Spam, DLL, Win32 prob.

Résolu
iyad2009 -  
 Utilisateur anonyme -
Bonjour tout le monde,

Recement jai eu un prob. avec mon ordinateur, infecté par un fameux systemesecurity2011 Spam. Bref, j'ai réussi à l'effacer avec de l'aide des logiciels antispam, SuperAntiSpam, Uniblue qui fixe les probleme de registre. Mais j'ai remarqué toujours des bobos, le systeme est plus lent. IE gele avec probleme win32 sur l'ecran.

" erreur .dll qui apparaissent egalement lors du redemarrage de mon ordinateur :
mtonbd40.dll & obekihevatepinuk.dll
Malgré que j'ai acheté le loficiel Uniblue Registry Booster mais les prob. persistent toujours.

Alors avant de passer au formatage, j'ai besoin votre aide si quelqu'un à une meilleur vision pour ce probleme.

Merci en avance

21 réponses

  • 1
  • 2
  1. Utilisateur anonyme
     
    bonsoir,
    suis ces opérations dans l'ordre :

    * Télécharge sur le bureau RogueKiller (par tigzy)
    https://www.luanagames.com/index.fr.html
    * Quitte tous tes programmes en cours
    * Lance RogueKiller.exe.
    * Sous Vista/Seven, clique droit, lancer en tant qu'administrateur
    tu n'as qu'à cliquer dessus ou les lancer!
    * "Si rogueKiller te demande pour le proxy, tape 1"
    * Lorsque demandé, tape 2 et valide
    * Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
    * Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.

    Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    ou ici :
    https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

    /!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »

    . Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
    . Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
    . si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
    . Une fois la mise à jour terminé
    . rend-toi dans l'onglet, Recherche
    . Sélectionnes Exécuter un examen complet
    . Cliques sur Rechercher
    . Le scan démarre.
    . A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    . Cliques sur Ok pour poursuivre.
    . Si des malwares ont été détectés, cliques sur Afficher les résultats
    . Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

    . Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    . rends toi dans l'onglet rapport/log
    . tu cliques dessus pour l'afficher une fois affiché
    . tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
    . tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
    . Tu cliques droit dans le cadre de la réponse et coller
    . À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

    Si tu as besoin d'aide regarde ce tutoriel :
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    0
  2. iyad2009
     
    Merci Electricien pour ta réponse,

    *** J'ai efféctué les tests en SAFE mode, j'espère que ca n'affecte pas ces testes.

    Voici le 1er rapport
    ====================
    RogueKiller V3.8.1 by Tigzy
    contact at https://www.luanagames.com/index.fr.html
    mail: tigzyRK<at>gmail<dot>com
    Feedback: https://www.luanagames.com/index.fr.html

    Operating System: Windows XP (5.1.2600 Service Pack 3) version 32 bits
    User: Admin
    Mode: Scan -- Time : 24/01/2011 13:27:12

    Bad processes:

    Found:
    HKCR\CLSID\...\InprocServer32: C:\WINDOWS\System32\wbem\wbemcore.dll

    Fichier HOSTS:

    Finished

    ====================

    Voic le 2eme
    ==========
    Malwarebytes' Anti-Malware 1.50
    www.malwarebytes.org

    Version de la base de données: 5590

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    24/01/2011 2:29:22 PM
    mbam-log-2011-01-24 (14-29-22).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 345230
    Temps écoulé: 52 minute(s), 5 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 4

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    c:\WINDOWS\system32\config\systemprofile\start menu\Programs\total security (Rogue.TotalSecurity) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    c:\WINDOWS\system32\ljkjjk.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
    c:\documents and settings\ahmad\application data\Adobe\plugs\KB460671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\config\systemprofile\Desktop\total security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\config\systemprofile\start menu\Programs\total security\total security 2009.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.

    ==========

    Merci encore une fois
    0
  3. Utilisateur anonyme
     
    ce qui me semblait, il y a un rogue sur ton pc !

    relance MBAM, vide sa quarantaine seulement,

    * Télécharge ZHPDiag sur ton bureau :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
    ou
    http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    ou
    https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    * Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

    * Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
    * Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
    * Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
    http://www.cijoint.fr/
    ou :
    http://ww38.toofiles.com/fr/documents-upload.html
    ou :
    https://www.terafiles.net/

    tuto zhpdiag :
    http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. iyad2009
     
    désolé mais je n'arrive pas à repondre avec le rapport coller en bas de ma reponse
    Ni au niveau des 3 liens mentionné dans ton message
    ca donne toujours soit probleme de connexion (malgré que je suis bien connecté)
    et sur le 3eme lien ca donne :

    Progression : % ( / )
    Débit :
    Temps restant estimé :
    Temps écoulé :

    mais rien ne bouge

    autre suggestions ?
    0
  6. Utilisateur anonyme
     
    bonsoir,
    rapport reçu :-)

    * Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
    Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
    Copie/colle les lignes suivantes en gras et place les dans ZHPFix :

    ----------------------------------------------------------

    O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
    O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
    O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
    O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
    O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe


    ----------------------------------------------------------

    - Clique sur « Tous », puis sur « Nettoyer »
    - Copie/colle la totalité du rapport dans ta prochaine réponse
    Tuto :
    http://www.premiumorange.com/zeb-help-process/zhpfix.html

    * Télécharge TDSSKiller sur ton bureau :

    https://support.kaspersky.com/downloads/utils/tdsskiller.exe

    * Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

    * Clique sur [Start Scan] pour démarrer l'analyse.

    * Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

    * Un rapport s'ouvrira au redémarrage du PC.

    * Copie/Colle son contenu dans ta prochaine réponse.

    Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.

    0
  7. iyad2009
     
    Bonjour, et voila la 1er rapport

    Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010
    Fichier d'export Registre : C:\ZHPExportRegistry-25-01-2011-12-33-53 PM.txt
    Run by ahmad at 25/01/2011 12:33:53 PM
    Windows XP Professional Service Pack 3 (Build 2600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Registry Key ==========
    O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry Key removed successfully
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Registry Key removed successfully
    [HKCR\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Registry Key removed successfully

    ========== Registry Value ==========
    O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry key value removed successfully
    O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Registry key value removed successfully
    O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Registry key value not found

    ========== Registry Data Items ==========
    O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry key value data not removed

    ========== File ==========
    c:\program files\vshare\vshare_toolbar.dll => Quarantined and Deleted successfully

    ========== Summary ==========
    3 : Registry Key
    3 : Registry Value
    1 : Registry Data Items
    1 : File

    End of the scan
    0
  8. iyad2009
     
    et le deuxieme :

    2011/01/25 12:38:05.0484 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
    2011/01/25 12:38:05.0484 ================================================================================
    2011/01/25 12:38:05.0484 SystemInfo:
    2011/01/25 12:38:05.0484
    2011/01/25 12:38:05.0484 OS Version: 5.1.2600 ServicePack: 3.0
    2011/01/25 12:38:05.0484 Product type: Workstation
    2011/01/25 12:38:05.0484 ComputerName: AZM
    2011/01/25 12:38:05.0484 UserName: ahmad
    2011/01/25 12:38:05.0484 Windows directory: C:\WINDOWS
    2011/01/25 12:38:05.0484 System windows directory: C:\WINDOWS
    2011/01/25 12:38:05.0484 Processor architecture: Intel x86
    2011/01/25 12:38:05.0484 Number of processors: 2
    2011/01/25 12:38:05.0484 Page size: 0x1000
    2011/01/25 12:38:05.0484 Boot type: Normal boot
    2011/01/25 12:38:05.0484 ================================================================================
    2011/01/25 12:38:06.0140 Initialize success
    2011/01/25 12:38:07.0906 ================================================================================
    2011/01/25 12:38:07.0906 Scan started
    2011/01/25 12:38:07.0906 Mode: Manual;
    2011/01/25 12:38:07.0906 ================================================================================
    2011/01/25 12:38:13.0109 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/01/25 12:38:13.0406 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    2011/01/25 12:38:13.0703 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/01/25 12:38:13.0828 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
    2011/01/25 12:38:13.0984 AgereSoftModem (052343cd49c8da20c48958cfe73c7d44) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    2011/01/25 12:38:14.0562 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
    2011/01/25 12:38:14.0687 ALCXWDM (4dd2c10fc6434fedcb7c71fbdc1f107a) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
    2011/01/25 12:38:14.0921 ApfiltrService (69b381c46330f7ac497c33cb135060c1) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
    2011/01/25 12:38:15.0328 AR5211 (32bf9185a7dc622c00791113d5568662) C:\WINDOWS\system32\DRIVERS\ar5211.sys
    2011/01/25 12:38:15.0421 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2011/01/25 12:38:15.0656 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/01/25 12:38:15.0750 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/01/25 12:38:15.0890 ati2mtag (05e891b470f869866b38cb9ce1e39a16) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    2011/01/25 12:38:16.0531 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/01/25 12:38:16.0671 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/01/25 12:38:16.0781 Avgfwdx (0c5941af0b6bf2fdf378937392865217) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
    2011/01/25 12:38:16.0828 Avgfwfd (0c5941af0b6bf2fdf378937392865217) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
    2011/01/25 12:38:16.0921 AVGIDSDriver (0c61f066f4d94bd67063dc6691935143) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
    2011/01/25 12:38:17.0156 AVGIDSEH (84853f800cd69252c3c764fe50d0346f) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
    2011/01/25 12:38:17.0218 AVGIDSFilter (28d6adcd03e10f3838488b9b5d407dd4) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
    2011/01/25 12:38:17.0296 AVGIDSShim (0eb16f4dbbb946360af30d2b13a52d1d) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
    2011/01/25 12:38:17.0359 Avgldx86 (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
    2011/01/25 12:38:17.0437 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
    2011/01/25 12:38:17.0703 Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
    2011/01/25 12:38:17.0781 Avgtdix (660788ec46f10ece80274d564fa8b4aa) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
    2011/01/25 12:38:17.0906 b57w2k (b9391a83f075351c923c3a37c53af396) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
    2011/01/25 12:38:18.0921 BatteryChecker (2e76e2a479259a6054d3e5621e2c8ac2) C:\WINDOWS\system32\Drivers\BtryChkr.sys
    2011/01/25 12:38:19.0546 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/01/25 12:38:19.0703 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    2011/01/25 12:38:19.0750 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    2011/01/25 12:38:19.0890 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
    2011/01/25 12:38:20.0250 BsStor (e44e9b8db06148f82d54a4a03f8e40a1) C:\WINDOWS\system32\drivers\BsStor.sys
    2011/01/25 12:38:20.0468 BsUDF (8ead370116b3e18a8478b327f2aa22f7) C:\WINDOWS\system32\drivers\BsUDF.sys
    2011/01/25 12:38:20.0781 caboagp (906fcf0d1dc5b573015bbd21ef54bd88) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys
    2011/01/25 12:38:21.0265 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/01/25 12:38:21.0656 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    2011/01/25 12:38:21.0828 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/01/25 12:38:21.0921 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/01/25 12:38:21.0984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/01/25 12:38:22.0109 CDRPDACC (f4dd5641576334e4eeabfe50b065e572) D:\Program Files\Platinum\Shared\CDRPDACC.SYS
    2011/01/25 12:38:22.0531 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    2011/01/25 12:38:22.0640 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    2011/01/25 12:38:22.0828 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
    2011/01/25 12:38:23.0078 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
    2011/01/25 12:38:23.0312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/01/25 12:38:23.0375 DKbFltr (81bb67653a68db2a71702849d40697a4) C:\WINDOWS\system32\Drivers\DKbFltr.sys
    2011/01/25 12:38:23.0609 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/01/25 12:38:23.0890 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    2011/01/25 12:38:24.0046 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/01/25 12:38:24.0109 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/01/25 12:38:24.0218 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/01/25 12:38:24.0312 EPOWER (0b07768ae046f9ed6a75e5bc75660828) C:\WINDOWS\system32\Drivers\hkdrv.sys
    2011/01/25 12:38:24.0671 EPPSCSIx (2dedff09f97f50ac1adadd64a1ec98f2) C:\WINDOWS\system32\DRIVERS\EPPSCAN.sys
    2011/01/25 12:38:25.0000 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/01/25 12:38:25.0171 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    2011/01/25 12:38:25.0281 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    2011/01/25 12:38:25.0343 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    2011/01/25 12:38:25.0468 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/01/25 12:38:26.0125 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/01/25 12:38:27.0093 FTDIBUS (47b9cf937ac479046da289bd5a769ce9) C:\WINDOWS\system32\drivers\ftdibus.sys
    2011/01/25 12:38:27.0359 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/01/25 12:38:27.0437 FTSER2K (216b9a2191676034999785c7f94fa5d6) C:\WINDOWS\system32\drivers\ftser2k.sys
    2011/01/25 12:38:27.0640 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    2011/01/25 12:38:27.0718 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
    2011/01/25 12:38:28.0062 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/01/25 12:38:28.0281 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/01/25 12:38:28.0500 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/01/25 12:38:28.0984 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/01/25 12:38:29.0078 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/01/25 12:38:29.0343 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2011/01/25 12:38:29.0437 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/01/25 12:38:29.0734 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/01/25 12:38:29.0984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/01/25 12:38:30.0218 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/01/25 12:38:30.0296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/01/25 12:38:30.0375 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
    2011/01/25 12:38:30.0546 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/01/25 12:38:30.0640 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/01/25 12:38:30.0765 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/01/25 12:38:31.0046 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/01/25 12:38:31.0218 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/01/25 12:38:31.0437 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
    2011/01/25 12:38:31.0656 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
    2011/01/25 12:38:31.0906 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
    2011/01/25 12:38:32.0093 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
    2011/01/25 12:38:32.0265 MDC8021X (4fe6172e2fa816c6f55b31e99784fc33) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
    2011/01/25 12:38:32.0531 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/01/25 12:38:32.0718 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    2011/01/25 12:38:32.0781 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/01/25 12:38:32.0859 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/01/25 12:38:32.0937 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/01/25 12:38:33.0000 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
    2011/01/25 12:38:33.0359 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/01/25 12:38:33.0468 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/01/25 12:38:33.0578 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/01/25 12:38:33.0796 MSIRCOMM (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
    2011/01/25 12:38:33.0984 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/01/25 12:38:34.0046 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/01/25 12:38:34.0093 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/01/25 12:38:34.0187 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/01/25 12:38:34.0296 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    2011/01/25 12:38:34.0437 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2011/01/25 12:38:34.0593 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    2011/01/25 12:38:34.0859 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/01/25 12:38:34.0968 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    2011/01/25 12:38:35.0062 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/01/25 12:38:35.0203 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/01/25 12:38:35.0265 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/01/25 12:38:35.0484 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/01/25 12:38:35.0546 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/01/25 12:38:35.0671 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/01/25 12:38:35.0828 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
    2011/01/25 12:38:36.0171 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2011/01/25 12:38:36.0312 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys
    2011/01/25 12:38:36.0531 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys
    2011/01/25 12:38:36.0781 nmwcdcj (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcj.sys
    2011/01/25 12:38:36.0906 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys
    2011/01/25 12:38:36.0968 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/01/25 12:38:37.0156 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/01/25 12:38:37.0421 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/01/25 12:38:37.0515 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/01/25 12:38:37.0640 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/01/25 12:38:37.0734 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2011/01/25 12:38:37.0875 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    2011/01/25 12:38:38.0125 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/01/25 12:38:38.0187 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/01/25 12:38:38.0359 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/01/25 12:38:38.0468 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/01/25 12:38:38.0609 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    2011/01/25 12:38:38.0843 Pcouffin (62c72e912a04aa927d9eaf9a0b157aaf) C:\WINDOWS\system32\Drivers\Pcouffin.sys
    2011/01/25 12:38:39.0203 pepifilter (b20f958b207e6aaac5f70d04dd2c30d8) C:\WINDOWS\system32\DRIVERS\lv302af.sys
    2011/01/25 12:38:39.0546 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
    2011/01/25 12:38:39.0906 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/01/25 12:38:40.0031 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
    2011/01/25 12:38:40.0109 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/01/25 12:38:40.0187 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/01/25 12:38:40.0484 PxHelp20 (352cf968df88760fef225c3fbe7184a7) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
    2011/01/25 12:38:40.0796 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/01/25 12:38:40.0890 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
    2011/01/25 12:38:41.0296 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/01/25 12:38:41.0359 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/01/25 12:38:41.0437 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/01/25 12:38:41.0546 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/01/25 12:38:41.0890 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/01/25 12:38:42.0546 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    2011/01/25 12:38:42.0750 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/01/25 12:38:43.0156 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/01/25 12:38:43.0343 RTL8023 (29f9879a1fd386f7251ae9fdadb2cbf1) C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys
    2011/01/25 12:38:43.0406 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    2011/01/25 12:38:43.0625 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) D:\Program Files\spybotsearchanddestry\SASDIFSV.SYS
    2011/01/25 12:38:43.0718 SASKUTIL (61db0d0756a99506207fd724e3692b25) D:\Program Files\spybotsearchanddestry\SASKUTIL.SYS
    2011/01/25 12:38:44.0125 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    2011/01/25 12:38:44.0171 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/01/25 12:38:44.0343 Ser2pl (b490ad520257dda26c1d587a71e527b5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
    2011/01/25 12:38:44.0734 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    2011/01/25 12:38:44.0812 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
    2011/01/25 12:38:44.0906 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    2011/01/25 12:38:44.0968 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    2011/01/25 12:38:45.0187 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/01/25 12:38:45.0390 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    2011/01/25 12:38:45.0671 SMCIRDA (f5fec5b4b985fbf81927844e75dd5bd1) C:\WINDOWS\system32\DRIVERS\smcirda.sys
    2011/01/25 12:38:46.0015 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
    2011/01/25 12:38:46.0265 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/01/25 12:38:46.0390 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/01/25 12:38:46.0828 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/01/25 12:38:46.0953 SrvcEKIOMngr (970019198659034220ef39a9fc2bc3f6) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
    2011/01/25 12:38:47.0203 SrvcEPIOMngr (6f6b70e24080b663c805ecf7cf4b66d9) C:\WINDOWS\system32\Drivers\EPIoMngr.sys
    2011/01/25 12:38:47.0359 SrvcSSIOMngr (5ec69165a76042ddc1f0b81a0bf296c1) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
    2011/01/25 12:38:47.0500 SrvcTPIOMngr (4b00a4572f8c793e4918be9032491917) C:\WINDOWS\system32\Drivers\TPIoMngr.sys
    2011/01/25 12:38:47.0671 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    2011/01/25 12:38:47.0890 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/01/25 12:38:48.0093 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/01/25 12:38:48.0515 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/01/25 12:38:48.0828 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/01/25 12:38:49.0171 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/01/25 12:38:49.0343 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/01/25 12:38:49.0468 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/01/25 12:38:49.0796 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/01/25 12:38:50.0203 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/01/25 12:38:51.0250 USB28xxBGA (9477298f1acc08292ebd3869193de489) C:\WINDOWS\system32\DRIVERS\emBDA.sys
    2011/01/25 12:38:51.0765 USB28xxOEM (408a7bf7752a7b559ea80a3a6337878d) C:\WINDOWS\system32\DRIVERS\emOEM.sys
    2011/01/25 12:38:52.0156 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2011/01/25 12:38:52.0406 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    2011/01/25 12:38:52.0515 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/01/25 12:38:52.0656 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/01/25 12:38:52.0984 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/01/25 12:38:53.0156 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    2011/01/25 12:38:53.0296 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/01/25 12:38:53.0437 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2011/01/25 12:38:53.0890 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/01/25 12:38:54.0078 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/01/25 12:38:54.0265 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/01/25 12:38:54.0781 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/01/25 12:38:55.0015 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/01/25 12:38:55.0625 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
    2011/01/25 12:38:56.0000 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    2011/01/25 12:38:56.0140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2011/01/25 12:38:56.0468 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2011/01/25 12:38:57.0031 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
    2011/01/25 12:38:57.0046 ================================================================================
    2011/01/25 12:38:57.0046 Scan finished
    2011/01/25 12:38:57.0046 ================================================================================
    2011/01/25 12:38:57.0093 Detected object count: 1
    2011/01/25 12:39:04.0281 \HardDisk0 - will be cured after reboot
    2011/01/25 12:39:04.0281 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
    2011/01/25 12:39:28.0078 Deinitialize success
    0
  9. Utilisateur anonyme
     
    super:-)

    redemarre ton pc,

    repasse un autrezhpdiag tout frais :P

    fais comme tu l'as faite pour que je vois le rapport, compressé ou non;-)

    0
  10. iyad2009
     
    et voila,

    Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010
    Run by ahmad at 25/01/2011 1:09:04 PM
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    Contact : nicolascoolman@yahoo.fr

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

    ---\\ System Information
    Windows XP Professional Service Pack 3 (Build 2600)
    Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
    Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1023.0 MB (20% free)
    System drive C: has 2 GB (8%) free of 20 GB

    ---\\ Logged in mode
    Computer Name: AZM
    User Name: ahmad
    All Users Names: SUPPORT_388945a0, LogMeInRemoteUser, HelpAssistant, Guest, ahmad, Administrator,
    Unselected Option: O1,O45,O61,O62,O65,O82
    Logged in as Administrator

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 55 Go)
    E:\ CD-ROM drive (Free 0 Go of 3 Go)
    F:\ CD-ROM drive (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

    ---\\ Search Generic System Files
    [MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows Explorer.) (.14/04/2008 5:42:20 AM.) -- C:\Windows\Explorer.exe [1033728]
    [MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.14/04/2008 5:42:40 AM.) -- C:\Windows\System32\Winlogon.exe [507904]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 12:10:32 AM.) -- C:\Windows\System32\drivers\atapi.sys [96512]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 12:45:54 AM.) -- C:\Windows\System32\drivers\ntfs.sys [574976]

    ---\\ Running Processes
    [MD5.4ABB39045C597B358334B16F6483F60A] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Ati2evxx.exe [397312]
    [MD5.65010AEDF6217A0568226AFD0BC8A288] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
    [MD5.DAB3F0E885C1011D87F14F2FD1850EDC] - (.AVG - PC Tuneup 2011.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [749384]
    [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
    [MD5.9698E78329BBA262F7C931A85B02BE5D] - (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [450560]
    [MD5.B8E684DF9A97497EDD2F87444A6307FB] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269]
    [MD5.E840A9AEA5D59A5E9C1C4F1AB24D197A] - (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe [141608]
    [MD5.4719ED2A9E1F0FF37BC3FC1999F4FFC4] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe [2747744]
    [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
    [MD5.C9989C1C9EEDE0F71C024F549E9C68E1] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872]
    [MD5.A7A0ED26C68892135F23F4D4F176E2E3] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536]
    [MD5.7B9E9A8C71C77DD03CF97FA7C996C3C9] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe [2424560]
    [MD5.1964BD18D97745FAFEF098B5CA66DE4C] - (.Atheros Communications, Inc. - Atheros Client Utility.) -- C:\Program Files\Atheros\ACU.exe [1343488]
    [MD5.0CCE84F6F693478A769BFC1E993CBF67] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe [737872]
    [MD5.2E3E53A6AEF23E24F402C7855B9B1542] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144176]
    [MD5.18EDC2F3076D32C6C6B98F11EB85D2CB] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files\AVG\AVG10\avgfws.exe [3226632]
    [MD5.4AF61A15B3614FEF25FE93EA2FABD620] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe [265400]
    [MD5.5AB58C337AC65837FE404462AD6265AB] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
    [MD5.EDFB15C5AF45B381277E6A275680C81D] - (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) -- C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe [36973]
    [MD5.F7945E2D5767485C960403DD7FF5033D] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [28672]
    [MD5.E731921DB2E17DCD3DB472FAD5549C57] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
    [MD5.1D28B53C50CC57062692862B8E083020] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904]
    [MD5.5A9679D184A408982D5F0BD79874B44F] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [150040]
    [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
    [MD5.ED6235C93981D8658FA433092A809303] - (.Memeo - MemeoBackgroundService.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824]
    [MD5.B4139011FADDBDAE615961548E75E5C5] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [7520337]
    [MD5.8E757A20B2267AA38B09BA718CEBD13C] - (.DataFocus, Inc. - NuTCRACKER Service.) -- C:\WINDOWS\System32\nutsrv4.exe [277272]
    [MD5.A1A36682DF22777834E1C37F3C79AEC2] - (.WDC - WD Drive Manager Service.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400]
    [MD5.668056D5C3C11AB7D266819A96B964E8] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\system32\MsPMSPSv.exe [53248]
    [MD5.F4F5FD5B414AD2F9AD72CB97D64B5D30] - (.AVG Technologies CZ, s.r.o. - AVG Alert Manager.) -- C:\Program Files\AVG\AVG10\avgam.exe [745824]
    [MD5.288778D9E2D1C7E8A5DBD5C6DB8046B0] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [6128720]
    [MD5.7E6741A17CFDCD700DA5B6EC624F83B3] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG10\avgnsx.exe [1084256]
    [MD5.F92048E22CB392BBC3C38EF393C0E4A6] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968]
    [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
    [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]
    [MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]
    [MD5.79D4CCA7D30DDADCD0BACEBE7215C2AD] - (.Skype Technologies S.A. - SkypeNames.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe [234792]

    ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2)
    P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Unknown owner - No comment.) -- D:\Program Files\itunes\Mozilla Plugins\npitunes.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2027] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
    P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2088] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
    P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1040] - (.RealNetworks, Inc. - 6.0.12.1040.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
    P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\plugins\npVeetle.dll
    P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\Player\npvlc.dll
    P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

    ---\\ Internet Explorer Extensions, Start, Search (R3,R0,R1)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ca/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll

    ---\\ Changed inifile Value, Mapped to Registry (F2)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

    ---\\ Browser Helper Objects (O2)
    O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    ---\\ Auto loading programs from Registry and folders (O4)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [WD Drive Manager] . (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
    O4 - HKLM\..\Run: [WD Anywhere Backup] . (.Memeo Inc. - Memeo AutoBackup Launcher.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe
    O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTimes\qttask.exe
    O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.)
    O4 - HKLM\..\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [ATIModeChange] . (.ATI Technologies, Inc. - ATI 2D Mode component.) -- C:\Windows\System32\Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
    O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
    O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Atheros Client Utility.lnk . (.Atheros Communications, Inc..) -- C:\Program Files\Atheros\ACU.exe

    ---\\ Other User Links (O4)
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inscription de Toshiba.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\OOBE\msoobe.exe

    ---\\ Extra items in the IE right-click menu (O8)
    O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
    O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll

    ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Unknown owner - No comment.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

    ---\\ Internet Explorer Plugins (O12)
    O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    ---\\ ActiveX Objects (Downloaded Program Files) (O16)
    O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
    O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
    O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} () - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} () - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} () - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} () - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    ---\\ Lop.com/Domain Hijackers (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

    ---\\ Extra protocols and protocol Hijackers (O18)
    O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll

    ---\\ AppInit_DLLs Registry value Autorun (O20)
    O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- D:\Program Files\spybotsearchanddestry\SASWINLO.dll
    O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
    O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\Windows\System32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\Windows\System32\sclgntfy.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: WgaLogon . (.Unknown owner - No comment.) -- WgaLogon.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll

    ---\\ ShellServiceObjectDelayLoad (O21)
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\System32\stobject.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

    ---\\ SharedTaskScheduler (O22)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll

    ---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
    O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: (Ati HotKey Poller) . (.Unknown owner - No comment.) - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files\AVG\AVG10\avgfws.exe
    O23 - Service: (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG IDS application.) - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: (CeEPwrSvc) . (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
    O23 - Service: (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: (MemeoBackgroundService) . (.Memeo - MemeoBackgroundService.) - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
    O23 - Service: (NuTCRACKERService) . (.DataFocus, Inc. - NuTCRACKER Service.) - C:\WINDOWS\System32\nutsrv4.exe
    O23 - Service: (WDBtnMgrSvc.exe) . (.WDC - WD Drive Manager Service.) - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

    ---\\ Windows Active Desktop & MHTML Editor (O24)
    O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/ahmad/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
    O24 - Desktop Component 1: My Current Home Page - file:About:Home
    O24 - Default MHTML Editor: Last - .(.Unknown owner - No comment.) - "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)

    ---\\ Task Planned Automatically(039)
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegistryBooster.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
    [MD5.DAB3F0E885C1011D87F14F2FD1850EDC] [APT] [AVG PC Tuneup 2011 Integrator Start On Windows Logon] (.AVG.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
    [MD5.65010AEDF6217A0568226AFD0BC8A288] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe

    ---\\ ActiveSetup Installed Components (O40)
    O40 - ASIC: Macromedia Shockwave Director 9.0 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\macromed\Director\SwDir.dll
    O40 - ASIC: Adobe Shockwave Director 10.2 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll
    O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msnetmtg.inf
    O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msmsgs.inf
    O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\wmp10.inf
    O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx

    ---\\ Drivers launched at startup (O41)
    O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
    O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx86.sys
    O41 - Driver: (Avgmfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx86.sys
    O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdix.sys
    O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
    O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - C:\Windows\System32\DRIVERS\i8042prt.sys
    O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
    O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\intelppm.sys
    O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
    O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\Windows\System32\DRIVERS\kbdclass.sys
    O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\Windows\System32\DRIVERS\mouclass.sys
    O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
    O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
    O41 - Driver: (Processor) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\processr.sys
    O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
    O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
    O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\Windows\System32\DRIVERS\redbook.sys
    O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - D:\Program Files\spybotsearchanddestry\SASDIFSV.sys
    O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - D:\Program Files\spybotsearchanddestry\SASKUTIL.sys
    O41 - Driver: (SrvcEKIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EKIoMngr.sys
    O41 - Driver: (SrvcEPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EPIoMngr.sys
    O41 - Driver: (SrvcSSIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\SSIoMngr.sys
    O41 - Driver: (SrvcTPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\TPIoMngr.sys
    O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
    O41 - Driver: VGA Display Controller. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

    ---\\ Software installed (O42)
    O42 - Logiciel: ATI - Software Uninstall Utility - (.Unknown owner.) [HKLM] -- All ATI Software
    O42 - Logiciel: ATI Control Panel - (.Unknown owner.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
    O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
    O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- AVG
    O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {04E7A3BB-DB38-481C-A809-35FA60C78EDF}
    O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {F4C68898-EBA5-46A9-82B3-2D30426086BF}
    O42 - Logiciel: AVG PC Tuneup 2011 - (.AVG.) [HKLM] -- {50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1
    O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
    O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Reader 9.2 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A92000000001}
    O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {B2D328BE-45AD-4D92-96F9-2151490A203E}
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {85991ED2-010C-4930-96FA-52F43C2CE98A}
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0CB9668D-F979-4F31-B8B8-67FE90F929F8}
    O42 - Logiciel: Brother MFL-Pro Suite - (.Unknown owner.) [HKLM] -- {D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
    O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
    O42 - Logiciel: Data Lifeguard Diagnostic for Windows - (.Western Digital Corporation.) [HKLM] -- {E40CE517-0D42-4198-96B4-C8232B257EB5}
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
    O42 - Logiciel: InterVideo FilterSDK for Hauppauge - (.InterVideo Inc..) [HKLM] -- {2227E1FA-01F5-483C-AB0E-2A308E900B3D}
    O42 - Logiciel: J2SE Runtime Environment 5.0 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150010}
    O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
    O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
    O42 - Logiciel: Live Global Bid Bid Control Kit Setup - (.Unknown owner.) [HKLM] -- Live Global Bid Bid Control Kit Setup
    O42 - Logiciel: Logitech High Quality Video - (.Logitech, Inc..) [HKLM] -- {281D28EC-1357-4778-B2D7-DEA56D70EF96}
    O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {6444D9D9-CD6C-4464-B970-55C606C944DC}
    O42 - Logiciel: Logitech Updater - (.Logitech, Inc..) [HKLM] -- {53735ECE-E461-4FD0-B742-23A352436D3A}
    O42 - Logiciel: Logitech Webcam Software Driver Package - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
    O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
    O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
    O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {90110409-6000-11D3-8CFE-0150048383C9}
    O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
    O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    O42 - Logiciel: MiraScan V3.42 - (.Unknown owner.) [HKCU] -- MiraScan V3.42
    O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Unknown owner.) [HKCU] -- Octoshape add-in for Adobe Flash Player
    O42 - Logiciel: PaperPort - (.ScanSoft, Inc..) [HKLM] -- {A17EABB6-D0C6-44E5-820C-72DC7F495064}
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
    O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {1A9E151D-05DD-4937-9FDB-82B7140734A5}
    O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {F22B6F59-D6A5-4FA1-A913-D821A9F53DD6}
    O42 - Logiciel: Realtek AC'97 Audio - (.Unknown owner.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
    O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
    O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    O42 - Logiciel: Security Update for Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
    O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
    O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
    O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
    O42 - Logiciel: TOSHIBA ConfigFree - (.Unknown owner.) [HKLM] -- {BDD83DC9-BEE9-4654-A5DA-CC46C250088D}
    O42 - Logiciel: TOSHIBA PC Diagnostic Tool - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}
    O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
    O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
    O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
    O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV
    O42 - Logiciel: WD Anywhere Backup - (.Memeo Inc..) [HKLM] -- {68131B0A-D78D-4aed-B74E-33A6C7324E50}
    O42 - Logiciel: WD Drive Manager (x86) - (.Western Digital.) [HKLM] -- {CCD04643-5246-48AC-9D8C-F43A37BB8F36}
    O42 - Logiciel: WinRAR archiver - (.Unknown owner.) [HKLM] -- WinRAR archiver
    O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
    O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
    O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {F6BD194C-4190-4D73-B1B1-C48C99921BFE}
    O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
    O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
    O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {A85FD55B-891B-4314-97A5-EA96C0BD80B5}
    O42 - Logiciel: Windows Live Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9422C8EA-B0C6-4197-B8FC-DC797658CA00}
    O42 - Logiciel: Windows Live Upload Tool - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
    O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
    O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
    O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}
    O42 - Logiciel: vShare Plugin - (.Unknown owner.) [HKLM] -- vShare

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\321Studios]
    [HKCU\Software\3rd Eye Solutions]
    [HKCU\Software\AC3Filter]
    [HKCU\Software\ALWIL Software]
    [HKCU\Software\AVG]
    [HKCU\Software\Adobe]
    [HKCU\Software\Alps]
    [HKCU\Software\AntiVirus System 2011]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\ApplianTechnologies]
    [HKCU\Software\Ariadne Genomics]
    [HKCU\Software\Arrowkey]
    [HKCU\Software\Atari]
    [HKCU\Software\Atheros]
    [HKCU\Software\Aurigma]
    [HKCU\Software\Auslogics]
    [HKCU\Software\BCL Technologies]
    [HKCU\Software\BasicScript Program Settings]
    [HKCU\Software\Bogosoft]
    [HKCU\Software\Brother]
    [HKCU\Software\CDDB]
    [HKCU\Software\COMPAL]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\Colubris Networks]
    [HKCU\Software\Conduit]
    [HKCU\Software\Cygnus Solutions]
    [HKCU\Software\D2]
    [HKCU\Software\DVD X Copy Platinum]
    [HKCU\Software\DivXNetworks]
    [HKCU\Software\Drag'n Drop CD+DVD]
    [HKCU\Software\Elecard]
    [HKCU\Software\Electronic Arts]
    [HKCU\Software\GNU]
    [HKCU\Software\Gabest]
    [HKCU\Software\Google]
    [HKCU\Software\Haali]
    [HKCU\Software\Hauppauge]
    [HKCU\Software\HubTech]
    [HKCU\Software\IM Providers]
    [HKCU\Software\IZSoftware]
    [HKCU\Software\InterTrust]
    [HKCU\Software\InterVideo]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\KMPlayer]
    [HKCU\Software\KasperskyLab]
    [HKCU\Software\LGB]
    [HKCU\Software\Leadertech]
    [HKCU\Software\Local AppWizard-Generated Applications]
    [HKCU\Software\Local Wall Application]
    [HKCU\Software\LogMeIn]
    [HKCU\Software\LogiShared]
    [HKCU\Software\Logitech]
    [HKCU\Software\LogoMedia]
    [HKCU\Software\Macromedia]
    [HKCU\Software\MainConcept (HCW)]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\Martin Prikryl]
    [HKCU\Software\Mediachance]
    [HKCU\Software\Meetstream]
    [HKCU\Software\MozillaPlugins]
    [HKCU\Software\MultimediaPhoto]
    [HKCU\Software\MyExplorer]
    [HKCU\Software\Netscape]
    [HKCU\Software\Nico Mak Computing]
    [HKCU\Software\Nokia]
    [HKCU\Software\ODBC]
    [HKCU\Software\OPENTECH]
    [HKCU\Software\Osprey]
    [HKCU\Software\PCSuite]
    [HKCU\Software\PIXELA]
    [HKCU\Software\Pegasys Inc.]
    [HKCU\Software\PepiMK Software]
    [HKCU\Software\PictureMall]
    [HKCU\Software\Piriform]
    [HKCU\Software\Policies]
    [HKCU\Software\PriceGong]
    [HKCU\Software\Protein Lounge]
    [HKCU\Software\RadialPoint]
    [HKCU\Software\Rational Software]
    [HKCU\Software\RealNetworks]
    [HKCU\Software\Replay AV 8]
    [HKCU\Software\SGooPE]
    [HKCU\Software\SSH Communications Security]
    [HKCU\Software\SUPERAntiSpyware.com]
    [HKCU\Software\SWI]
    [HKCU\Software\Safer Networking Limited]
    [HKCU\Software\ScanSoft]
    [HKCU\Software\SecuROM]
    [HKCU\Software\Skype]
    [HKCU\Software\Smart Projects]
    [HKCU\Software\SmartTweak]
    [HKCU\Software\Sony Corporation]
    [HKCU\Software\Sunbelt Software]
    [HKCU\Software\Sysinternals]
    [HKCU\Software\TOSHIBA]
    [HKCU\Software\TVANTS]
    [HKCU\Software\Trolltech]
    [HKCU\Software\Ulead Systems]
    [HKCU\Software\Unlimited Possibilities]
    [HKCU\Software\VB and VBA Program Settings]
    [HKCU\Software\Veetle]
    [HKCU\Software\VicMan Software]
    [HKCU\Software\Videotron]
    [HKCU\Software\Viscom Software]
    [HKCU\Software\Visioneer]
    [HKCU\Software\Voice]
    [HKCU\Software\WinRAR SFX]
    [HKCU\Software\WinRAR]
    [HKCU\Software\WinZip Computing]
    [HKCU\Software\Winamp]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\ZipZag2]
    [HKCU\Software\ZipZag]
    [HKCU\Software\eBay]
    [HKCU\Software\eFilm Medical]
    [HKCU\Software\ej-technologies]
    [HKCU\Software\mmtwn]
    [HKCU\Software\roxio]
    [HKCU\Software\uTorrent]
    [HKCU\Software\vShare]
    [HKLM\Software\15897034]
    [HKLM\Software\321Studios]
    [HKLM\Software\ACE Compression Software]
    [HKLM\Software\ALPS]
    [HKLM\Software\ALWIL Software]
    [HKLM\Software\AMPing]
    [HKLM\Software\ATI Technologies Inc.]
    [HKLM\Software\ATI Technologies]
    [HKLM\Software\Acer Peripherals Inc.]
    [HKLM\Software\Acudata]
    [HKLM\Software\Adobe Systems]
    [HKLM\Software\Adobe]
    [HKLM\Software\Agere]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\Applian]
    [HKLM\Software\Ariadne Genomics]
    [HKLM\Software\Arrowkey]
    [HKLM\Software\Atheros Communications]
    [HKLM\Software\AviSynth]
    [HKLM\Software\B.H.A]
    [HKLM\Software\BCL Technologies]
    [HKLM\Software\Brooktree]
    [HKLM\Software\Brother]
    [HKLM\Software\C07ft5Y]
    [HKLM\Software\CDDB]
    [HKLM\Software\COMPAL]
    [HKLM\Software\Chilkat Software, Inc.]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\Colubris Networks]
    [HKLM\Software\Conduit]
    [HKLM\Software\Cygnus Solutions]
    [HKLM\Software\D-Tools]
    [HKLM\Software\DataFocus]
    [HKLM\Software\Deckard]
    [HKLM\Software\DigiOn Inc. and Easy Systems Japan Ltd.]
    [HKLM\Software\Drag'n Drop CD+DVD]
    [HKLM\Software\EA SPORTS]
    [HKLM\Software\Easy Systems Japan Ltd.]
    [HKLM\Software\Electronic Arts]
    [HKLM\Software\FLEXlm License Manager]
    [HKLM\Software\FRISK Software International]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\GNU]
    [HKLM\Software\Gemplus]
    [HKLM\Software\Global IP Sound]
    [HKLM\Software\Google]
    [HKLM\Software\HaaliMkx]
    [HKLM\Software\Hauppauge]
    [HKLM\Software\Horizon]
    [HKLM\Software\IMSI]
    [HKLM\Software\ISSS]
    [HKLM\Software\InstallShield]
    [HKLM\Software\Intel]
    [HKLM\Software\InterVideo]
    [HKLM\Software\IviSDK4Hauppauge]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\KasperskyLab]
    [HKLM\Software\L&H]
    [HKLM\Software\LEAD Technologies, Inc.]
    [HKLM\Software\Licenses]
    [HKLM\Software\Link Data Security]
    [HKLM\Software\Logitech]
    [HKLM\Software\LogoMedia]
    [HKLM\Software\Lucent]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Macrovision]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKLM\Software\Martin Prikryl]
    [HKLM\Software\MicroQuill]
    [HKLM\Software\MimarSinan]
    [HKLM\Software\Mortice Kern Systems]
    [HKLM\Software\Motive]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\NOS]
    [HKLM\Software\Nico Mak Computing]
    [HKLM\Software\Nokia]
    [HKLM\Software\ODBC]
    [HKLM\Software\OMSI]
    [HKLM\Software\P!HDS8]
    [HKLM\Software\PC Connectivity Solution]
    [HKLM\Software\PCSuite]
    [HKLM\Software\PCTools]
    [HKLM\Software\PIXELA]
    [HKLM\Software\PepiMK Software]
    [HKLM\Software\Piriform]
    [HKLM\Software\Policies]
    [HKLM\Software\Program Groups]
    [HKLM\Software\Prolific Technology INC]
    [HKLM\Software\REALTEK Semiconductor Corp.]
    [HKLM\Software\Radialpoint]
    [HKLM\Software\Rational Software]
    [HKLM\Software\RealNetworks]
    [HKLM\Software\Realtek]
    [HKLM\Software\RegisteredApplications]
    [HKLM\Software\RichFX]
    [HKLM\Software\RioPort]
    [HKLM\Software\SGOOPE]
    [HKLM\Software\SSH Communications Security]
    [HKLM\Software\SUPERAntiSpyware.com]
    [HKLM\Software\SWI]
    [HKLM\Software\Safer Networking Limited]
    [HKLM\Software\ScanSoft]
    [HKLM\Software\Schlumberger]
    [HKLM\Software\Secure]
    [HKLM\Software\Skype]
    [HKLM\Software\Soeperman Enterprises Ltd.]
    [HKLM\Software\Software PRO Technologies]
    [HKLM\Software\Sun Microsystems]
    [HKLM\Software\TOSHIBA]
    [HKLM\Software\Translation Engines]
    [HKLM\Software\TrendMicro]
    [HKLM\Software\USB2800]
    [HKLM\Software\Ulead Systems]
    [HKLM\Software\Uniblue]
    [HKLM\Software\VSO]
    [HKLM\Software\Veetle]
    [HKLM\Software\Visioneer]
    [HKLM\Software\Voice]
    [HKLM\Software\WD]
    [HKLM\Software\WebUpdate]
    [HKLM\Software\Western Digital]
    [HKLM\Software\Wilson WindowWare]
    [HKLM\Software\Windows 3.1 Migration Status]
    [HKLM\Software\Windows]
    [HKLM\Software\Wise Solutions]
    [HKLM\Software\WorldWinner.com]
    [HKLM\Software\Xing Technology Corp.]
    [HKLM\Software\ZSMC]
    [HKLM\Software\Zeon]
    [HKLM\Software\Zone Labs]
    [HKLM\Software\eFilm Medical]
    [HKLM\Software\ej-technologies]
    [HKLM\Software\mozilla.org]
    [HKLM\Software\rtlsetn5]

    ---\\ Contents of the Common Files folders (O43)
    O43 - CFD: 22/11/2009 - 11:03:16 PM ----D- C:\Program Files\Adobe
    O43 - CFD: 04/01/2005 - 1:08:26 PM ----D- C:\Program Files\Apoint2K
    O43 - CFD: 04/01/2009 - 10:05:14 PM ----D- C:\Program Files\Apple Software Update
    O43 - CFD: 04/01/2005 - 1:05:46 PM ----D- C:\Program Files\Atheros
    O43 - CFD: 19/04/2004 - 11:52:38 AM ----D- C:\Program Files\ATI Technologies
    O43 - CFD: 20/01/2011 - 9:18:24 AM ----D- C:\Program Files\AVG
    O43 - CFD: 23/07/2006 - 6:22:18 PM ----D- C:\Program Files\AVG Anti Virus
    O43 - CFD: 20/04/2004 - 9:45:50 AM ----D- C:\Program Files\B's CLiP
    O43 - CFD: 13/01/2011 - 11:08:02 AM ----D- C:\Program Files\Bonjour
    O43 - CFD: 07/10/2008 - 10:55:10 PM ----D- C:\Program Files\Brother
    O43 - CFD: 24/11/2004 - 12:18:34 PM ----D- C:\Program Files\Colubris Networks
    O43 - CFD: 03/09/2010 - 10:14:56 AM ----D- C:\Program Files\Common Files
    O43 - CFD: 18/09/2009 - 10:46:56 PM ----D- C:\Program Files\ComPlus Applications
    O43 - CFD: 05/01/2005 - 11:58:12 PM ----D- C:\Program Files\D-Tools
    O43 - CFD: 20/04/2004 - 1:02:16 PM ----D- C:\Program Files\DataLode
    O43 - CFD: 05/01/2005 - 11:57:26 PM ----D- C:\Program Files\Diamond
    O43 - CFD: 13/06/2007 - 11:22:16 PM ----D- C:\Program Files\DIFX
    O43 - CFD: 20/04/2004 - 9:49:18 AM ----D- C:\Program Files\Drag'n Drop CD+DVD
    O43 - CFD: 14/01/2011 - 10:39:16 AM ----D- C:\Program Files\DriverBoost
    O43 - CFD: 23/11/2006 - 9:40:46 PM ----D- C:\Program Files\DssEvolution.com
    O43 - CFD: 20/04/2004 - 9:56:04 AM ----D- C:\Program Files\DVD-RAM
    O43 - CFD: 04/01/2005 - 1:01:28 PM ----D- C:\Program Files\EzButton
    O43 - CFD: 25/11/2004 - 12:31:40 PM ----D- C:\Program Files\Fichiers communs
    O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
    O43 - CFD: 24/11/2004 - 1:38:02 PM ----D- C:\Program Files\FSI
    O43 - CFD: 19/07/2010 - 5:20:50 PM ----D- C:\Program Files\Google
    O43 - CFD: 19/01/2011 - 11:50:58 AM --H-D- C:\Program Files\InstallShield Installation Information
    O43 - CFD: 21/01/2011 - 10:06:24 AM ----D- C:\Program Files\Internet Explorer
    O43 - CFD: 20/04/2004 - 11:21:30 AM ----D- C:\Program Files\InterVideo
    O43 - CFD: 13/01/2011 - 11:09:18 AM ----D- C:\Program Files\iPod
    O43 - CFD: 20/01/2011 - 8:42:56 AM ----D- C:\Program Files\Java
    O43 - CFD: 12/10/2008 - 5:28:12 PM ----D- C:\Program Files\Logitech
    O43 - CFD: 04/01/2005 - 1:02:36 PM ----D- C:\Program Files\ltmoh
    O43 - CFD: 24/01/2011 - 2:34:18 PM ----D- C:\Program Files\Malwarebytes' Anti-Malware
    O43 - CFD: 21/01/2011 - 10:08:10 AM ----D- C:\Program Files\Messenger
    O43 - CFD: 24/11/2004 - 2:39:16 PM ----D- C:\Program Files\Metrowerks
    O43 - CFD: 20/03/2010 - 6:27:16 PM ----D- C:\Program Files\Microsoft
    O43 - CFD: 25/11/2004 - 12:32:48 PM ----D- C:\Program Files\Microsoft ActiveSync
    O43 - CFD: 17/10/2008 - 12:20:02 PM ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    O43 - CFD: 24/11/2004 - 3:17:12 PM ----D- C:\Program Files\microsoft frontpage
    O43 - CFD: 17/01/2011 - 7:46:20 AM ----D- C:\Program Files\Microsoft Office
    O43 - CFD: 04/02/2005 - 5:20:42 PM ----D- C:\Program Files\Microsoft SQL Server
    O43 - CFD: 04/01/2005 - 1:50:54 PM ----D- C:\Program Files\Microsoft Visual Studio
    O43 - CFD: 04/01/2005 - 1:51:10 PM ----D- C:\Program Files\Microsoft Works
    O43 - CFD: 25/11/2004 - 12:33:00 PM ----D- C:\Program Files\Microsoft.NET
    O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
    O43 - CFD: 21/01/2011 - 10:06:20 AM ----D- C:\Program Files\Movie Maker
    O43 - CFD: 20/01/2011 - 9:07:22 AM ----D- C:\Program Files\Mozilla Firefox
    O43 - CFD: 16/08/2009 - 8:11:10 AM ----D- C:\Program Files\MSBuild
    O43 - CFD: 17/01/2011 - 7:45:56 AM ----D- C:\Program Files\MSECache
    O43 - CFD: 16/04/2004 - 3:47:08 PM ----D- C:\Program Files\MSN
    O43 - CFD: 16/04/2004 - 3:43:08 PM ----D- C:\Program Files\MSN Gaming Zone
    O43 - CFD: 15/06/2007 - 4:46:50 PM ----D- C:\Program Files\MSXML 4.0
    O43 - CFD: 16/08/2009 - 2:06:44 AM ----D- C:\Program Files\MSXML 6.0
    O43 - CFD: 21/01/2011 - 9:54:56 AM ----D- C:\Program Files\NetMeeting
    O43 - CFD: 20/01/2011 - 10:14:12 AM ----D- C:\Program Files\Nokia
    O43 - CFD: 09/10/2009 - 6:14:06 PM ----D- C:\Program Files\NOS
    O43 - CFD: 04/01/2005 - 12:21:30 PM ----D- C:\Program Files\Online Services
    O43 - CFD: 21/01/2011 - 10:30:00 AM ----D- C:\Program Files\Outlook Express
    O43 - CFD: 13/06/2007 - 11:21:40 PM ----D- C:\Program Files\PC Connectivity Solution
    O43 - CFD: 19/07/2010 - 6:06:12 PM ----D- C:\Program Files\QuickTime
    O43 - CFD: 24/11/2004 - 3:04:22 PM ----D- C:\Program Files\Real
    O43 - CFD: 16/08/2009 - 8:11:08 AM ----D- C:\Program Files\Reference Assemblies
    O43 - CFD: 07/10/2008 - 10:53:18 PM ----D- C:\Program Files\ScanSoft
    O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    O43 - CFD: 03/09/2010 - 10:15:24 AM R---D- C:\Program Files\Skype
    O43 - CFD: 10/06/2007 - 7:13:18 PM ----D- C:\Program Files\Sony
    O43 - CFD: 25/01/2005 - 5:11:06 PM ----D- C:\Program Files\SWIProlog
    O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    O43 - CFD: 04/02/2005 - 2:26:28 PM ----D- C:\Program Files\The KMPlayer
    O43 - CFD: 19/01/2011 - 12:21:44 PM ----D- C:\Program Files\TOSHIBA
    O43 - CFD: 14/01/2011 - 3:24:26 PM ----D- C:\Program Files\Uniblue
    O43 - CFD: 16/04/2004 - 3:58:46 PM --H-D- C:\Program Files\Uninstall Information
    O43 - CFD: 14/01/2011 - 3:00:10 PM ----D- C:\Program Files\Videotron
    O43 - CFD: 25/01/2011 - 12:33:44 PM ----D- C:\Program Files\vShare
    O43 - CFD: 20/02/2010 - 5:06:08 PM ----D- C:\Program Files\WD
    O43 - CFD: 04/02/2005 - 4:33:12 PM ----D- C:\Program Files\WebMatrix
    O43 - CFD: 20/02/2010 - 5:03:36 PM ----D- C:\Program Files\Western Digital
    O43 - CFD: 20/02/2010 - 5:03:48 PM ----D- C:\Program Files\Western Digital Corporation
    O43 - CFD: 23/08/2009 - 12:42:52 PM ----D- C:\Program Files\Windows Desktop Search
    O43 - CFD: 20/03/2010 - 6:26:32 PM ----D- C:\Program Files\Windows Live
    O43 - CFD: 20/03/2010 - 6:26:58 PM ----D- C:\Program Files\Windows Live SkyDrive
    O43 - CFD: 20/01/2011 - 2:12:32 PM ----D- C:\Program Files\Windows Media Connect 2
    O43 - CFD: 21/01/2011 - 9:54:38 AM ----D- C:\Program Files\Windows Media Player
    O43 - CFD: 19/01/2011 - 1:25:56 PM ----D- C:\Program Files\Windows NT
    O43 - CFD: 24/11/2004 - 2:02:32 PM --H-D- C:\Program Files\WindowsUpdate
    O43 - CFD: 12/05/2008 - 6:44:46 PM ----D- C:\Program Files\WinRAR
    O43 - CFD: 04/01/2005 - 1:26:48 PM ----D- C:\Program Files\WinZip
    O43 - CFD: 16/04/2004 - 3:52:58 PM ----D- C:\Program Files\xerox
    O43 - CFD: 25/01/2011 - 1:09:24 PM ----D- C:\Program Files\ZHPDiag
    O43 - CFD: 20/01/2011 - 8:47:08 AM ----D- C:\Program Files\Common Files\Adobe
    O43 - CFD: 09/10/2009 - 6:15:24 PM ----D- C:\Program Files\Common Files\Adobe AIR
    O43 - CFD: 19/11/2005 - 8:24:30 PM ----D- C:\Program Files\Common Files\Adobe Systems Shared
    O43 - CFD: 19/07/2010 - 5:37:42 PM ----D- C:\Program Files\Common Files\Apple
    O43 - CFD: 04/01/2005 - 1:51:16 PM ----D- C:\Program Files\Common Files\DESIGNER
    O43 - CFD: 20/02/2010 - 5:06:12 PM ----D- C:\Program Files\Common Files\eSellerate
    O43 - CFD: 07/10/2008 - 10:54:54 PM ----D- C:\Program Files\Common Files\InstallShield
    O43 - CFD: 04/03/2009 - 7:18:46 PM ----D- C:\Program Files\Common Files\IviSDK
    O43 - CFD: 20/01/2011 - 8:43:24 AM ----D- C:\Program Files\Common Files\Java
    O43 - CFD: 04/01/2005 - 1:52:24 PM ----D- C:\Program Files\Common Files\L&H
    O43 - CFD: 20/06/2010 - 11:44:48 AM ----D- C:\Program Files\Common Files\LogiShrd
    O43 - CFD: 20/06/2010 - 11:29:14 AM ----D- C:\Program Files\Common Files\Logitech
    O43 - CFD: 17/01/2011 - 7:46:18 AM ----D- C:\Program Files\Common Files\Microsoft Shared
    O43 - CFD: 08/04/2006 - 12:17:00 AM ----D- C:\Program Files\Common Files\Motive
    O43 - CFD: 04/01/2005 - 12:20:34 PM ----D- C:\Program Fi
    0
    1. iyad2009
       
      Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010
      Run by ahmad at 25/01/2011 1:09:04 PM
      Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
      Contact : nicolascoolman@yahoo.fr

      ---\\ Web Browser
      MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

      ---\\ System Information
      Windows XP Professional Service Pack 3 (Build 2600)
      Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
      Operating System: 32 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 1023.0 MB (20% free)
      System drive C: has 2 GB (8%) free of 20 GB

      ---\\ Logged in mode
      Computer Name: AZM
      User Name: ahmad
      All Users Names: SUPPORT_388945a0, LogMeInRemoteUser, HelpAssistant, Guest, ahmad, Administrator,
      Unselected Option: O1,O45,O61,O62,O65,O82
      Logged in as Administrator

      ---\\ DOS/Devices
      C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
      D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 55 Go)
      E:\ CD-ROM drive (Free 0 Go of 3 Go)
      F:\ CD-ROM drive (Not Inserted)


      ---\\ Security Center & Tools Informations
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK


      ---\\ Search Generic System Files
      [MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows Explorer.) (.14/04/2008 5:42:20 AM.) -- C:\Windows\Explorer.exe [1033728]
      [MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.14/04/2008 5:42:40 AM.) -- C:\Windows\System32\Winlogon.exe [507904]
      [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 12:10:32 AM.) -- C:\Windows\System32\drivers\atapi.sys [96512]
      [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 12:45:54 AM.) -- C:\Windows\System32\drivers\ntfs.sys [574976]


      ---\\ Running Processes
      [MD5.4ABB39045C597B358334B16F6483F60A] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Ati2evxx.exe [397312]
      [MD5.65010AEDF6217A0568226AFD0BC8A288] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
      [MD5.DAB3F0E885C1011D87F14F2FD1850EDC] - (.AVG - PC Tuneup 2011.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [749384]
      [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
      [MD5.9698E78329BBA262F7C931A85B02BE5D] - (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [450560]
      [MD5.B8E684DF9A97497EDD2F87444A6307FB] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269]
      [MD5.E840A9AEA5D59A5E9C1C4F1AB24D197A] - (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe [141608]
      [MD5.4719ED2A9E1F0FF37BC3FC1999F4FFC4] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe [2747744]
      [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
      [MD5.C9989C1C9EEDE0F71C024F549E9C68E1] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872]
      [MD5.A7A0ED26C68892135F23F4D4F176E2E3] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536]
      [MD5.7B9E9A8C71C77DD03CF97FA7C996C3C9] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe [2424560]
      [MD5.1964BD18D97745FAFEF098B5CA66DE4C] - (.Atheros Communications, Inc. - Atheros Client Utility.) -- C:\Program Files\Atheros\ACU.exe [1343488]
      [MD5.0CCE84F6F693478A769BFC1E993CBF67] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe [737872]
      [MD5.2E3E53A6AEF23E24F402C7855B9B1542] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144176]
      [MD5.18EDC2F3076D32C6C6B98F11EB85D2CB] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files\AVG\AVG10\avgfws.exe [3226632]
      [MD5.4AF61A15B3614FEF25FE93EA2FABD620] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe [265400]
      [MD5.5AB58C337AC65837FE404462AD6265AB] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
      [MD5.EDFB15C5AF45B381277E6A275680C81D] - (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) -- C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe [36973]
      [MD5.F7945E2D5767485C960403DD7FF5033D] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [28672]
      [MD5.E731921DB2E17DCD3DB472FAD5549C57] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
      [MD5.1D28B53C50CC57062692862B8E083020] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904]
      [MD5.5A9679D184A408982D5F0BD79874B44F] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [150040]
      [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
      [MD5.ED6235C93981D8658FA433092A809303] - (.Memeo - MemeoBackgroundService.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824]
      [MD5.B4139011FADDBDAE615961548E75E5C5] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [7520337]
      [MD5.8E757A20B2267AA38B09BA718CEBD13C] - (.DataFocus, Inc. - NuTCRACKER Service.) -- C:\WINDOWS\System32\nutsrv4.exe [277272]
      [MD5.A1A36682DF22777834E1C37F3C79AEC2] - (.WDC - WD Drive Manager Service.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400]
      [MD5.668056D5C3C11AB7D266819A96B964E8] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\system32\MsPMSPSv.exe [53248]
      [MD5.F4F5FD5B414AD2F9AD72CB97D64B5D30] - (.AVG Technologies CZ, s.r.o. - AVG Alert Manager.) -- C:\Program Files\AVG\AVG10\avgam.exe [745824]
      [MD5.288778D9E2D1C7E8A5DBD5C6DB8046B0] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [6128720]
      [MD5.7E6741A17CFDCD700DA5B6EC624F83B3] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG10\avgnsx.exe [1084256]
      [MD5.F92048E22CB392BBC3C38EF393C0E4A6] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968]
      [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
      [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]
      [MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]
      [MD5.79D4CCA7D30DDADCD0BACEBE7215C2AD] - (.Skype Technologies S.A. - SkypeNames.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe [234792]


      ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2)
      P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
      P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
      P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Unknown owner - No comment.) -- D:\Program Files\itunes\Mozilla Plugins\npitunes.dll
      P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
      P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2027] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
      P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2088] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
      P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1040] - (.RealNetworks, Inc. - 6.0.12.1040.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
      P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\plugins\npVeetle.dll
      P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- D:\Program Files\Veetle\Player\npvlc.dll
      P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll


      ---\\ Internet Explorer Extensions, Start, Search (R3,R0,R1)
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ca/?gws_rd=ssl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
      R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll


      ---\\ Changed inifile Value, Mapped to Registry (F2)
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
      F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


      ---\\ Browser Helper Objects (O2)
      O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG10\avgssie.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll


      ---\\ Auto loading programs from Registry and folders (O4)
      O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
      O4 - HKLM\..\Run: [WD Drive Manager] . (.WDC - WD Drive Manager.) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
      O4 - HKLM\..\Run: [WD Anywhere Backup] . (.Memeo Inc. - Memeo AutoBackup Launcher.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe
      O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Program Files\itunes\iTunesHelper.exe
      O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTimes\qttask.exe
      O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.)
      O4 - HKLM\..\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe
      O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
      O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
      O4 - HKLM\..\Run: [ATIModeChange] . (.ATI Technologies, Inc. - ATI 2D Mode component.) -- C:\Windows\System32\Ati2mdxx.exe
      O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
      O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
      O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
      O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
      O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] . (.Time Information Services Ltd. - PC Sync.) -- D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
      O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
      O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
      O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- D:\Program Files\spybotsearchanddestry\SUPERAntiSpyware.exe
      O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\spybotsearchanddestry\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
      O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (.Unknown owner - No comment.) -- C:\Program Files\Common Files\logishrd\WUApp32.exe
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Atheros Client Utility.lnk . (.Atheros Communications, Inc..) -- C:\Program Files\Atheros\ACU.exe


      ---\\ Other User Links (O4)
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inscription de Toshiba.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\OOBE\msoobe.exe


      ---\\ Extra items in the IE right-click menu (O8)
      O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
      O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll


      ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
      O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Unknown owner - No comment.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
      O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe


      ---\\ Winsock hijacker (Layered Service Provider) (O10)
      O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
      O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
      O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
      O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll


      ---\\ Internet Explorer Plugins (O12)
      O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

      ---\\ ActiveX Objects (Downloaded Program Files) (O16)
      O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
      O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
      O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} () - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} () - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
      O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} () - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
      O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} () - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


      ---\\ Lop.com/Domain Hijackers (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
      O17 - HKLM\System\CS3\Services\Tcpip\..\{13FB210F-866D-415A-88E3-ECB817C59B81}: DhcpNameServer = 192.168.0.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1


      ---\\ Extra protocols and protocol Hijackers (O18)
      O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG10\avgpp.dll
      O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
      O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll


      ---\\ AppInit_DLLs Registry value Autorun (O20)
      O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- D:\Program Files\spybotsearchanddestry\SASWINLO.dll
      O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
      O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
      O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\Windows\System32\cscdll.dll
      O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
      O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
      O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
      O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\Windows\System32\sclgntfy.dll
      O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\WlNotify.dll
      O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll
      O20 - Winlogon Notify: WgaLogon . (.Unknown owner - No comment.) -- WgaLogon.dll
      O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\Windows\System32\wlnotify.dll


      ---\\ ShellServiceObjectDelayLoad (O21)
      O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
      O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
      O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\System32\stobject.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll


      ---\\ SharedTaskScheduler (O22)
      O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll
      O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll


      ---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
      O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: (Ati HotKey Poller) . (.Unknown owner - No comment.) - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files\AVG\AVG10\avgfws.exe
      O23 - Service: (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG IDS application.) - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
      O23 - Service: (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG10\avgwdsvc.exe
      O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: (CeEPwrSvc) . (.COMPAL ELECTRONIC INC. - CeEPwrSvc Module.) - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      O23 - Service: (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: (MemeoBackgroundService) . (.Memeo - MemeoBackgroundService.) - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
      O23 - Service: (NuTCRACKERService) . (.DataFocus, Inc. - NuTCRACKER Service.) - C:\WINDOWS\System32\nutsrv4.exe
      O23 - Service: (WDBtnMgrSvc.exe) . (.WDC - WD Drive Manager Service.) - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe


      ---\\ Windows Active Desktop & MHTML Editor (O24)
      O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/ahmad/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
      O24 - Desktop Component 1: My Current Home Page - file:About:Home
      O24 - Default MHTML Editor: Last - .(.Unknown owner - No comment.) - "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)


      ---\\ Task Planned Automatically(039)
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegistryBooster.job
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
      [MD5.DAB3F0E885C1011D87F14F2FD1850EDC] [APT] [AVG PC Tuneup 2011 Integrator Start On Windows Logon] (.AVG.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
      [MD5.65010AEDF6217A0568226AFD0BC8A288] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe


      ---\\ ActiveSetup Installed Components (O40)
      O40 - ASIC: Macromedia Shockwave Director 9.0 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\macromed\Director\SwDir.dll
      O40 - ASIC: Adobe Shockwave Director 10.2 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll
      O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msnetmtg.inf
      O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\msmsgs.inf
      O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Unknown owner - No comment.) -- C:\WINDOWS\INF\wmp10.inf
      O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx


      ---\\ Drivers launched at startup (O41)
      O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
      O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx86.sys
      O41 - Driver: (Avgmfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx86.sys
      O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdix.sys
      O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
      O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - C:\Windows\System32\DRIVERS\i8042prt.sys
      O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
      O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\intelppm.sys
      O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
      O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\Windows\System32\DRIVERS\kbdclass.sys
      O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\Windows\System32\DRIVERS\mouclass.sys
      O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
      O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
      O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
      O41 - Driver: (Processor) . (.Microsoft Corporation - Processor Device Driver.) - C:\Windows\System32\DRIVERS\processr.sys
      O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
      O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
      O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
      O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\Windows\System32\DRIVERS\redbook.sys
      O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - D:\Program Files\spybotsearchanddestry\SASDIFSV.sys
      O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - D:\Program Files\spybotsearchanddestry\SASKUTIL.sys
      O41 - Driver: (SrvcEKIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EKIoMngr.sys
      O41 - Driver: (SrvcEPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\EPIoMngr.sys
      O41 - Driver: (SrvcSSIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\SSIoMngr.sys
      O41 - Driver: (SrvcTPIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\Windows\System32\Drivers\TPIoMngr.sys
      O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
      O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
      O41 - Driver: VGA Display Controller. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys


      ---\\ Software installed (O42)
      O42 - Logiciel: ATI - Software Uninstall Utility - (.Unknown owner.) [HKLM] -- All ATI Software
      O42 - Logiciel: ATI Control Panel - (.Unknown owner.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
      O42 - Logiciel: ATI Display Driver - (.Unknown owner.) [HKLM] -- ATI Display Driver
      O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- AVG
      O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {04E7A3BB-DB38-481C-A809-35FA60C78EDF}
      O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {F4C68898-EBA5-46A9-82B3-2D30426086BF}
      O42 - Logiciel: AVG PC Tuneup 2011 - (.AVG.) [HKLM] -- {50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1
      O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
      O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
      O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
      O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
      O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
      O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
      O42 - Logiciel: Adobe Reader 9.2 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A92000000001}
      O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
      O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {B2D328BE-45AD-4D92-96F9-2151490A203E}
      O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {85991ED2-010C-4930-96FA-52F43C2CE98A}
      O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
      O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0CB9668D-F979-4F31-B8B8-67FE90F929F8}
      O42 - Logiciel: Brother MFL-Pro Suite - (.Unknown owner.) [HKLM] -- {D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}
      O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
      O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
      O42 - Logiciel: Data Lifeguard Diagnostic for Windows - (.Western Digital Corporation.) [HKLM] -- {E40CE517-0D42-4198-96B4-C8232B257EB5}
      O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
      O42 - Logiciel: InterVideo FilterSDK for Hauppauge - (.InterVideo Inc..) [HKLM] -- {2227E1FA-01F5-483C-AB0E-2A308E900B3D}
      O42 - Logiciel: J2SE Runtime Environment 5.0 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150010}
      O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
      O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
      O42 - Logiciel: Live Global Bid Bid Control Kit Setup - (.Unknown owner.) [HKLM] -- Live Global Bid Bid Control Kit Setup
      O42 - Logiciel: Logitech High Quality Video - (.Logitech, Inc..) [HKLM] -- {281D28EC-1357-4778-B2D7-DEA56D70EF96}
      O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {6444D9D9-CD6C-4464-B970-55C606C944DC}
      O42 - Logiciel: Logitech Updater - (.Logitech, Inc..) [HKLM] -- {53735ECE-E461-4FD0-B742-23A352436D3A}
      O42 - Logiciel: Logitech Webcam Software Driver Package - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
      O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
      O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
      O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
      O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
      O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
      O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
      O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
      O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
      O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
      O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
      O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {90110409-6000-11D3-8CFE-0150048383C9}
      O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
      O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
      O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
      O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
      O42 - Logiciel: MiraScan V3.42 - (.Unknown owner.) [HKCU] -- MiraScan V3.42
      O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Unknown owner.) [HKCU] -- Octoshape add-in for Adobe Flash Player
      O42 - Logiciel: PaperPort - (.ScanSoft, Inc..) [HKLM] -- {A17EABB6-D0C6-44E5-820C-72DC7F495064}
      O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
      O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {1A9E151D-05DD-4937-9FDB-82B7140734A5}
      O42 - Logiciel: RPS CRT - (.Vidéotron.) [HKLM] -- {F22B6F59-D6A5-4FA1-A913-D821A9F53DD6}
      O42 - Logiciel: Realtek AC'97 Audio - (.Unknown owner.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
      O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
      O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
      O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      O42 - Logiciel: Security Update for Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
      O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
      O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
      O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
      O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
      O42 - Logiciel: TOSHIBA ConfigFree - (.Unknown owner.) [HKLM] -- {BDD83DC9-BEE9-4654-A5DA-CC46C250088D}
      O42 - Logiciel: TOSHIBA PC Diagnostic Tool - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}
      O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
      O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
      O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
      O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV
      O42 - Logiciel: WD Anywhere Backup - (.Memeo Inc..) [HKLM] -- {68131B0A-D78D-4aed-B74E-33A6C7324E50}
      O42 - Logiciel: WD Drive Manager (x86) - (.Western Digital.) [HKLM] -- {CCD04643-5246-48AC-9D8C-F43A37BB8F36}
      O42 - Logiciel: WinRAR archiver - (.Unknown owner.) [HKLM] -- WinRAR archiver
      O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
      O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
      O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {F6BD194C-4190-4D73-B1B1-C48C99921BFE}
      O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
      O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
      O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
      O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {A85FD55B-891B-4314-97A5-EA96C0BD80B5}
      O42 - Logiciel: Windows Live Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9422C8EA-B0C6-4197-B8FC-DC797658CA00}
      O42 - Logiciel: Windows Live Upload Tool - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
      O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
      O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
      O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
      O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}
      O42 - Logiciel: vShare Plugin - (.Unknown owner.) [HKLM] -- vShare

      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\321Studios]
      [HKCU\Software\3rd Eye Solutions]
      [HKCU\Software\AC3Filter]
      [HKCU\Software\ALWIL Software]
      [HKCU\Software\AVG]
      [HKCU\Software\Adobe]
      [HKCU\Software\Alps]
      [HKCU\Software\AntiVirus System 2011]
      [HKCU\Software\Apple Computer, Inc.]
      [HKCU\Software\Apple Inc.]
      [HKCU\Software\ApplianTechnologies]
      [HKCU\Software\Ariadne Genomics]
      [HKCU\Software\Arrowkey]
      [HKCU\Software\Atari]
      [HKCU\Software\Atheros]
      [HKCU\Software\Aurigma]
      [HKCU\Software\Auslogics]
      [HKCU\Software\BCL Technologies]
      [HKCU\Software\BasicScript Program Settings]
      [HKCU\Software\Bogosoft]
      [HKCU\Software\Brother]
      [HKCU\Software\CDDB]
      [HKCU\Software\COMPAL]
      [HKCU\Software\Classes]
      [HKCU\Software\Clients]
      [HKCU\Software\Colubris Networks]
      [HKCU\Software\Conduit]
      [HKCU\Software\Cygnus Solutions]
      [HKCU\Software\D2]
      [HKCU\Software\DVD X Copy Platinum]
      [HKCU\Software\DivXNetworks]
      [HKCU\Software\Drag'n Drop CD+DVD]
      [HKCU\Software\Elecard]
      [HKCU\Software\Electronic Arts]
      [HKCU\Software\GNU]
      [HKCU\Software\Gabest]
      [HKCU\Software\Google]
      [HKCU\Software\Haali]
      [HKCU\Software\Hauppauge]
      [HKCU\Software\HubTech]
      [HKCU\Software\IM Providers]
      [HKCU\Software\IZSoftware]
      [HKCU\Software\InterTrust]
      [HKCU\Software\InterVideo]
      [HKCU\Software\JavaSoft]
      [HKCU\Software\KMPlayer]
      [HKCU\Software\KasperskyLab]
      [HKCU\Software\LGB]
      [HKCU\Software\Leadertech]
      [HKCU\Software\Local AppWizard-Generated Applications]
      [HKCU\Software\Local Wall Application]
      [HKCU\Software\LogMeIn]
      [HKCU\Software\LogiShared]
      [HKCU\Software\Logitech]
      [HKCU\Software\LogoMedia]
      [HKCU\Software\Macromedia]
      [HKCU\Software\MainConcept (HCW)]
      [HKCU\Software\Malwarebytes' Anti-Malware]
      [HKCU\Software\Martin Prikryl]
      [HKCU\Software\Mediachance]
      [HKCU\Software\Meetstream]
      [HKCU\Software\MozillaPlugins]
      [HKCU\Software\MultimediaPhoto]
      [HKCU\Software\MyExplorer]
      [HKCU\Software\Netscape]
      [HKCU\Software\Nico Mak Computing]
      [HKCU\Software\Nokia]
      [HKCU\Software\ODBC]
      [HKCU\Software\OPENTECH]
      [HKCU\Software\Osprey]
      [HKCU\Software\PCSuite]
      [HKCU\Software\PIXELA]
      [HKCU\Software\Pegasys Inc.]
      [HKCU\Software\PepiMK Software]
      [HKCU\Software\PictureMall]
      [HKCU\Software\Piriform]
      [HKCU\Software\Policies]
      [HKCU\Software\PriceGong]
      [HKCU\Software\Protein Lounge]
      [HKCU\Software\RadialPoint]
      [HKCU\Software\Rational Software]
      [HKCU\Software\RealNetworks]
      [HKCU\Software\Replay AV 8]
      [HKCU\Software\SGooPE]
      [HKCU\Software\SSH Communications Security]
      [HKCU\Software\SUPERAntiSpyware.com]
      [HKCU\Software\SWI]
      [HKCU\Software\Safer Networking Limited]
      [HKCU\Software\ScanSoft]
      [HKCU\Software\SecuROM]
      [HKCU\Software\Skype]
      [HKCU\Software\Smart Projects]
      [HKCU\Software\SmartTweak]
      [HKCU\Software\Sony Corporation]
      [HKCU\Software\Sunbelt Software]
      [HKCU\Software\Sysinternals]
      [HKCU\Software\TOSHIBA]
      [HKCU\Software\TVANTS]
      [HKCU\Software\Trolltech]
      [HKCU\Software\Ulead Systems]
      [HKCU\Software\Unlimited Possibilities]
      [HKCU\Software\VB and VBA Program Settings]
      [HKCU\Software\Veetle]
      [HKCU\Software\VicMan Software]
      [HKCU\Software\Videotron]
      [HKCU\Software\Viscom Software]
      [HKCU\Software\Visioneer]
      [HKCU\Software\Voice]
      [HKCU\Software\WinRAR SFX]
      [HKCU\Software\WinRAR]
      [HKCU\Software\WinZip Computing]
      [HKCU\Software\Winamp]
      [HKCU\Software\YahooPartnerToolbar]
      [HKCU\Software\ZipZag2]
      [HKCU\Software\ZipZag]
      [HKCU\Software\eBay]
      [HKCU\Software\eFilm Medical]
      [HKCU\Software\ej-technologies]
      [HKCU\Software\mmtwn]
      [HKCU\Software\roxio]
      [HKCU\Software\uTorrent]
      [HKCU\Software\vShare]
      [HKLM\Software\15897034]
      [HKLM\Software\321Studios]
      [HKLM\Software\ACE Compression Software]
      [HKLM\Software\ALPS]
      [HKLM\Software\ALWIL Software]
      [HKLM\Software\AMPing]
      [HKLM\Software\ATI Technologies Inc.]
      [HKLM\Software\ATI Technologies]
      [HKLM\Software\Acer Peripherals Inc.]
      [HKLM\Software\Acudata]
      [HKLM\Software\Adobe Systems]
      [HKLM\Software\Adobe]
      [HKLM\Software\Agere]
      [HKLM\Software\Apple Computer, Inc.]
      [HKLM\Software\Apple Inc.]
      [HKLM\Software\Applian]
      [HKLM\Software\Ariadne Genomics]
      [HKLM\Software\Arrowkey]
      [HKLM\Software\Atheros Communications]
      [HKLM\Software\AviSynth]
      [HKLM\Software\B.H.A]
      [HKLM\Software\BCL Technologies]
      [HKLM\Software\Brooktree]
      [HKLM\Software\Brother]
      [HKLM\Software\C07ft5Y]
      [HKLM\Software\CDDB]
      [HKLM\Software\COMPAL]
      [HKLM\Software\Chilkat Software, Inc.]
      [HKLM\Software\Classes]
      [HKLM\Software\Clients]
      [HKLM\Software\Colubris Networks]
      [HKLM\Software\Conduit]
      [HKLM\Software\Cygnus Solutions]
      [HKLM\Software\D-Tools]
      [HKLM\Software\DataFocus]
      [HKLM\Software\Deckard]
      [HKLM\Software\DigiOn Inc. and Easy Systems Japan Ltd.]
      [HKLM\Software\Drag'n Drop CD+DVD]
      [HKLM\Software\EA SPORTS]
      [HKLM\Software\Easy Systems Japan Ltd.]
      [HKLM\Software\Electronic Arts]
      [HKLM\Software\FLEXlm License Manager]
      [HKLM\Software\FRISK Software International]
      [HKLM\Software\GEAR Software]
      [HKLM\Software\GNU]
      [HKLM\Software\Gemplus]
      [HKLM\Software\Global IP Sound]
      [HKLM\Software\Google]
      [HKLM\Software\HaaliMkx]
      [HKLM\Software\Hauppauge]
      [HKLM\Software\Horizon]
      [HKLM\Software\IMSI]
      [HKLM\Software\ISSS]
      [HKLM\Software\InstallShield]
      [HKLM\Software\Intel]
      [HKLM\Software\InterVideo]
      [HKLM\Software\IviSDK4Hauppauge]
      [HKLM\Software\JavaSoft]
      [HKLM\Software\JreMetrics]
      [HKLM\Software\KasperskyLab]
      [HKLM\Software\L&H]
      [HKLM\Software\LEAD Technologies, Inc.]
      [HKLM\Software\Licenses]
      [HKLM\Software\Link Data Security]
      [HKLM\Software\Logitech]
      [HKLM\Software\LogoMedia]
      [HKLM\Software\Lucent]
      [HKLM\Software\Macromedia]
      [HKLM\Software\Macrovision]
      [HKLM\Software\Malwarebytes' Anti-Malware]
      [HKLM\Software\Martin Prikryl]
      [HKLM\Software\MicroQuill]
      [HKLM\Software\MimarSinan]
      [HKLM\Software\Mortice Kern Systems]
      [HKLM\Software\Motive]
      [HKLM\Software\MozillaPlugins]
      [HKLM\Software\Mozilla]
      [HKLM\Software\NOS]
      [HKLM\Software\Nico Mak Computing]
      [HKLM\Software\Nokia]
      [HKLM\Software\ODBC]
      [HKLM\Software\OMSI]
      [HKLM\Software\P!HDS8]
      [HKLM\Software\PC Connectivity Solution]
      [HKLM\Software\PCSuite]
      [HKLM\Software\PCTools]
      [HKLM\Software\PIXELA]
      [HKLM\Software\PepiMK Software]
      [HKLM\Software\Piriform]
      [HKLM\Software\Policies]
      [HKLM\Software\Program Groups]
      [HKLM\Software\Prolific Technology INC]
      [HKLM\Software\REALTEK Semiconductor Corp.]
      [HKLM\Software\Radialpoint]
      [HKLM\Software\Rational Software]
      [HKLM\Software\RealNetworks]
      [HKLM\Software\Realtek]
      [HKLM\Software\RegisteredApplications]
      [HKLM\Software\RichFX]
      [HKLM\Software\RioPort]
      [HKLM\Software\SGOOPE]
      [HKLM\Software\SSH Communications Security]
      [HKLM\Software\SUPERAntiSpyware.com]
      [HKLM\Software\SWI]
      [HKLM\Software\Safer Networking Limited]
      [HKLM\Software\ScanSoft]
      [HKLM\Software\Schlumberger]
      [HKLM\Software\Secure]
      [HKLM\Software\Skype]
      [HKLM\Software\Soeperman Enterprises Ltd.]
      [HKLM\Software\Software PRO Technologies]
      [HKLM\Software\Sun Microsystems]
      [HKLM\Software\TOSHIBA]
      [HKLM\Software\Translation Engines]
      [HKLM\Software\TrendMicro]
      [HKLM\Software\USB2800]
      [HKLM\Software\Ulead Systems]
      [HKLM\Software\Uniblue]
      [HKLM\Software\VSO]
      [HKLM\Software\Veetle]
      [HKLM\Software\Visioneer]
      [HKLM\Software\Voice]
      [HKLM\Software\WD]
      [HKLM\Software\WebUpdate]
      [HKLM\Software\Western Digital]
      [HKLM\Software\Wilson WindowWare]
      [HKLM\Software\Windows 3.1 Migration Status]
      [HKLM\Software\Windows]
      [HKLM\Software\Wise Solutions]
      [HKLM\Software\WorldWinner.com]
      [HKLM\Software\Xing Technology Corp.]
      [HKLM\Software\ZSMC]
      [HKLM\Software\Zeon]
      [HKLM\Software\Zone Labs]
      [HKLM\Software\eFilm Medical]
      [HKLM\Software\ej-technologies]
      [HKLM\Software\mozilla.org]
      [HKLM\Software\rtlsetn5]


      ---\\ Contents of the Common Files folders (O43)
      O43 - CFD: 22/11/2009 - 11:03:16 PM ----D- C:\Program Files\Adobe
      O43 - CFD: 04/01/2005 - 1:08:26 PM ----D- C:\Program Files\Apoint2K
      O43 - CFD: 04/01/2009 - 10:05:14 PM ----D- C:\Program Files\Apple Software Update
      O43 - CFD: 04/01/2005 - 1:05:46 PM ----D- C:\Program Files\Atheros
      O43 - CFD: 19/04/2004 - 11:52:38 AM ----D- C:\Program Files\ATI Technologies
      O43 - CFD: 20/01/2011 - 9:18:24 AM ----D- C:\Program Files\AVG
      O43 - CFD: 23/07/2006 - 6:22:18 PM ----D- C:\Program Files\AVG Anti Virus
      O43 - CFD: 20/04/2004 - 9:45:50 AM ----D- C:\Program Files\B's CLiP
      O43 - CFD: 13/01/2011 - 11:08:02 AM ----D- C:\Program Files\Bonjour
      O43 - CFD: 07/10/2008 - 10:55:10 PM ----D- C:\Program Files\Brother
      O43 - CFD: 24/11/2004 - 12:18:34 PM ----D- C:\Program Files\Colubris Networks
      O43 - CFD: 03/09/2010 - 10:14:56 AM ----D- C:\Program Files\Common Files
      O43 - CFD: 18/09/2009 - 10:46:56 PM ----D- C:\Program Files\ComPlus Applications
      O43 - CFD: 05/01/2005 - 11:58:12 PM ----D- C:\Program Files\D-Tools
      O43 - CFD: 20/04/2004 - 1:02:16 PM ----D- C:\Program Files\DataLode
      O43 - CFD: 05/01/2005 - 11:57:26 PM ----D- C:\Program Files\Diamond
      O43 - CFD: 13/06/2007 - 11:22:16 PM ----D- C:\Program Files\DIFX
      O43 - CFD: 20/04/2004 - 9:49:18 AM ----D- C:\Program Files\Drag'n Drop CD+DVD
      O43 - CFD: 14/01/2011 - 10:39:16 AM ----D- C:\Program Files\DriverBoost
      O43 - CFD: 23/11/2006 - 9:40:46 PM ----D- C:\Program Files\DssEvolution.com
      O43 - CFD: 20/04/2004 - 9:56:04 AM ----D- C:\Program Files\DVD-RAM
      O43 - CFD: 04/01/2005 - 1:01:28 PM ----D- C:\Program Files\EzButton
      O43 - CFD: 25/11/2004 - 12:31:40 PM ----D- C:\Program Files\Fichiers communs
      O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
      O43 - CFD: 24/11/2004 - 1:38:02 PM ----D- C:\Program Files\FSI
      O43 - CFD: 19/07/2010 - 5:20:50 PM ----D- C:\Program Files\Google
      O43 - CFD: 19/01/2011 - 11:50:58 AM --H-D- C:\Program Files\InstallShield Installation Information
      O43 - CFD: 21/01/2011 - 10:06:24 AM ----D- C:\Program Files\Internet Explorer
      O43 - CFD: 20/04/2004 - 11:21:30 AM ----D- C:\Program Files\InterVideo
      O43 - CFD: 13/01/2011 - 11:09:18 AM ----D- C:\Program Files\iPod
      O43 - CFD: 20/01/2011 - 8:42:56 AM ----D- C:\Program Files\Java
      O43 - CFD: 12/10/2008 - 5:28:12 PM ----D- C:\Program Files\Logitech
      O43 - CFD: 04/01/2005 - 1:02:36 PM ----D- C:\Program Files\ltmoh
      O43 - CFD: 24/01/2011 - 2:34:18 PM ----D- C:\Program Files\Malwarebytes' Anti-Malware
      O43 - CFD: 21/01/2011 - 10:08:10 AM ----D- C:\Program Files\Messenger
      O43 - CFD: 24/11/2004 - 2:39:16 PM ----D- C:\Program Files\Metrowerks
      O43 - CFD: 20/03/2010 - 6:27:16 PM ----D- C:\Program Files\Microsoft
      O43 - CFD: 25/11/2004 - 12:32:48 PM ----D- C:\Program Files\Microsoft ActiveSync
      O43 - CFD: 17/10/2008 - 12:20:02 PM ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
      O43 - CFD: 24/11/2004 - 3:17:12 PM ----D- C:\Program Files\microsoft frontpage
      O43 - CFD: 17/01/2011 - 7:46:20 AM ----D- C:\Program Files\Microsoft Office
      O43 - CFD: 04/02/2005 - 5:20:42 PM ----D- C:\Program Files\Microsoft SQL Server
      O43 - CFD: 04/01/2005 - 1:50:54 PM ----D- C:\Program Files\Microsoft Visual Studio
      O43 - CFD: 04/01/2005 - 1:51:10 PM ----D- C:\Program Files\Microsoft Works
      O43 - CFD: 25/11/2004 - 12:33:00 PM ----D- C:\Program Files\Microsoft.NET
      O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
      O43 - CFD: 21/01/2011 - 10:06:20 AM ----D- C:\Program Files\Movie Maker
      O43 - CFD: 20/01/2011 - 9:07:22 AM ----D- C:\Program Files\Mozilla Firefox
      O43 - CFD: 16/08/2009 - 8:11:10 AM ----D- C:\Program Files\MSBuild
      O43 - CFD: 17/01/2011 - 7:45:56 AM ----D- C:\Program Files\MSECache
      O43 - CFD: 16/04/2004 - 3:47:08 PM ----D- C:\Program Files\MSN
      O43 - CFD: 16/04/2004 - 3:43:08 PM ----D- C:\Program Files\MSN Gaming Zone
      O43 - CFD: 15/06/2007 - 4:46:50 PM ----D- C:\Program Files\MSXML 4.0
      O43 - CFD: 16/08/2009 - 2:06:44 AM ----D- C:\Program Files\MSXML 6.0
      O43 - CFD: 21/01/2011 - 9:54:56 AM ----D- C:\Program Files\NetMeeting
      O43 - CFD: 20/01/2011 - 10:14:12 AM ----D- C:\Program Files\Nokia
      O43 - CFD: 09/10/2009 - 6:14:06 PM ----D- C:\Program Files\NOS
      O43 - CFD: 04/01/2005 - 12:21:30 PM ----D- C:\Program Files\Online Services
      O43 - CFD: 21/01/2011 - 10:30:00 AM ----D- C:\Program Files\Outlook Express
      O43 - CFD: 13/06/2007 - 11:21:40 PM ----D- C:\Program Files\PC Connectivity Solution
      O43 - CFD: 19/07/2010 - 6:06:12 PM ----D- C:\Program Files\QuickTime
      O43 - CFD: 24/11/2004 - 3:04:22 PM ----D- C:\Program Files\Real
      O43 - CFD: 16/08/2009 - 8:11:08 AM ----D- C:\Program Files\Reference Assemblies
      O43 - CFD: 07/10/2008 - 10:53:18 PM ----D- C:\Program Files\ScanSoft
      O43 - CFD: 18/01/2011 - 2:46:30 PM ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)
      O43 - CFD: 03/09/2010 - 10:15:24 AM R---D- C:\Program Files\Skype
      O43 - CFD: 10/06/2007 - 7:13:18 PM ----D- C:\Program Files\Sony
      O43 - CFD: 25/01/2005 - 5:11:06 PM ----D- C:\Program Files\SWIProlog
      O43 - CFD: 18/01/2011 - 2:46:32 PM ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
      O43 - CFD: 04/02/2005 - 2:26:28 PM ----D- C:\Program Files\The KMPlayer
      O43 - CFD: 19/01/2011 - 12:21:44 PM ----D- C:\Program Files\TOSHIBA
      O43 - CFD: 14/01/2011 - 3:24:26 PM ----D- C:\Program Files\Uniblue
      O43 - CFD: 16/04/2004 - 3:58:46 PM --H-D- C:\Program Files\Uninstall Information
      O43 - CFD: 14/01/2011 - 3:00:10 PM ----D- C:\Program Files\Videotron
      O43 - CFD: 25/01/2011 - 12:33:44 PM ----D- C:\Program Files\vShare
      O43 - CFD: 20/02/2010 - 5:06:08 PM ----D- C:\Program Files\WD
      O43 - CFD: 04/02/2005 - 4:33:12 PM ----D- C:\Program Files\WebMatrix
      O43 - CFD: 20/02/2010 - 5:03:36 PM ----D- C:\Program Files\Western Digital
      O43 - CFD: 20/02/2010 - 5:03:48 PM ----D- C:\Program Files\Western Digital Corporation
      O43 - CFD: 23/08/2009 - 12:42:52 PM ----D- C:\Program Files\Windows Desktop Search
      O43 - CFD: 20/03/2010 - 6:26:32 PM ----D- C:\Program Files\Windows Live
      O43 - CFD: 20/03/2010 - 6:26:58 PM ----D- C:\Program Files\Windows Live SkyDrive
      O43 - CFD: 20/01/2011 - 2:12:32 PM ----D- C:\Program Files\Windows Media Connect 2
      O43 - CFD: 21/01/2011 - 9:54:38 AM ----D- C:\Program Files\Windows Media Player
      O43 - CFD: 19/01/2011 - 1:25:56 PM ----D- C:\Program Files\Windows NT
      O43 - CFD: 24/11/2004 - 2:02:32 PM --H-D- C:\Program Files\WindowsUpdate
      O43 - CFD: 12/05/2008 - 6:44:46 PM ----D- C:\Program Files\WinRAR
      O43 - CFD: 04/01/2005 - 1:26:48 PM ----D- C:\Program Files\WinZip
      O43 - CFD: 16/04/2004 - 3:52:58 PM ----D- C:\Program Files\xerox
      O43 - CFD: 25/01/2011 - 1:09:24 PM ----D- C:\Program Files\ZHPDiag
      O43 - CFD: 20/01/2011 - 8:47:08 AM ----D- C:\Program Files\Common Files\Adobe
      O43 - CFD: 09/10/2009 - 6:15:24 PM ----D- C:\Program Files\Common Files\Adobe AIR
      O43 - CFD: 19/11/2005 - 8:24:30 PM ----D- C:\Program Files\Common Files\Adobe Systems Shared
      O43 - CFD: 19/07/2010 - 5:37:42 PM ----D- C:\Program Files\Common Files\Apple
      O43 - CFD: 04/01/2005 - 1:51:16 PM ----D- C:\Program Files\Common Files\DESIGNER
      O43 - CFD: 20/02/2010 - 5:06:12 PM ----D- C:\Program Files\Common Files\eSellerate
      O43 - CFD: 07/10/2008 - 10:54:54 PM ----D- C:\Program Files\Common Files\InstallShield
      O43 - CFD: 04/03/2009 - 7:18:46 PM ----D- C:\Program Files\Common Files\IviSDK
      O43 - CFD: 20/01/2011 - 8:43:24 AM ----D- C:\Program Files\Common Files\Java
      O43 - CFD: 04/01/2005 - 1:52:24 PM ----D- C:\Program Files\Common Files\L&H
      O43 - CFD: 20/06/2010 - 11:44:48 AM ----D- C:\Program Files\Common Files\LogiShrd
      O43 - CFD: 20/06/2010 - 11:29:14 AM ----D- C:\Program Files\Common Files\Logitech
      O43 - CFD: 17/01/2011 - 7:46:18 AM ----D- C:\Program Files\Common Files\Microsoft Shared
      O43 - CFD: 08/04/2006 - 12:17:00 AM ----D- C:\Program Files\Common Files\Motive
      O43 - CFD: 04/01/2005 - 12:20:34 PM ----D- C:\Program Files\Common Files\MSSoap
      0
  11. Utilisateur anonyme
     
    ton lien ne passe pas, essaie avec un autre !

    0
  12. Utilisateur anonyme
     
    * Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
    Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
    Copie/colle les lignes suivantes en gras et place les dans ZHPFix :

    ----------------------------------------------------------

    O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key
    O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll
    [HKCU\Software\PriceGong]
    O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com{searchTerms}&srch=dsp
    O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PLT
    O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PLT
    O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.)
    O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.)
    O47 - AAKE:Key Export SP - "D:\Program Files\KazaaLite\Kazaa Lite K++\KazaaLite.kpp" [Enabled] .(.Unknown owner - No comment.) (.not file.) -- O47 - AAKE:Key Export SP - "E:\Crack\fifa2005.exe" [Disabled] .(.Unknown owner - No comment.) (.not file.) --
    O64 - Services: CurCS - (.not file.) - netskt (netskt) .(.Unknown owner - No comment.) - LEGACY_NETSKT
    MBRFIX


    ----------------------------------------------------------

    - Clique sur « Tous », puis sur « Nettoyer »
    - Copie/colle la totalité du rapport dans ta prochaine réponse
    Tuto :
    http://www.premiumorange.com/zeb-help-process/zhpfix.html

    0
  13. iyad2009
     
    here we go,

    Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010
    Fichier d'export Registre : C:\ZHPExportRegistry-25-01-2011-2-24-23 PM.txt
    Run by ahmad at 25/01/2011 2:24:23 PM
    Windows XP Professional Service Pack 3 (Build 2600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Registry Key ==========
    O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} Orphean Key => Registry Key removed successfully
    HKCU\Software\PriceGong => Registry Key removed successfully
    O64 - Services: CurCS - (.not file.) - netskt (netskt) .(.Unknown owner - No comment.) - LEGACY_NETSKT => Registry Key removed successfully

    ========== Registry Value ==========
    O4 - HKLM\..\Run: [Bpomaxo] C:\WINDOWS\obekihevatepinuk.dll (.not file.) => Registry key value removed successfully
    O4 - HKCU\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.) => Registry key value removed successfully
    O4 - HKUS\S-1-5-21-117609710-1960408961-839522115-1003\..\Run: [Dkahoxihuvuwo] C:\WINDOWS\mtonbd40.dll (.not file.) => Registry key value not found
    O47 - AAKE:Key Export SP - "D:\Program Files\KazaaLite\Kazaa Lite K++\KazaaLite.kpp" [Enabled] .(.Unknown owner - No comment.) (.not file.) -- O47 - AAKE:Key Export SP - "E:\Crack\fifa2005.exe" [Disabled] .(.Unknown owner - No comment.) (.not file.) -- => Registry key value removed successfully

    ========== Registry Data Items ==========
    O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (.Unknown owner - No comment.) -- C:\Program Files\vShare\vshare_toolbar.dll => Registry key value data not removed
    O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com{searchTerms}&srch=dsp => Data replaced successfully
    O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PLT => Data replaced successfully

    ========== File ==========
    c:\program files\vshare\vshare_toolbar.dll => Quarantined and Deleted successfully
    c:\windows\obekihevatepinuk.dll => Quarantined and Deleted successfully
    c:\windows\mtonbd40.dll => Quarantined and Deleted successfully

    ========== Master Boot Record ==========
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
    Windows 5.1.2600 Disk: HTS548080M9AT00 rev.MG4OA53A -> \Device\Ide\IdeDeviceP0T0L0-3

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x87251E78]<<
    1 nt!IofCallDriver[0x804E1397] -> \Device\Harddisk0\DR0[0x8733BAB8]
    3 CLASSPNP[0xF77C1FD7] -> nt!IofCallDriver[0x804E1397] -> \Device\00000092[0x873339E8]
    5 ACPI[0xF76F2620] -> nt!IofCallDriver[0x804E1397] -> \Device\Ide\IdeDeviceP0T0L0-3[0x87334940]
    \Driver\atapi[0x87338C28] -> IRP_MJ_CREATE -> 0x87251E78
    kernel: MBR read successfully
    detected hooks:
    \Driver\atapi -> 0x87251e78
    user & kernel MBR OK
    Warning: possible MBR rootkit infection !

    Resultat après le fix :
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
    Windows 5.1.2600 Disk: HTS548080M9AT00 rev.MG4OA53A -> \Device\Ide\IdeDeviceP0T0L0-3

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK

    ========== Summary ==========
    3 : Registry Key
    4 : Registry Value
    3 : Registry Data Items
    3 : File
    1 : Master Boot Record

    End of the scan
    0
  14. Utilisateur anonyme
     
    ok,
    comment va le pc après toutes ces manipluations ?

    est ce qu'il fonctionne normalement ?

    0
  15. iyad2009
     
    Merci infiniment.
    Il est un peut lourd surtout au niveau de rdemarrage. Mais au moins j'en ai plus les messages d'erreur.

    La je me ramasse avec SuperAntispyware, Spywaresearch and destro, AVG et AVG PC tune up et Uniblue Registry booster.... :)
    Q'uest ce que tu me suggèere de garder et quoi effacer de mon systeme

    Merci encore une fois
    0
  16. Utilisateur anonyme
     
    on va dire qu'il fautconserver AVG 10,
    virer les autres !

    en complement de ton antivirus qui n'est que AVG 10, mettre MBAM et un perfeu, c'est largement suffisant:-)

    en attendant, on finalise la désinfection :

    . télécharges Ccleaner à partir de cette adresse et enregistres le sur le bureau

    https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

    .double-cliques sur le fichier pour lancer l'installation
    /!\Utilisateur de Vista et windows 7 : Clique droit sur le logo de Ccleaner, « exécuter en tant qu'Administrateur »

    .sur la fenêtre de l'installation langage bien choisir français et OK
    .cliques sur suivant
    .lis la licence et j'accepte
    .cliques sur suivant
    .la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
    .cliques sur installer
    .cliques sur fermer
    .double-cliques sur l'icône de Ccleaner pour l'ouvrir
    .une fois ouvert tu cliques sur option et puis avancé
    .tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
    .cliques sur nettoyeur
    .cliques sur windows et dans la colonne avancé
    .coches la première case vieilles données du perfetch que celle-la ce qui te donnes la case vielles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-la
    .cliques sur analyse une fois l'analyse terminé
    .cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vériffis en appuiant de nouveau sur analyse pour être sur qu'il n'y est plus rien
    .cliques maintenant sur registre et puis sur rechercher les erreurs
    .laisses tout cochées et cliques sur réparrer les erreurs sélectionnées
    .il te demande de sauvegarder OUI
    .tu lui donnes un nom pour pouvoir la retrouver et enregistre
    .cliques sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
    .il supprime et fermer tu vérifies en relançant rechercher les erreurs
    .tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
    .tu peux fermer Ccleaner

    tuto installation & nettoyage :
    https://www.donnemoilinfo.com/tuto/CCleaner/

    * pour supprimer les outils de désinfection
    :

    Télecharge Delfix sur ton bureau :
    http://www.teamxscript.org/too/Xplode/DelFix.exe

    *Clique sur le bouton « Suppression » et poste son rapport sur ton prochain message
    **Pour le désinstaller, il suffit de le relancer et cliquer sur le bouton de désinstallation.

    * Désactivation, puis Réactivation de la restauration système après désinfection :

    Il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés :

    Pour XP : https://www.commentcamarche.net/faq/5097-virus-system-volume-information

    * fais une mise à jour de ton antivirus, lance un scan complet de ton pc, tiens moi au courant du résultat :-)

    0
  17. iyad2009
     
    Je vous tiens au courant du resultat de Scan dans la prochaine message.
    Voici le resultat de dernier rapport

    # DelFix v7.1 - Rapport créé le 25/01/2011 à 15:12
    # Mis à jour le 16/01/11 à 15h30 par Xplode
    # Système d'exploitation : Microsoft Windows XP (32 bits) [Version 5.1.2600] Service Pack 3
    # Nom d'utilisateur : ahmad - AZM (Administrateur)
    # Exécuté depuis : C:\Documents and Settings\ahmad\Local Settings\Temporary Internet Files\Content.IE5\VE8VU8FR\DelFix[1].exe
    # Option [Suppression]

    ~~~~~~ Dossier(s) ~~~~~~

    Supprimé : C:\Program Files\ZHPDiag
    Supprimé : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ZHP

    ~~~~~~ Fichier(s) ~~~~~~

    Supprimé : C:\TDSSKiller.2.4.15.0_25.01.2011_12.37.15_log.txt
    Supprimé : C:\TDSSKiller.2.4.15.0_25.01.2011_12.38.05_log.txt
    Supprimé : C:\WINDOWS\System32\tmp.reg
    Supprimé : C:\WINDOWS\System32\tmp.txt
    Supprimé : C:\Documents and Settings\ahmad\Desktop\catchme.log
    Supprimé : C:\Documents and Settings\ahmad\Desktop\tdsskiller.exe
    Supprimé : C:\Documents and Settings\ahmad\Desktop\ZHPDiag(2).Txt
    Supprimé : C:\Documents and Settings\ahmad\Desktop\ZHPDiag(2).zip
    Supprimé : C:\Documents and Settings\All Users.WINDOWS\Desktop\ZHPDiag.lnk
    Supprimé : C:\Documents and Settings\All Users.WINDOWS\Desktop\ZHPFix.lnk
    Supprimé : C:\Documents and Settings\All Users.WINDOWS\Desktop\MBRCheck.lnk

    ~~~~~~ Registre ~~~~~~

    Clé Supprimée : HKLM\Software\TrendMicro
    Clé Supprimée : HKLM\Software\Soeperman Enterprises Ltd.
    Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~~~~~~ Autre ~~~~~~

    ########## EOF - "C:\DelFixSuppr.txt" - [1623 octets] ##########
    0
  18. iyad2009
     
    et aucun virus n'a été détécté :)

    Petit question, est ce qu'il ya un tutorial qui nous explique les demarches qui vous venez de me montrer...au moins la prochaine fois je vous derrange pas.
    0
  • 1
  • 2