HKLM\Software\Drag'n Drop CD+DVD]
[HKLM\Software\EA SPORTS]
[HKLM\Software\Easy Systems Japan Ltd.]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FLEXlm License Manager]
[HKLM\Software\FRISK Software International]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gemplus]
[HKLM\Software\Global IP Sound]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hauppauge]
[HKLM\Software\Horizon]
[HKLM\Software\IMSI]
[HKLM\Software\ISSS]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\IviSDK4Hauppauge]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\L&H]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\Link Data Security]
[HKLM\Software\Logitech]
[HKLM\Software\LogoMedia]
[HKLM\Software\Lucent]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Martin Prikryl]
[HKLM\Software\MicroQuill]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mortice Kern Systems]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nico Mak Computing]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\P!HDS8]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PCTools]
[HKLM\Software\PIXELA]
[HKLM\Software\PepiMK Software]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Prolific Technology INC]
[HKLM\Software\REALTEK Semiconductor Corp.]
[HKLM\Software\Radialpoint]
[HKLM\Software\Rational Software]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\RioPort]
[HKLM\Software\SGOOPE]
[HKLM\Software\SSH Communications Security]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\SWI]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Soeperman Enterprises Ltd.]
[HKLM\Software\Software PRO Technologies]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\TOSHIBA]
[HKLM\Software\Translation Engines]
[HKLM\Software\TrendMicro]
[HKLM\Software\USB2800]
[HKLM\Software\Ulead Systems]
[HKLM\Software\Uniblue]
[HKLM\Software\VSO]
[HKLM\Software\Veetle]
[HKLM\Software\Visioneer]
[HKLM\Software\Voice]
[HKLM\Software\WD]
[HKLM\Software\WebUpdate]
[HKLM\Software\Western Digital]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\WorldWinner.com]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\ZSMC]
[HKLM\Software\Zeon]
[HKLM\Software\Zone Labs]
[HKLM\Software\eFilm Medical]
[HKLM\Software\ej-technologies]
[HKLM\Software\mozilla.org]
[HKLM\Software\rtlsetn5]

---\\ Contents of the Common Files folders (O43)
O43 - CFD: 22/11/2009 - 11:03:16 PM ----D- C:\Program Files\Adobe
O43 - CFD: 04/01/2005 - 1:08:26 PM ----D- C:\Program Files\Apoint2K
O43 - CFD: 04/01/2009 - 10:05:14 PM ----D- C:\Program Files\Apple Software Update
O43 - CFD: 04/01/2005 - 1:05:46 PM ----D- C:\Program Files\Atheros
O43 - CFD: 19/04/2004 - 11:52:38 AM ----D- C:\Program Files\ATI Technologies
O43 - CFD: 20/01/2011 - 9:18:24 AM ----D- C:\Program Files\AVG
O43 - CFD: 23/07/2006 - 6:22:18 PM ----D- C:\Program Files\AVG Anti Virus
O43 - CFD: 20/04/2004 - 9:45:50 AM ----D- C:\Program Files\B's CLiP
O43 - CFD: 13/01/2011 - 11:08:02 AM ----D- C:\Program Files\Bonjour
O43 - CFD: 07/10/2008 - 10:55:10 PM ----D- C:\Program Files\Brother
O43 - CFD: 24/11/2004 - 12:18:34 PM ----D- C:\Program Files\Colubris Networks
O43 - CFD: 03/09/2010 - 10:14:56 AM ----D- C:\Program Files\Common Files
O43 - CFD: 18/09/2009 - 10:46:56 PM ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/01/2005 - 11:58:12 PM ----D- C:\Program Files\D-Tools
O43 - CFD: 20/04/2004 - 1:02:16 PM ----D- C:\Program Files\DataLode
O43 - CFD: 05/01/2005 - 11:57:26 PM ----D- C:\Program Files\Diamond
O43 - CFD: 13/06/2007 - 11:22:16 PM ----D- C:\Program Files\DIFX
O43 - CFD: 20/04/2004 - 9:49:18 AM ----D- C:\Program Files\Drag'n Drop CD+DVD
O43 - CFD: 14/01/2011 - 10:39:16 AM ----D- C:\Program Files\DriverBoost
O43 - CFD: 23/11/2006 - 9:40:46 PM ----D- C:\Program Files\DssEvolution.com
O43 - CFD: 20/04/2004 - 9:56:04 AM ----D- C:\Program Files\DVD-RAM
O43 - CFD: 04/01/2005 - 1:01:28 PM ----D- C:\Program Files\EzButton
O43 - CFD: 25/11/2004 - 12:31:40 PM ----D- C:\Program Files\Fichiers communs
O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
O43 - CFD: 24/11/2004 - 1:38:02 PM ----D- C:\Program Files\FSI
O43 - CFD: 19/07/2010 - 5:20:50 PM ----D- C:\Program Files\Google
O43 - CFD: 19/01/2011 - 11:50:58 AM --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 21/01/2011 - 10:06:24 AM ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/04/2004 - 11:21:30 AM ----D- C:\Program Files\InterVideo
O43 - CFD: 13/01/2011 - 11:09:18 AM ----D- C:\Program Files\iPod
O43 - CFD: 20/01/2011 - 8:42:56 AM ----D- C:\Program Files\Java
O43 - CFD: 12/10/2008 - 5:28:12 PM ----D- C:\Program Files\Logitech
O43 - CFD: 04/01/2005 - 1:02:36 PM ----D- C:\Program Files\ltmoh
O43 - CFD: 24/01/2011 - 2:34:18 PM ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 21/01/2011 - 10:08:10 AM ----D- C:\Program Files\Messenger
O43 - CFD: 24/11/2004 - 2:39:16 PM ----D- C:\Program Files\Metrowerks
O43 - CFD: 20/03/2010 - 6:27:16 PM ----D- C:\Program Files\Microsoft
O43 - CFD: 25/11/2004 - 12:32:48 PM ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD: 17/10/2008 - 12:20:02 PM ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 24/11/2004 - 3:17:12 PM ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 17/01/2011 - 7:46:20 AM ----D- C:\Program Files\Microsoft Office
O43 - CFD: 04/02/2005 - 5:20:42 PM ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 04/01/2005 - 1:50:54 PM ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 04/01/2005 - 1:51:10 PM ----D- C:\Program Files\Microsoft Works
O43 - CFD: 25/11/2004 - 12:33:00 PM ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
O43 - CFD: 21/01/2011 - 10:06:20 AM ----D- C:\Program Files\Movie Maker
O43 - CFD: 20/01/2011 - 9:07:22 AM ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 16/08/2009 - 8:11:10 AM ----D- C:\Program Files\MSBuild
O43 - CFD: 17/01/2011 - 7:45:56 AM ----D- C:\Program Files\MSECache
O43 - CFD: 16/04/2004 - 3:47:08 PM ----D- C:\Program Files\MSN
O43 - CFD: 16/04/2004 - 3:43:08 PM ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 15/06/2007 - 4:46:50 PM ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 16/08/2009 - 2:06:44 AM ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 21/01/2011 - 9:54:56 AM ----D- C:\Program Files\NetMeeting
O43 - CFD: 20/01/2011 - 10:14:12 AM ----D- C:\Program Files\Nokia
O43 - CFD: 09/10/2009 - 6:14:06 PM ----D- C:\Program Files\NOS
O43 - CFD: 04/01/2005 - 12:21:30 PM ----D- C:\Program Files\Online Services
O43 - CFD: 21/01/2011 - 10:30:00 AM ----D- C:\Program Files\Outlook Express
O43 - CFD: 13/06/2007 - 11:21:40 PM ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 19/07/2010 - 6:06:12 PM ----D- C:\Program Files\QuickTime
O43 - CFD: 24/11/2004 - 3:04:22 PM ----D- C:\Program Files\Real
O43 - CFD: 16/08/2009 - 8:11:08 AM ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 07/10/2008 - 10:53:18 PM ----D- C:\Program Files\ScanSoft
O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)
O43 - CFD: 03/09/2010 - 10:15:24 AM R---D- C:\Program Files\Skype
O43 - CFD: 10/06/2007 - 7:13:18 PM ----D- C:\Program Files\Sony
O43 - CFD: 25/01/2005 - 5:11:06 PM ----D- C:\Program Files\SWIProlog
O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
O43 - CFD: 04/02/2005 - 2:26:28 PM ----D- C:\Program Files\The KMPlayer
O43 - CFD: 19/01/2011 - 12:21:44 PM ----D- C:\Program Files\TOSHIBA
O43 - CFD: 14/01/2011 - 3:24:26 PM ----D- C:\Program Files\Uniblue
O43 - CFD: 16/04/2004 - 3:58:46 PM --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/01/2011 - 3:00:10 PM ----D- C:\Program Files\Videotron
O43 - CFD: 25/01/2011 - 12:33:44 PM ----D- C:\Program Files\vShare
O43 - CFD: 20/02/2010 - 5:06:08 PM ----D- C:\Program Files\WD
O43 - CFD: 04/02/2005 - 4:33:12 PM ----D- C:\Program Files\WebMatrix
O43 - CFD: 20/02/2010 - 5:03:36 PM ----D- C:\Program Files\Western Digital
O43 - CFD: 20/02/2010 - 5:03:48 PM ----D- C:\Program Files\Western Digital Corporation
O43 - CFD: 23/08/2009 - 12:42:52 PM ----D- C:\Program Files\Windows Desktop Search
O43 - CFD: 20/03/2010 - 6:26:32 PM ----D- C:\Program Files\Windows Live
O43 - CFD: 20/03/2010 - 6:26:58 PM ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 20/01/2011 - 2:12:32 PM ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 21/01/2011 - 9:54:38 AM ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/01/2011 - 1:25:56 PM ----D- C:\Program Files\Windows NT
O43 - CFD: 24/11/2004 - 2:02:32 PM --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 12/05/2008 - 6:44:46 PM ----D- C:\Program Files\WinRAR
O43 - CFD: 04/01/2005 - 1:26:48 PM ----D- C:\Program Files\WinZip
O43 - CFD: 16/04/2004 - 3:52:58 PM ----D- C:\Program Files\xerox
O43 - CFD: 25/01/2011 - 1:09:24 PM ----D- C:\Program Files\ZHPDiag
O43 - CFD: 20/01/2011 - 8:47:08 AM ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 09/10/2009 - 6:15:24 PM ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 19/11/2005 - 8:24:30 PM ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD: 19/07/2010 - 5:37:42 PM ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 04/01/2005 - 1:51:16 PM ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 20/02/2010 - 5:06:12 PM ----D- C:\Program Files\Common Files\eSellerate
O43 - CFD: 07/10/2008 - 10:54:54 PM ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 04/03/2009 - 7:18:46 PM ----D- C:\Program Files\Common Files\IviSDK
O43 - CFD: 20/01/2011 - 8:43:24 AM ----D- C:\Program Files\Common Files\Java
O43 - CFD: 04/01/2005 - 1:52:24 PM ----D- C:\Program Files\Common Files\L&H
O43 - CFD: 20/06/2010 - 11:44:48 AM ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD: 20/06/2010 - 11:29:14 AM ----D- C:\Program Files\Common Files\Logitech
O43 - CFD: 17/01/2011 - 7:46:18 AM ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 08/04/2006 - 12:17:00 AM ----D- C:\Program Files\Common Files\Motive
O43 - CFD: 04/01/2005 - 12:20:34 PM ----D- C:\Program Fi

iyad2009

Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010
Run by ahmad at 25/01/2011 1:09:04 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023.0 MB (20% free)
System drive C: has 2 GB (8%) free of 20 GB

---\\ Logged in mode
Computer Name: AZM
User Name: ahmad
All Users Names: SUPPORT_388945a0, LogMeInRemoteUser, HelpAssistant, Guest, ahmad, Administrator,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 55 Go)
E:\ CD-ROM drive (Free 0 Go of 3 Go)
F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Search Generic System Files
[MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows Explorer.) (.14/04/2008 5:42:20 AM.) -- C:\Windows\Explorer.exe [1033728]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.14/04/2008 5:42:40 AM.) -- C:\Windows\System32\Winlogon.exe [507904]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 12:10:32 AM.) -- C:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 12:45:54 AM.) -- C:\Windows\System32\drivers\ntfs.sys [574976]

---\\ Running Processes
[MD5.4ABB39045C597B358334B16F6483F60A] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Ati2evxx.exe [397312]
[MD5.65010AEDF6217A0568226AFD0BC8A288] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
[MD5.DAB3F0E885C1011D87F14F2FD1850EDC] - (.AVG - PC Tuneup 2011.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [749384]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.9698E78329BBA262F7C931A85B02BE5D] - (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [450560]
[MD5.B8E684DF9A97497EDD2F87444A6307FB] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269]
[MD5.E840A9AEA5D59A5E9C1C4F1AB24D197A] - (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe [141608]
[MD5.4719ED2A9E1F0FF37BC3FC1999F4FFC4] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe [2747744]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.C9989C1C9EEDE0F71C024F549E9C68E1] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872]
[MD5.A7A0ED26C68892135F23F4D4F176E2E3] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536]
[MD5.7B9E9A8C71C77DD03CF97FA7C996C3C9] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe [2424560]
[MD5.1964BD18D97745FAFEF098B5CA66DE4C] - (.Atheros Communications, Inc. - Atheros Client Utility.) -- C:\Program Files\Atheros\ACU.exe [1343488]
[MD5.0CCE84F6F693478A769BFC1E993CBF67] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe [737872]
[MD5.2E3E53A6AEF23E24F402C7855B9B1542] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144176]
[MD5.18EDC2F3076D32C6C6B98F11EB85D2CB] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files\AVG\AVG10\avgfws.exe [3226632]
[MD5.4AF61A15B3614FEF25FE93EA2FABD620] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe [265400]
[MD5.5AB58C337AC65837FE404462AD6265AB] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.EDFB15C5AF45B381277E6A275680C81D] - (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) -- C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe [36973]
[MD5.F7945E2D5767485C960403DD7FF5033D] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [28672]
[MD5.E731921DB2E17DCD3DB472FAD5549C57] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.1D28B53C50CC57062692862B8E083020] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904]
[MD5.5A9679D184A408982D5F0BD79874B44F] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [150040]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.ED6235C93981D8658FA433092A809303] - (.Memeo - MemeoBackgroundService.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824]
[MD5.B4139011FADDBDAE615961548E75E5C5] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [7520337]
[MD5.8E757A20B2267AA38B09BA718CEBD13C] - (.DataFocus, Inc. - NuTCRACKER Service.) -- C:\WINDOWS\System32\nutsrv4.exe [277272]
[MD5.A1A36682DF22777834E1C37F3C79AEC2] - (.WDC - WD Drive Manager Service.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400]
[MD5.668056D5C3C11AB7D266819A96B964E8] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\system32\MsPMSPSv.exe [53248]
[MD5.F4F5FD5B414AD2F9AD72CB97D64B5D30] - (.AVG Technologies CZ, s.r.o. - AVG Alert Manager.) -- C:\Program Files\AVG\AVG10\avgam.exe [745824]
[MD5.288778D9E2D1C7E8A5DBD5C6DB8046B0] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [6128720]
[MD5.7E6741A17CFDCD700DA5B6EC624F83B3] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG10\avgnsx.exe [1084256]
[MD5.F92048E22CB392BBC3C38EF393C0E4A6] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]
[MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]
[MD5.79D4CCA7D30DDADCD0BACEBE7215C2AD] - (.Skype Technologies S.A. - SkypeNames.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe [234792]

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Unknown owner - No comment.) -- D:\Program Files\itunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2027] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2088] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1040] - (.RealNetworks, Inc. - 6.0.12.1040.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

---\\ Internet Explorer Extensions, Start, Search (R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ca/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [WD Drive Manager] . (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [WD Anywhere Backup] . (.Memeo Inc. - Memeo AutoBackup Launcher.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTimes\qttask.exe
O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.)
O4 - HKLM\..\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [ATIModeChange] . (.ATI Technologies, Inc. - ATI 2D Mode component.) -- C:\Windows\System32\Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Atheros Client Utility.lnk . (.Atheros Communications, Inc..) -- C:\Program Files\Atheros\ACU.exe

---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inscription de Toshiba.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\OOBE\msoobe.exe

---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Unknown owner - No comment.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} () - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} () - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} () - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} () - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Extra protocols and protocol Hijackers (O18)
O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll

---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- D:\Program Files\spybotsearchanddestry\SASWINLO.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Unknown owner - No comment.) -- WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll

---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.Unknown owner - No comment.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG IDS application.) - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (CeEPwrSvc) . (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
O23 - Service: (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: (MemeoBackgroundService) . (.Memeo - MemeoBackgroundService.) - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
O23 - Service: (NuTCRACKERService) . (.DataFocus, Inc. - NuTCRACKER Service.) - C:\WINDOWS\System32\nutsrv4.exe
O23 - Service: (WDBtnMgrSvc.exe) . (.WDC - WD Drive Manager Service.) - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/ahmad/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: My Current Home Page - file:About:Home
O24 - Default MHTML Editor: Last - .(.Unknown owner - No comment.) - "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)

---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
[MD5.DAB3F0E885C1011D87F14F2FD1850EDC] [APT] [AVG PC Tuneup 2011 Integrator Start On Windows Logon] (.AVG.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
[MD5.65010AEDF6217A0568226AFD0BC8A288] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe

---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Macromedia Shockwave Director 9.0 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\macromed\Director\SwDir.dll
O40 - ASIC: Adobe Shockwave Director 10.2 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\wmp10.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx

---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx86.sys
O41 - Driver: (Avgmfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx86.sys
O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdix.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - D:\Program Files\spybotsearchanddestry\SASDIFSV.sys
O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - D:\Program Files\spybotsearchanddestry\SASKUTIL.sys
O41 - Driver: (SrvcEKIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EKIoMngr.sys
O41 - Driver: (SrvcEPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EPIoMngr.sys
O41 - Driver: (SrvcSSIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\SSIoMngr.sys
O41 - Driver: (SrvcTPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\TPIoMngr.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: VGA Display Controller. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

---\\ Software installed (O42)
O42 - Logiciel: ATI - Software Uninstall Utility - (.Unknown owner.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Control Panel - (.Unknown owner.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- AVG
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {04E7A3BB-DB38-481C-A809-35FA60C78EDF}
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {F4C68898-EBA5-46A9-82B3-2D30426086BF}
O42 - Logiciel: AVG PC Tuneup 2011 - (.AVG.) [HKLM] -- {50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.2 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A92000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {B2D328BE-45AD-4D92-96F9-2151490A203E}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {85991ED2-010C-4930-96FA-52F43C2CE98A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0CB9668D-F979-4F31-B8B8-67FE90F929F8}
O42 - Logiciel: Brother MFL-Pro Suite - (.Unknown owner.) [HKLM] -- {D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
O42 - Logiciel: Data Lifeguard Diagnostic for Windows - (.Western Digital Corporation.) [HKLM] -- {E40CE517-0D42-4198-96B4-C8232B257EB5}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: InterVideo FilterSDK for Hauppauge - (.InterVideo Inc..) [HKLM] -- {2227E1FA-01F5-483C-AB0E-2A308E900B3D}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150010}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Live Global Bid Bid Control Kit Setup - (.Unknown owner.) [HKLM] -- Live Global Bid Bid Control Kit Setup
O42 - Logiciel: Logitech High Quality Video - (.Logitech, Inc..) [HKLM] -- {281D28EC-1357-4778-B2D7-DEA56D70EF96}
O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {6444D9D9-CD6C-4464-B970-55C606C944DC}
O42 - Logiciel: Logitech Updater - (.Logitech, Inc..) [HKLM] -- {53735ECE-E461-4FD0-B742-23A352436D3A}
O42 - Logiciel: Logitech Webcam Software Driver Package - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {90110409-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: MiraScan V3.42 - (.Unknown owner.) [HKCU] -- MiraScan V3.42
O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Unknown owner.) [HKCU] -- Octoshape add-in for Adobe Flash Player
O42 - Logiciel: PaperPort - (.ScanSoft, Inc..) [HKLM] -- {A17EABB6-D0C6-44E5-820C-72DC7F495064}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {1A9E151D-05DD-4937-9FDB-82B7140734A5}
O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {F22B6F59-D6A5-4FA1-A913-D821A9F53DD6}
O42 - Logiciel: Realtek AC'97 Audio - (.Unknown owner.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: TOSHIBA ConfigFree - (.Unknown owner.) [HKLM] -- {BDD83DC9-BEE9-4654-A5DA-CC46C250088D}
O42 - Logiciel: TOSHIBA PC Diagnostic Tool - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV
O42 - Logiciel: WD Anywhere Backup - (.Memeo Inc..) [HKLM] -- {68131B0A-D78D-4aed-B74E-33A6C7324E50}
O42 - Logiciel: WD Drive Manager (x86) - (.Western Digital.) [HKLM] -- {CCD04643-5246-48AC-9D8C-F43A37BB8F36}
O42 - Logiciel: WinRAR archiver - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {F6BD194C-4190-4D73-B1B1-C48C99921BFE}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {A85FD55B-891B-4314-97A5-EA96C0BD80B5}
O42 - Logiciel: Windows Live Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9422C8EA-B0C6-4197-B8FC-DC797658CA00}
O42 - Logiciel: Windows Live Upload Tool - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}
O42 - Logiciel: vShare Plugin - (.Unknown owner.) [HKLM] -- vShare

---\\ HKCU & HKLM Software Keys
[HKCU\Software\321Studios]
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVG]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AntiVirus System 2011]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Ariadne Genomics]
[HKCU\Software\Arrowkey]
[HKCU\Software\Atari]
[HKCU\Software\Atheros]
[HKCU\Software\Aurigma]
[HKCU\Software\Auslogics]
[HKCU\Software\BCL Technologies]
[HKCU\Software\BasicScript Program Settings]
[HKCU\Software\Bogosoft]
[HKCU\Software\Brother]
[HKCU\Software\CDDB]
[HKCU\Software\COMPAL]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Colubris Networks]
[HKCU\Software\Conduit]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\D2]
[HKCU\Software\DVD X Copy Platinum]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Drag'n Drop CD+DVD]
[HKCU\Software\Elecard]
[HKCU\Software\Electronic Arts]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hauppauge]
[HKCU\Software\HubTech]
[HKCU\Software\IM Providers]
[HKCU\Software\IZSoftware]
[HKCU\Software\InterTrust]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\KMPlayer]
[HKCU\Software\KasperskyLab]
[HKCU\Software\LGB]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Local Wall Application]
[HKCU\Software\LogMeIn]
[HKCU\Software\LogiShared]
[HKCU\Software\Logitech]
[HKCU\Software\LogoMedia]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (HCW)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Martin Prikryl]
[HKCU\Software\Mediachance]
[HKCU\Software\Meetstream]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\MultimediaPhoto]
[HKCU\Software\MyExplorer]
[HKCU\Software\Netscape]
[HKCU\Software\Nico Mak Computing]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\OPENTECH]
[HKCU\Software\Osprey]
[HKCU\Software\PCSuite]
[HKCU\Software\PIXELA]
[HKCU\Software\Pegasys Inc.]
[HKCU\Software\PepiMK Software]
[HKCU\Software\PictureMall]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PriceGong]
[HKCU\Software\Protein Lounge]
[HKCU\Software\RadialPoint]
[HKCU\Software\Rational Software]
[HKCU\Software\RealNetworks]
[HKCU\Software\Replay AV 8]
[HKCU\Software\SGooPE]
[HKCU\Software\SSH Communications Security]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\SWI]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\ScanSoft]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Smart Projects]
[HKCU\Software\SmartTweak]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sunbelt Software]
[HKCU\Software\Sysinternals]
[HKCU\Software\TOSHIBA]
[HKCU\Software\TVANTS]
[HKCU\Software\Trolltech]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Unlimited Possibilities]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Veetle]
[HKCU\Software\VicMan Software]
[HKCU\Software\Videotron]
[HKCU\Software\Viscom Software]
[HKCU\Software\Visioneer]
[HKCU\Software\Voice]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\WinZip Computing]
[HKCU\Software\Winamp]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ZipZag2]
[HKCU\Software\ZipZag]
[HKCU\Software\eBay]
[HKCU\Software\eFilm Medical]
[HKCU\Software\ej-technologies]
[HKCU\Software\mmtwn]
[HKCU\Software\roxio]
[HKCU\Software\uTorrent]
[HKCU\Software\vShare]
[HKLM\Software\15897034]
[HKLM\Software\321Studios]
[HKLM\Software\ACE Compression Software]
[HKLM\Software\ALPS]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMPing]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer Peripherals Inc.]
[HKLM\Software\Acudata]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Applian]
[HKLM\Software\Ariadne Genomics]
[HKLM\Software\Arrowkey]
[HKLM\Software\Atheros Communications]
[HKLM\Software\AviSynth]
[HKLM\Software\B.H.A]
[HKLM\Software\BCL Technologies]
[HKLM\Software\Brooktree]
[HKLM\Software\Brother]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\COMPAL]
[HKLM\Software\Chilkat Software, Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Colubris Networks]
[HKLM\Software\Conduit]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\D-Tools]
[HKLM\Software\DataFocus]
[HKLM\Software\Deckard]
[HKLM\Software\DigiOn Inc. and Easy Systems Japan Ltd.]
[HKLM\Software\Drag'n Drop CD+DVD]
[HKLM\Software\EA SPORTS]
[HKLM\Software\Easy Systems Japan Ltd.]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FLEXlm License Manager]
[HKLM\Software\FRISK Software International]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gemplus]
[HKLM\Software\Global IP Sound]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hauppauge]
[HKLM\Software\Horizon]
[HKLM\Software\IMSI]
[HKLM\Software\ISSS]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\IviSDK4Hauppauge]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\L&H]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\Link Data Security]
[HKLM\Software\Logitech]
[HKLM\Software\LogoMedia]
[HKLM\Software\Lucent]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Martin Prikryl]
[HKLM\Software\MicroQuill]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mortice Kern Systems]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nico Mak Computing]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\P!HDS8]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PCTools]
[HKLM\Software\PIXELA]
[HKLM\Software\PepiMK Software]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Prolific Technology INC]
[HKLM\Software\REALTEK Semiconductor Corp.]
[HKLM\Software\Radialpoint]
[HKLM\Software\Rational Software]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\RioPort]
[HKLM\Software\SGOOPE]
[HKLM\Software\SSH Communications Security]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\SWI]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Soeperman Enterprises Ltd.]
[HKLM\Software\Software PRO Technologies]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\TOSHIBA]
[HKLM\Software\Translation Engines]
[HKLM\Software\TrendMicro]
[HKLM\Software\USB2800]
[HKLM\Software\Ulead Systems]
[HKLM\Software\Uniblue]
[HKLM\Software\VSO]
[HKLM\Software\Veetle]
[HKLM\Software\Visioneer]
[HKLM\Software\Voice]
[HKLM\Software\WD]
[HKLM\Software\WebUpdate]
[HKLM\Software\Western Digital]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\WorldWinner.com]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\ZSMC]
[HKLM\Software\Zeon]
[HKLM\Software\Zone Labs]
[HKLM\Software\eFilm Medical]
[HKLM\Software\ej-technologies]
[HKLM\Software\mozilla.org]
[HKLM\Software\rtlsetn5]

---\\ Contents of the Common Files folders (O43)
O43 - CFD: 22/11/2009 - 11:03:16 PM ----D- C:\Program Files\Adobe
O43 - CFD: 04/01/2005 - 1:08:26 PM ----D- C:\Program Files\Apoint2K
O43 - CFD: 04/01/2009 - 10:05:14 PM ----D- C:\Program Files\Apple Software Update
O43 - CFD: 04/01/2005 - 1:05:46 PM ----D- C:\Program Files\Atheros
O43 - CFD: 19/04/2004 - 11:52:38 AM ----D- C:\Program Files\ATI Technologies
O43 - CFD: 20/01/2011 - 9:18:24 AM ----D- C:\Program Files\AVG
O43 - CFD: 23/07/2006 - 6:22:18 PM ----D- C:\Program Files\AVG Anti Virus
O43 - CFD: 20/04/2004 - 9:45:50 AM ----D- C:\Program Files\B's CLiP
O43 - CFD: 13/01/2011 - 11:08:02 AM ----D- C:\Program Files\Bonjour
O43 - CFD: 07/10/2008 - 10:55:10 PM ----D- C:\Program Files\Brother
O43 - CFD: 24/11/2004 - 12:18:34 PM ----D- C:\Program Files\Colubris Networks
O43 - CFD: 03/09/2010 - 10:14:56 AM ----D- C:\Program Files\Common Files
O43 - CFD: 18/09/2009 - 10:46:56 PM ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/01/2005 - 11:58:12 PM ----D- C:\Program Files\D-Tools
O43 - CFD: 20/04/2004 - 1:02:16 PM ----D- C:\Program Files\DataLode
O43 - CFD: 05/01/2005 - 11:57:26 PM ----D- C:\Program Files\Diamond
O43 - CFD: 13/06/2007 - 11:22:16 PM ----D- C:\Program Files\DIFX
O43 - CFD: 20/04/2004 - 9:49:18 AM ----D- C:\Program Files\Drag'n Drop CD+DVD
O43 - CFD: 14/01/2011 - 10:39:16 AM ----D- C:\Program Files\DriverBoost
O43 - CFD: 23/11/2006 - 9:40:46 PM ----D- C:\Program Files\DssEvolution.com
O43 - CFD: 20/04/2004 - 9:56:04 AM ----D- C:\Program Files\DVD-RAM
O43 - CFD: 04/01/2005 - 1:01:28 PM ----D- C:\Program Files\EzButton
O43 - CFD: 25/11/2004 - 12:31:40 PM ----D- C:\Program Files\Fichiers communs
O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
O43 - CFD: 24/11/2004 - 1:38:02 PM ----D- C:\Program Files\FSI
O43 - CFD: 19/07/2010 - 5:20:50 PM ----D- C:\Program Files\Google
O43 - CFD: 19/01/2011 - 11:50:58 AM --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 21/01/2011 - 10:06:24 AM ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/04/2004 - 11:21:30 AM ----D- C:\Program Files\InterVideo
O43 - CFD: 13/01/2011 - 11:09:18 AM ----D- C:\Program Files\iPod
O43 - CFD: 20/01/2011 - 8:42:56 AM ----D- C:\Program Files\Java
O43 - CFD: 12/10/2008 - 5:28:12 PM ----D- C:\Program Files\Logitech
O43 - CFD: 04/01/2005 - 1:02:36 PM ----D- C:\Program Files\ltmoh
O43 - CFD: 24/01/2011 - 2:34:18 PM ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 21/01/2011 - 10:08:10 AM ----D- C:\Program Files\Messenger
O43 - CFD: 24/11/2004 - 2:39:16 PM ----D- C:\Program Files\Metrowerks
O43 - CFD: 20/03/2010 - 6:27:16 PM ----D- C:\Program Files\Microsoft
O43 - CFD: 25/11/2004 - 12:32:48 PM ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD: 17/10/2008 - 12:20:02 PM ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 24/11/2004 - 3:17:12 PM ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 17/01/2011 - 7:46:20 AM ----D- C:\Program Files\Microsoft Office
O43 - CFD: 04/02/2005 - 5:20:42 PM ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 04/01/2005 - 1:50:54 PM ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 04/01/2005 - 1:51:10 PM ----D- C:\Program Files\Microsoft Works
O43 - CFD: 25/11/2004 - 12:33:00 PM ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
O43 - CFD: 21/01/2011 - 10:06:20 AM ----D- C:\Program Files\Movie Maker
O43 - CFD: 20/01/2011 - 9:07:22 AM ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 16/08/2009 - 8:11:10 AM ----D- C:\Program Files\MSBuild
O43 - CFD: 17/01/2011 - 7:45:56 AM ----D- C:\Program Files\MSECache
O43 - CFD: 16/04/2004 - 3:47:08 PM ----D- C:\Program Files\MSN
O43 - CFD: 16/04/2004 - 3:43:08 PM ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 15/06/2007 - 4:46:50 PM ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 16/08/2009 - 2:06:44 AM ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 21/01/2011 - 9:54:56 AM ----D- C:\Program Files\NetMeeting
O43 - CFD: 20/01/2011 - 10:14:12 AM ----D- C:\Program Files\Nokia
O43 - CFD: 09/10/2009 - 6:14:06 PM ----D- C:\Program Files\NOS
O43 - CFD: 04/01/2005 - 12:21:30 PM ----D- C:\Program Files\Online Services
O43 - CFD: 21/01/2011 - 10:30:00 AM ----D- C:\Program Files\Outlook Express
O43 - CFD: 13/06/2007 - 11:21:40 PM ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 19/07/2010 - 6:06:12 PM ----D- C:\Program Files\QuickTime
O43 - CFD: 24/11/2004 - 3:04:22 PM ----D- C:\Program Files\Real
O43 - CFD: 16/08/2009 - 8:11:08 AM ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 07/10/2008 - 10:53:18 PM ----D- C:\Program Files\ScanSoft
O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)
O43 - CFD: 03/09/2010 - 10:15:24 AM R---D- C:\Program Files\Skype
O43 - CFD: 10/06/2007 - 7:13:18 PM ----D- C:\Program Files\Sony
O43 - CFD: 25/01/2005 - 5:11:06 PM ----D- C:\Program Files\SWIProlog
O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
O43 - CFD: 04/02/2005 - 2:26:28 PM ----D- C:\Program Files\The KMPlayer
O43 - CFD: 19/01/2011 - 12:21:44 PM ----D- C:\Program Files\TOSHIBA
O43 - CFD: 14/01/2011 - 3:24:26 PM ----D- C:\Program Files\Uniblue
O43 - CFD: 16/04/2004 - 3:58:46 PM --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/01/2011 - 3:00:10 PM ----D- C:\Program Files\Videotron
O43 - CFD: 25/01/2011 - 12:33:44 PM ----D- C:\Program Files\vShare
O43 - CFD: 20/02/2010 - 5:06:08 PM ----D- C:\Program Files\WD
O43 - CFD: 04/02/2005 - 4:33:12 PM ----D- C:\Program Files\WebMatrix
O43 - CFD: 20/02/2010 - 5:03:36 PM ----D- C:\Program Files\Western Digital
O43 - CFD: 20/02/2010 - 5:03:48 PM ----D- C:\Program Files\Western Digital Corporation
O43 - CFD: 23/08/2009 - 12:42:52 PM ----D- C:\Program Files\Windows Desktop Search
O43 - CFD: 20/03/2010 - 6:26:32 PM ----D- C:\Program Files\Windows Live
O43 - CFD: 20/03/2010 - 6:26:58 PM ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 20/01/2011 - 2:12:32 PM ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 21/01/2011 - 9:54:38 AM ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/01/2011 - 1:25:56 PM ----D- C:\Program Files\Windows NT
O43 - CFD: 24/11/2004 - 2:02:32 PM --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 12/05/2008 - 6:44:46 PM ----D- C:\Program Files\WinRAR
O43 - CFD: 04/01/2005 - 1:26:48 PM ----D- C:\Program Files\WinZip
O43 - CFD: 16/04/2004 - 3:52:58 PM ----D- C:\Program Files\xerox
O43 - CFD: 25/01/2011 - 1:09:24 PM ----D- C:\Program Files\ZHPDiag
O43 - CFD: 20/01/2011 - 8:47:08 AM ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 09/10/2009 - 6:15:24 PM ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 19/11/2005 - 8:24:30 PM ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD: 19/07/2010 - 5:37:42 PM ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 04/01/2005 - 1:51:16 PM ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 20/02/2010 - 5:06:12 PM ----D- C:\Program Files\Common Files\eSellerate
O43 - CFD: 07/10/2008 - 10:54:54 PM ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 04/03/2009 - 7:18:46 PM ----D- C:\Program Files\Common Files\IviSDK
O43 - CFD: 20/01/2011 - 8:43:24 AM ----D- C:\Program Files\Common Files\Java
O43 - CFD: 04/01/2005 - 1:52:24 PM ----D- C:\Program Files\Common Files\L&H
O43 - CFD: 20/06/2010 - 11:44:48 AM ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD: 20/06/2010 - 11:29:14 AM ----D- C:\Program Files\Common Files\Logitech
O43 - CFD: 17/01/2011 - 7:46:18 AM ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 08/04/2006 - 12:17:00 AM ----D- C:\Program Files\Common Files\Motive
O43 - CFD: 04/01/2005 - 12:20:34 PM ----D- C:\Program Files\Common Files\MSSoap

Réponse 11 / 21

iyad2009

excusez moi, voici le lien

http://ww38.toofiles.com/fr/oip/documents/Txt/9894_zhpdiag.html

Réponse 12 / 21

Utilisateur anonyme

ton lien ne passe pas, essaie avec un autre !

Réponse 13 / 21

iyad2009

http://ww38.toofiles.com/en/oip/documents/zip/zhpdiag2.html

Réponse 14 / 21

Utilisateur anonyme

* Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
Copie/colle les lignes suivantes en gras et place les dans ZHPFix :

----------------------------------------------------------

O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
[HKCU\Software\PriceGong]
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com{searchTerms}&srch=dsp
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PLT
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PLT
O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.)
O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
O47 - AAKE:Key Export SP - "D:\Program Files\KazaaLite\Kazaa Lite K++\KazaaLite.kpp" [Enabled] .(.Unknown owner - No comment.) (.not file.) -- O47 - AAKE:Key Export SP - "E:\Crack\fifa2005.exe" [Disabled] .(.Unknown owner - No comment.) (.not file.) --
O64 - Services: CurCS - (.not file.) - netskt (netskt) .(.Unknown owner - No comment.) - LEGACY_NETSKT
MBRFIX

----------------------------------------------------------

- Clique sur « Tous », puis sur « Nettoyer »
- Copie/colle la totalité du rapport dans ta prochaine réponse
Tuto :
http://www.premiumorange.com/zeb-help-process/zhpfix.html

Réponse 15 / 21

iyad2009

here we go,

Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010
Fichier d'export Registre : C:\ZHPExportRegistry-25-01-2011-2-24-23 PM.txt
Run by ahmad at 25/01/2011 2:24:23 PM
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Registry Key ==========
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key => Registry Key removed successfully
HKCU\Software\PriceGong => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - netskt (netskt) .(.Unknown owner - No comment.) - LEGACY_NETSKT => Registry Key removed successfully

========== Registry Value ==========
O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.) => Registry key value removed successfully
O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.) => Registry key value removed successfully
O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.) => Registry key value not found
O47 - AAKE:Key Export SP - "D:\Program Files\KazaaLite\Kazaa Lite K++\KazaaLite.kpp" [Enabled] .(.Unknown owner - No comment.) (.not file.) -- O47 - AAKE:Key Export SP - "E:\Crack\fifa2005.exe" [Disabled] .(.Unknown owner - No comment.) (.not file.) -- => Registry key value removed successfully

========== Registry Data Items ==========
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry key value data not removed
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com{searchTerms}&srch=dsp => Data replaced successfully
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PLT => Data replaced successfully

========== File ==========
c:\program files\vshare\vshare_toolbar.dll => Quarantined and Deleted successfully
c:\windows\obekihevatepinuk.dll => Quarantined and Deleted successfully
c:\windows\mtonbd40.dll => Quarantined and Deleted successfully

========== Master Boot Record ==========
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: HTS548080M9AT00 rev.MG4OA53A -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x87251E78]<<
1 nt!IofCallDriver[0x804E1397] -> \Device\Harddisk0\DR0[0x8733BAB8]
3 CLASSPNP[0xF77C1FD7] -> nt!IofCallDriver[0x804E1397] -> \Device\00000092[0x873339E8]
5 ACPI[0xF76F2620] -> nt!IofCallDriver[0x804E1397] -> \Device\Ide\IdeDeviceP0T0L0-3[0x87334940]
\Driver\atapi[0x87338C28] -> IRP_MJ_CREATE -> 0x87251E78
kernel: MBR read successfully
detected hooks:
\Driver\atapi -> 0x87251e78
user & kernel MBR OK
Warning: possible MBR rootkit infection !

Resultat après le fix :
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: HTS548080M9AT00 rev.MG4OA53A -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

========== Summary ==========
3 : Registry Key
4 : Registry Value
3 : Registry Data Items
3 : File
1 : Master Boot Record

End of the scan

Réponse 16 / 21

Utilisateur anonyme

ok,
comment va le pc après toutes ces manipluations ?

est ce qu'il fonctionne normalement ?

Réponse 17 / 21

iyad2009

Merci infiniment.
Il est un peut lourd surtout au niveau de rdemarrage. Mais au moins j'en ai plus les messages d'erreur.

La je me ramasse avec SuperAntispyware, Spywaresearch and destro, AVG et AVG PC tune up et Uniblue Registry booster.... :)
Q'uest ce que tu me suggèere de garder et quoi effacer de mon systeme

Merci encore une fois

Réponse 18 / 21

Utilisateur anonyme

on va dire qu'il fautconserver AVG 10,
virer les autres !

en complement de ton antivirus qui n'est que AVG 10, mettre MBAM et un perfeu, c'est largement suffisant:-)

en attendant, on finalise la désinfection :

. télécharges Ccleaner à partir de cette adresse et enregistres le sur le bureau

https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

.double-cliques sur le fichier pour lancer l'installation
/!\Utilisateur de Vista et windows 7 : Clique droit sur le logo de Ccleaner, « exécuter en tant qu'Administrateur »

.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
.coches la première case vieilles données du perfetch que celle-la ce qui te donnes la case vielles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-la
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vériffis en appuiant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.cliques maintenant sur registre et puis sur rechercher les erreurs
.laisses tout cochées et cliques sur réparrer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.cliques sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et fermer tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner

tuto installation & nettoyage :
https://www.donnemoilinfo.com/tuto/CCleaner/

* pour supprimer les outils de désinfection
:
Télecharge Delfix sur ton bureau :
http://www.teamxscript.org/too/Xplode/DelFix.exe

*Clique sur le bouton « Suppression » et poste son rapport sur ton prochain message
**Pour le désinstaller, il suffit de le relancer et cliquer sur le bouton de désinstallation.

* Désactivation, puis Réactivation de la restauration système après désinfection :

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés :

Pour XP : https://www.commentcamarche.net/faq/5097-virus-system-volume-information

* fais une mise à jour de ton antivirus, lance un scan complet de ton pc, tiens moi au courant du résultat :-)

Réponse 19 / 21

iyad2009

Je vous tiens au courant du resultat de Scan dans la prochaine message.
Voici le resultat de dernier rapport

# DelFix v7.1 - Rapport créé le 25/01/2011 à 15:12
# Mis à jour le 16/01/11 à 15h30 par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [Version 5.1.2600] Service Pack 3
# Nom d'utilisateur : ahmad - AZM (Administrateur)
# Exécuté depuis : C:\Documents and Settings\ahmad\Local Settings\Temporary Internet Files\Content.IE5\VE8VU8FR\DelFix[1].exe
# Option [Suppression]

~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ZHP

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\TDSSKiller.2.4.15.0_25.01.2011_12.37.15_log.txt
Supprimé : C:\TDSSKiller.2.4.15.0_25.01.2011_12.38.05_log.txt
Supprimé : C:\WINDOWS\System32\tmp.reg
Supprimé : C:\WINDOWS\System32\tmp.txt
Supprimé : C:\Documents and Settings\ahmad\Desktop\catchme.log
Supprimé : C:\Documents and Settings\ahmad\Desktop\tdsskiller.exe
Supprimé : C:\Documents and Settings\ahmad\Desktop\ZHPDiag(2).Txt
Supprimé : C:\Documents and Settings\ahmad\Desktop\ZHPDiag(2).zip
Supprimé : C:\Documents and Settings\All Users.WINDOWS\Desktop\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users.WINDOWS\Desktop\ZHPFix.lnk
Supprimé : C:\Documents and Settings\All Users.WINDOWS\Desktop\MBRCheck.lnk

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKLM\Software\TrendMicro
Clé Supprimée : HKLM\Software\Soeperman Enterprises Ltd.
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

~~~~~~ Autre ~~~~~~

########## EOF - "C:\DelFixSuppr.txt" - [1623 octets] ##########

Réponse 20 / 21

iyad2009

et aucun virus n'a été détécté :)

Petit question, est ce qu'il ya un tutorial qui nous explique les demarches qui vous venez de me montrer...au moins la prochaine fois je vous derrange pas.

Discussions similaires

XINPUT1_3.dll manquant (missing)

Xinput1_3.dll

Probleme d'installation jeu pc (il manquerait " XINPUT1_3.dll)

Boîte mail piratée ?

Problème avec XINPUT1_3.dll

Votre réponse

Discussions similaires