Sujet Précédent Sujet Suivant

Optimiser mon pc portable, il n'avance pas

Fermé
jean - 29 déc. 2011 à 19:06
 jean - 5 janv. 2012 à 13:29
Bonjour, j'ai un pc portable, j'aimerai que vous m'aidiez, il rame, met du temps dans l'ouverture des fenêtres que puis-je faire ? merci d'avance pour vos réponse
A voir également:

14 réponses

Réponse 1 / 14
fred08700 Messages postés 3389 Date d'inscription lundi 19 janvier 2009 Statut Contributeur sécurité Dernière intervention 9 février 2014 550
Modifié par fred08700 le 31/12/2011 à 13:40
salut

pas mal d'infections ,beaucoup de choses inutiles et des mise à jours

on commence

===> présence de deux antivirus : F-secure et avast , il faut en désinstaller un

ensuite

1)

* Télécharge RogueKiller (de Tigzy) sur le Bureau
* Quitte tous tes programmes en cours
* Lance le.
* Lorsque demandé, tape 2 (suppression) et valide
* S'il demande pour supprimer un proxy, tape 1 (supprimer)
* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois.

2)

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Recherche] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt

3)

Télécharge ToolbarShooter (de 2011N2) sur ton bureau.
Double-clique sur l'icône présente sur ton bureau.
Appuye sur 1 (Recherche) puis ==> Entrée.
Patiente lors du scan.
À la fin, un rapport s'ouvre, héberge le ici : https://www.cjoint.com/
Le rapport est également sauvegardé sous C:\
Chaque difficulté rencontrée doit être l'occasion d'un nouveau progrès.

[Pierre de Coubertin]
1
Réponse 2 / 14
fred08700 Messages postés 3389 Date d'inscription lundi 19 janvier 2009 Statut Contributeur sécurité Dernière intervention 9 février 2014 550
29 déc. 2011 à 20:09
bonsoir

On va d'abord faire un diagnostique de ton pc. fais ceci

● Télécharges ZHPDiag ( de Nicolas coolman ).

ou http://www.premiumorange.com/zeb-help-process/zhpdiag.html ==> en bas de page


/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\

● Double clique sur le fichier d'installation, puis installes le avec les paramètres par défaut ( N'oublies pas de cocher " Créer une icône sur le bureau " )

● Lances ZHPDiag en double cliquant sur l'icône présente sur ton bureau

● Cliques sur la loupe en haut à gauche, puis laisse l'outil scanner.

● Une fois le scan terminé, cliques sur l'icône en forme de disquette et enregistres le fichier sur ton bureau.

● Rends toi sur too-files

● Cliques sur " Parcourir " dans la partie " Joindre un fichier[...] "

● Séléctionnes le rapport ZHPdiag.txt qui se trouve sur ton bureau

● Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
0
Réponse 3 / 14
jean
30 déc. 2011 à 12:01
merci pour ton aide:
http://www.toofiles.com/fr/oip/documents/txt/7481_zhpdiag.html
Que dois-je faire maintenant ?
0
fred08700 Messages postés 3389 Date d'inscription lundi 19 janvier 2009 Statut Contributeur sécurité Dernière intervention 9 février 2014 550
30 déc. 2011 à 19:15
bonsoir

le lien ne donne rien. Il faut le reposter soit sur

ci-joint : https://www.cjoint.com/
too-files : http://ww38.toofiles.com/fr/documents-homepage.html
0
Réponse 4 / 14
jean
31 déc. 2011 à 10:15
http://cjoint.com/?ALFknlGQApA
voila Fred j'espère que c'est bon.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
jean
2 janv. 2012 à 18:01
1) Raport Roguekiller:
RogueKiller V6.2.1 [28/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: EARL DE [Droits d'admin]
Mode: Suppression -- Date : 02/01/2012 17:57:52

¤¤¤ Processus malicieux: 1 ¤¤¤
[SVCHOST] svchost.exe -- Path not found -> KILLED [TermProc]

¤¤¤ Entrees de registre: 773 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:25473) -> NOT REMOVED, USE PROXYFIX
[IFEO] HKLM\[...]\Image File Execution Options : a.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aAvgApi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AAWTray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : About.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ackwin32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Ad-Aware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : adaware.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : advxdwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AdwarePrj.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agentsvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : agentw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alertsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alevir.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : alogserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AlphaAV.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AluSchedulerSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : amon9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : anti-trojan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Anti-Virus Professional.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntispywarXP2009.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : antivirus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPlus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusPro_2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntivirusXP.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : antivirusxppro2009.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AntiVirus_Pro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ants.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : apimonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aplica32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : apvxdwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : arr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Arrakis3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashAvast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashBug.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashChest.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashCnsnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashDisp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashLogV.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashMaiSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashPopWz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashQuick.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashServ.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSimp2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSimpl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPcc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashSkPck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashUpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ashWebSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswChLic.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswRegSvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswRunDll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aswUpdSv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atcon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atro55en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atupdater.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : atwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : au.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : aupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : auto-protect.nav80try.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autodown.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autotrace.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : autoupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : av360.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVCare.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avcenter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avciman.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avconfig.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avconsol.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ave32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVENGINE.EXE (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgchk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgcsrvx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgdumpx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgemc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgiproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgnsx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgrsx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgscanx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgserv9.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgsrmax.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgtray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avgwdsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkpop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avkwctl9.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avltmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avmailc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avmcdlg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avnotify.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avp32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpcc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpdos32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avptc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avpupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avsched32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avsynmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avupgsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : AVWEBGRD.EXE (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwin95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwinnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwsc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avwupsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitor9x.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxmonitornt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : avxquar.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : b.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : backweb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bargains.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdfvcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdfvwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDInProcPatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdmcon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDMsnScan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdreinit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdsubwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : BDSurvey.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdtkexec.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bdwizreg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bd_professional.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : beagle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : belt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bidef.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bidserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bipcp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bipcpevalsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bisp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blackd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blackice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blink.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : blss.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bootconf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bootwarn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : borg2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bpc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brasil.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brastk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : brw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bs120.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bspatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bundle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : bvt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : c.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cavscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccevtmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccpxysvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ccSvcHst.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cdp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfgwiz.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfiadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfiaudit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfinet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfinet32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfpconfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfplogvw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cfpupdat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Cl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : claw95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : claw95cf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : clean.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleaner.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleaner3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleanIELow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cleanpc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : click.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmdagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmesys.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmgrdian.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cmon016.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : connectionmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : control (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpf9x206.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cpfnt206.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : crashrep.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : csc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssconfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssupdat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cssurf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cwnb181.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : cwntdwmo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : d.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : datemanager.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dcomx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defalert.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defscangui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : defwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : deloeminfs.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : deputy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : divx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dllcache.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dllreg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : doors.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpfsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dpps2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : driverctrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drwatson.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drweb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : drwebupw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dssagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dvp95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : dvp95_0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ecengine.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : efpeadm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : egui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ekrn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : emsw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : esafe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : escanhnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : escanv95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : espwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ethereal.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : etrustcipe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : evpn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : exantivirus-cnet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : exe.avxw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : expert.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : explore.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-agnt95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-prot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-prot95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : f-stopw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fact.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fameh32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fch32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fih32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : findviru.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : firewall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fixcfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fixfp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fnrb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fp-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fp-win_trial.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fprot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : frmwrk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : frw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsaa.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav530stbyb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav530wtbyb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsav95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsgk32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsm32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsma32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : fsmb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gator.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbmenu.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbn976rl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gbpoll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : generics.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : gmt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guarddog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : guardgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hacktracersetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hbinst.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hbsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : History.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : homeav2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hotactio.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hotpatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : htlog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : htpatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hwpe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hxdl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : hxiul.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iamstats.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ibmasn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ibmavsp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icload95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icloadnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icsupp95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : icsuppnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Identity.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : idle.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iedll.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iedriver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : IEShow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iface.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ifw2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : inetlnfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : infus.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : infwin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : init.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : init32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[1].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[2].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[3].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[4].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : install[5].exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : intdel.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : intren.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : iomon98.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : istsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jammer.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jdbgmrg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : jedi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : JsRcGen.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavlite40eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavpers40eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kavpf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kazza.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : keenvalue.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-pf-213-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrl-421-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : kerio-wrp-421-en-win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : killprocesssetup161.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldnetmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldpro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldpromenu.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ldscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : licmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : livesrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lnetinfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : loader.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : localnet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lockdown.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lockdown2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lookout.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lordpe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luau.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : lucomserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luinit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : luspt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MalwareRemoval.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mapisvc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmnhdlr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcmscsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcnasvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : McSACore.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcshell.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcshield.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcsysmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mctool.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcvsrte.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mcvsshld.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : md.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfin32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfw2en.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mfweng3.02d30.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgavrtcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgavrte.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mghtml.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mgui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : minilog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mmod.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : monitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : moolive.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mostat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpfagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpfservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MPFSrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mpftray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mrflux.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mrt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msa.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : MSASCui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msbb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msblast.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mscache.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msccn32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mscman.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msconfig (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msdm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msdos.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msiexec16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mslaugh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msmgt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msmsgri32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msseces.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mssmmc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mssys.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : msvxd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mu0311ad.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : mwatch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : n32scanw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navap.navapsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navapsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navapw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navdx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navlu32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navstub.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : navwnt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nc2000.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ncinst4.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ndd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : neomonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : neowatchlog.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netarmor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netd32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netinfo.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netscanpro.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netspyhunter-1.2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : netutils.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nisserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nisum.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nmain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nod32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : normist.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : norton_internet_secu_3.0_407.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : notstart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npf40_tw_98_nt_me_2k.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npfmessenger.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nprotect.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npscheck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : npssvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nsched32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nssys32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nstask32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nsupdate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntrtscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntvdm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ntxconfig.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nupgrade.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvarch16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvc95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nvsvc32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwinst4.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwservice.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : nwtool16.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAcat.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAhlp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : OAReg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oasrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oaui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : oaview.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ODSW.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ollydbg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : onsrvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : optimize.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ostronet.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : otfix.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpostinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : outpostproinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ozn695m5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : padmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : panixk.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : patch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pav.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavcl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PavFnSvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavprsrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavsched.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavsrv51.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pavw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pccwin98.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcfwallicon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcip10117_0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pcscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsAuxs.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsGui.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pctsTray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PC_Antispyware2010.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pdfndr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pdsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PerAvir.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : periscope.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : persfw.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : personalguard (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : personalguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : perswf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pf2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pfwadmin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pgmonitr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pingscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : platin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pop3trap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : poproxy.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : popscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : portdetective.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : portmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : powerscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ppinupdt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pptbc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ppvstop.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prizesurfer.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prmt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : prmvr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : procdump.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : processmonitor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : procexplorerv1.0.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : programauditor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : proport.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : protector.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : protectx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANCU.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANHost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSANToManager.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PsCtrls.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PsImSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PskSvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : pspf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : PSUNMain.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : purge.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qconsole.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : qserver.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Quick Heal.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : QuickHealCleaner.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rapapp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav7.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav7win.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rav8win32eng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rb32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rcsync.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : realmon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : reged.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : regedt32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rescue.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rescue32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rrguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rscdwld.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rshell.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rtvscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rtvscn95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rulaunch.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rwg (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : rwg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SafetyKeeper.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : safeweb.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sahagent.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Save.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveArmor.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveDefense.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SaveKeep.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : savenow.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sbserv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scam32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scan32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scan95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scanpm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : scrscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : seccenter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Secure Veteran.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : secureveteran.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : Security Center.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SecurityFighter.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : securitysoldier.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : serv95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setloadorder.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setupvameeval.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : setup_flowprotector_us.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sgssfw32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sh.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shellspyinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shield.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : shn.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : showbehind.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : signcheck.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smart.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smartprotector.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smrtdefp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sms.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : smss32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : snetcfg.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : soap.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sofi.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : SoftSafeness.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sperm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spf.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sphinx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoler.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoolcv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spoolsv32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spywarexpguard.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : spyxx.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : srexe.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : srng.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ss3edit.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ssgrate.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : ssg_4104.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : st2.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : start.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : stcloader.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : supftrl.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : support.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : supporter5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svchostc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svchosts.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : svshost.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sweep95.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sweepnet.sweepsrv.sys.swnetsup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symlcsvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symproxysvc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : symtray.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : system.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : system32.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : sysupd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tapinstall.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : taumon.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tbscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tca.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tcm.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds-3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds2-98.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tds2-nt.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : teekids.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tfak.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tfak5.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tgbob.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : titanin.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : titaninxp.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : TPSrv.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trickler.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trjscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trjsetup.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : trojantrap3.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : TrustWarrior.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tsadbot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tsc.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tvmd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : tvtmd.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : uiscan.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\Image File Execution Options : undoboot.exe (svchost.exe) -> DELETED
[IFEO] HKLM\[...]\I
0
Réponse 6 / 14
fred08700 Messages postés 3389 Date d'inscription lundi 19 janvier 2009 Statut Contributeur sécurité Dernière intervention 9 février 2014 550
3 janv. 2012 à 17:00
bonsoir

==> j'attends toujours les rapports de adwcleaner et toolbarshooter comme indiqué ici

==> dans la foulée , relancé roguekiller

.Quitter tous les programmes en cours
.Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
.Sinon lancer simplement RogueKiller.exe
.Lorsque demandé, taper 4 et valider
.Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
.Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
0
Réponse 7 / 14
jean
3 janv. 2012 à 18:44
dsl fred08700, j ai pas pu te les poster parce qu'il y avait marquer titre du message non renseigné. je t envois les raports avec ci-joint dans ma prochaine réponse, encore un grand merci pour ton aide
0
Réponse 8 / 14
jean
3 janv. 2012 à 19:08
rapport adwcleaner :
http://cjoint.com/?BAdsUDQR3Ws

rapport toolbarshooter :
http://cjoint.com/?BAdtiqtHxWF
0
Réponse 9 / 14
jean
3 janv. 2012 à 19:21
rapport roguekiller :
http://cjoint.com/?BAdtt7Ou1yl
j'attend la suite des procédures, merci fred
0
Réponse 10 / 14
fred08700 Messages postés 3389 Date d'inscription lundi 19 janvier 2009 Statut Contributeur sécurité Dernière intervention 9 février 2014 550
3 janv. 2012 à 20:49
re

1) ok pour roguekiller

2) relance adwcleaner
clique sur [suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

3) relance toolbarshooter
Appuye sur 2 (suppression) puis ==> Entrée.
Patiente lors du scan.
À la fin, un rapport s'ouvre, héberge le

4) refais un nouveau scan zhpdiag

clique sur la flèche verte en haut de sa page pour lancer une mise à jour, si ton parfeu demande l'autorisation, accepte le.

● Rends toi sur http://www.cijoint.fr/

● Cliques sur " Parcourir " dans la partie " Joindre un fichier[...] "

● Sélectionnes le rapport ZHPdiag.txt qui se trouve sur ton bureau

● Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
0
Réponse 11 / 14
jean
4 janv. 2012 à 14:58
2) rapport adwcleaner :
http://cjoint.com/?BAeo3fi7JhF

3) rapport toolbarshooter :
http://cjoint.com/?BAeo45TMoSS

et maintenant ?
0
Réponse 12 / 14
fred08700 Messages postés 3389 Date d'inscription lundi 19 janvier 2009 Statut Contributeur sécurité Dernière intervention 9 février 2014 550
4 janv. 2012 à 17:09
bonsoir

on continu. Dans cet ordre

Utilisation de ZHPfix

*fais un copié des lignes en gras suivantes

----------------------------------------------------------
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
G2 - GCE: Preference [User Data\Default] [eppeebfgcgojgpffkdcpiljephjaboki] Interest Recognizer for Widestream6 v.4.0.1938.5 (Activé)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
O2 - BHO: Interest recogniser for Widestream6 (powered by Spointer) - {1a6dc111-b030-4c3e-be65-299284128b91} . (.Widestream6 - Interest Recognizer for Widestream6.) -- C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll
O4 - Global Startup: C:\Users\Mcx1\Desktop\WebMediaPlayer.lnk . (...) -- C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (.not file.)
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Security Suite.lnk . (...) -- C:\ProgramData\f72542\ISf72_2211.exe (.not file.)
O20 - AppInit_DLLs: . (...) - C:\Program Files\WI371A~1\Datamngr\datamngr.dll (.not file.) => Infection BT (Adware.Bandoo)
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\Nosibay\Bubble Shopping\Launcher.exe (.not file.)
O4 - HKCU\..\Run: [POEngine5] Clé orpheline
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.exe.NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C; BRI\2; 9887075603; Version\10.02211) (.not file.)
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [POEngine5] Clé orpheline
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk . (...) -- C:\Poker\Titan Poker\casino.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\Desktop\Aldo's Pianito.lnk . (...) -- C:\Program Files\Aldo's Pianito\Pianito.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk . (...) -- C:\Poker\Titan Poker\casino.exe (.not file.)
O4 - Global Startup: C:\Users\EARL DE\Desktop\Internet - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk . (...) -- C:\Poker\Titan Poker\casino.exe (.not file.)
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos Démarches Administratives.lnk - Clé orpheline
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) (5, 0, 1, 3) -- C:\Program Files\Mininova\tbMin1.dll
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) (5, 0, 1, 3) -- C:\Program Files\Mininova\tbMin1.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Mininova\tbMin1.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Mininova\tbMin1.dll
emptytemp
emptyflash
firewallraz

----------------------------------------------------------
/!\ Utilisateurs de vista/7 , cette manipulation est à effectuer en tant qu'administrateur ( Clic droit -> [Exécuter en tant qu'administrateur] ) /!\

* Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag- écusson vert-)
- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse

==> si tu reçois un message de confirmation de désinstallation de certains logiciels, accepte le :-)

* Copie/colle la totalité du rapport dans ta prochaine réponse


************************************

refais un nouveau scan zhpdiag

● Rends toi sur http://www.cijoint.fr/

● Cliques sur " Parcourir " dans la partie " Joindre un fichier[...] "

● Sélectionnes le rapport ZHPdiag.txt qui se trouve sur ton bureau

● Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
0
Réponse 13 / 14
jean
5 janv. 2012 à 12:27
Rapport de ZHPFix 1.12.3377 par Nicolas Coolman, Update du 26/12/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-05-01-2012-12-25-51.txt
Run by EARL DE at 05/01/2012 12:25:43
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
SUPPRIME Key: CLSID BHO: {1a6dc111-b030-4c3e-be65-299284128b91}
SUPPRIME Key: CLSID BHO: {f592709f-ff4a-4862-b659-4afabda56312}

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: POEngine5
SUPPRIME RunValue: Shockwave Updater
ABSENT RunValue: POEngine5
SUPPRIME URLSearchHook: {f592709f-ff4a-4862-b659-4afabda56312}
SUPPRIME Toolbar: {f592709f-ff4a-4862-b659-4afabda56312}
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIME FirewallRaz (None) : {DBB6FCC8-8488-49DC-9D10-29D2B2CFDF24}
SUPPRIME FirewallRaz (None) : {0675A138-6CB8-4334-A2D0-D2B519A1AE9A}
SUPPRIME FirewallRaz (None) : {2A5C53AC-B61E-47EA-85B9-B2FE467A80F9}
SUPPRIME FirewallRaz (None) : {E5B81518-E643-4CE4-A1B3-67E93D6888AC}
SUPPRIME FirewallRaz (None) : {9DE98E7E-A392-493F-81C0-9C41A23DF344}
SUPPRIME FirewallRaz (None) : {465BDCAC-1A66-421C-ACF9-B90F20B2E8A4}
SUPPRIME FirewallRaz (Private) : {D3296FF8-84E5-453C-AF20-612B7A6AB930}
SUPPRIME FirewallRaz (Private) : {982FA5A6-1545-4178-963F-3CAFBFC64E27}
SUPPRIME FirewallRaz (None) : {D342A907-6B0B-46B2-9535-F2FC372FBE0F}
SUPPRIME FirewallRaz (None) : {E4F961C7-4C86-4669-A81B-17D8B152FACF}
SUPPRIME FirewallRaz (None) : {7C095E1F-6B7D-4B54-91C5-808BEEC51763}
SUPPRIME FirewallRaz (Public) : TCP Query User{05179C2F-874C-436F-B4AA-D383C3A54686}C:\program files\utorrent\utorrent.exe
SUPPRIME FirewallRaz (Public) : UDP Query User{74AC4884-5B73-4EA1-809F-3A18A5E3F0F9}C:\program files\utorrent\utorrent.exe
SUPPRIME FirewallRaz (None) : {9712D074-1918-4BA8-8150-4A124356EA11}
SUPPRIME FirewallRaz (None) : {195DAF2C-BE11-4800-9FB7-83C3DDF512F4}
SUPPRIME FirewallRaz (None) : {B68DDD75-2CAF-4B62-9371-C04B908C0292}
SUPPRIME FirewallRaz (None) : {92369E36-9037-406E-8832-F350C45BFED4}
SUPPRIME FirewallRaz (None) : {ACA49793-3A02-4A6D-805E-866252717F50}
SUPPRIME FirewallRaz (None) : {B65F2873-415A-4E3E-B18D-C32CD346E488}
SUPPRIME FirewallRaz (None) : {7FCF736E-B32B-4982-9ABB-64A31394A75D}
SUPPRIME FirewallRaz (Private) : {0D72F232-93D6-496B-A2ED-EED100206F7D}
SUPPRIME FirewallRaz (Private) : {955200D2-4209-4593-9453-00A7B5749275}
SUPPRIME FirewallRaz (Private) : {488DF681-E114-4EB7-AC3A-CEC5A063DFAA}
SUPPRIME FirewallRaz (Private) : {DB410654-6FE0-4A84-91DF-161463CF7DA0}

========== Elément(s) de donnée du Registre ==========
REMPLACE Value FirewallOverride : Good (0) - Bad (1)
SUPPRIME PhishingFilter Value: Enabled = 0
SUPPRIME AppInit: \Program Files\WI371A~1\Datamngr\datamngr.dll

========== Préférences navigateur ==========
SUPPRIME Folder Chrome: C:\Users\EARL DE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppeebfgcgojgpffkdcpiljephjaboki

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\EARL DE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppeebfgcgojgpffkdcpiljephjaboki
SUPPRIME Temporaires Windows: : 82
SUPPRIME Flash Cookies: 14

========== Fichier(s) ==========
SUPPRIME Reboot c:\program files\widestream6\spointer\extensions\widestream6_air_ie.dll
SUPPRIME Reboot c:\users\mcx1\desktop\webmediaplayer.lnk
ABSENT File: c:\program files\webmediaplayer\webmediaplayer.exe
SUPPRIME Reboot c:\users\earl de\appdata\roaming\microsoft\internet explorer\quick launch\internet security suite.lnk
ABSENT File: c:\programdata\f72542\isf72_2211.exe
ABSENT File: \program files\wi371a~1\datamngr\datamngr.dll
SUPPRIME Reboot c:\windows\system32\adobe\shockw~1\swhelp~1.exe
ABSENT File: c:\users\mcx2\appdata\roaming\microsoft\internet explorer\quick launch\titan poker.lnk
ABSENT File: c:\poker\titan poker\casino.exe
SUPPRIME Reboot c:\users\mcx1\desktop\aldo's pianito.lnk
ABSENT File: c:\program files\aldo's pianito\pianito.exe
SUPPRIME Reboot c:\users\mcx1\appdata\roaming\microsoft\internet explorer\quick launch\titan poker.lnk
SUPPRIME Reboot c:\users\earl de\desktop\internet - raccourci.lnk
SUPPRIME Reboot c:\users\earl de\appdata\roaming\microsoft\internet explorer\quick launch\pokerstars.fr.lnk
SUPPRIME Reboot c:\program files\pokerstars.fr\pokerstarsupdate.exe
SUPPRIME Reboot c:\users\earl de\appdata\roaming\microsoft\internet explorer\quick launch\titan poker.lnk
SUPPRIME Reboot c:\users\earl de\appdata\roaming\microsoft\internet explorer\quick launch\vos démarches administratives.lnk
SUPPRIME Reboot c:\program files\mininova\tbmin1.dll
SUPPRIME Temporaires Windows: : 249
SUPPRIME Flash Cookies: 7

========== Tache planifiée ==========
SUPPRIME Task: RunAsStdUser Task


========== Récapitulatif ==========
2 : Clé(s) du Registre
31 : Valeur(s) du Registre
3 : Elément(s) de donnée du Registre
3 : Dossier(s)
20 : Fichier(s)
1 : Préférences navigateur
1 : Tache planifiée


End of clean in 00mn 25s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 05/01/2012 12:25:43 [5123]
0
Réponse 14 / 14
jean
5 janv. 2012 à 13:29
Rapport de ZHPDiag v1.28.305 par Nicolas Coolman, Update du 01/01/2012
Run by EARL DE at 05/01/2012 13:07:32
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.6.24 (fr)
GCIE: Google Chrome v16.0.912.63 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RJ34F
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1021 MB (13% free)
System Restore: Activé (Enable)
System drive C: has 74 GB (50%) free of 147 GB

---\\ Logged in mode
~ Computer Name: CERFI19399
~ User Name: EARL DE
~ All Users Names: postgres, Mcx2, Mcx1, EARL DE, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\EARL DE\AppData\Roaming\
~ %Desktop% : C:\Users\EARL DE\Desktop\
~ %Favorites% : C:\Users\EARL DE\Favorites\
~ %LocalAppData% : C:\Users\EARL DE\AppData\Local\
~ %StartMenu% : C:\Users\EARL DE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 74 Go of 147 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/09/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.20/09/2008 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.02F98B5C0E397AD06124D84428CF8F1A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.27/12/2011 - 23:39:47.) -- C:\Windows\system32\wininet.dll [1127424]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/09/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (.Microsoft Corporation - DLL client de l'API uilisateur de Windows multi-utilisateurs.) (.20/09/2008 - 08:34:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/09/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.20/09/2008 - 06:28:02.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/09/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/09/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.20/09/2008 - 06:49:18.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.20/09/2008 - 06:56:28.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/09/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/09/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/09/2008 - 06:56:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/09/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/09/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/09/2009 - 07:32:55.) -- C:\Windows\system32\drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 30/1641
~ Mes musiques (My Musics) : 179/864
~ Mes Videos (My Video) : 0/0
~ Mes Favoris (My Favorites) : 4/313
~ Mes Documents (My Documents) : 86/597
~ Mon Bureau (My Desktop) : 9/792
~ Menu demarrer (Programs) : 7/32
~ Scan Hidden Files in 00mn 16s



---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.640]
[MD5.1ED780F9C470D4F22D9EF29A3082B0F4] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [493688] [PID.1348]
[MD5.E57A49BC4C21C2F2EA5403626EFC6DF0] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [530552] [PID.1844]
[MD5.21951365EE72B60574D2B1615939746D] - (.TOSHIBA Inc. - TOSHIBA Volume Up/Dwon Filter Application.) -- C:\Program Files\TOSHIBA\Utilities\VolControl.exe [94208] [PID.1480]
[MD5.93225E495B790822039F561839529B0B] - (.TOSHIBA CORPORATION - ConfigFree(TM) tray.) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [1372160] [PID.1732]
[MD5.D96CDA05732F68C5FDB3C547C939C98A] - (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe [563080] [PID.1288]
[MD5.2D1389E05A807D956829F44BD4B60389] - (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048] [PID.824]
[MD5.FBAF93425D4B5A6C48ABB5B7F81088CD] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE [201128] [PID.1400]
[MD5.F7226AA410954185160067D5FA82F3F2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3744552] [PID.12]
[MD5.002835A0AFFF66D5A7B7FB266A6AA368] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [413696] [PID.2052]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2060]
[MD5.78366BE8FAC93641312983139534E37F] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [247144] [PID.2068]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2100]
[MD5.4E5E1969FF6ADCE6F2BFAFD24BFACF13] - (.Pas de propriétaire - Sagem - Utilitaire réseau pour Clé USB Wi-F.) -- C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [679936] [PID.2132]
[MD5.AB7EB5E27E9F18698B9B6CB6F56E6745] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager.) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe [405504] [PID.4904]
[MD5.78D76239DF5A161C702FDECC7D6E4863] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1047096] [PID.5668]
[MD5.753BC2E2E52FA2DC77A5193BA70263F3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [712704] [PID.5428]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2680]
~ Scan Processes Running in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\EARL DE\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.sweetim.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [eppeebfgcgojgpffkdcpiljephjaboki] Interest Recognizer for Widestream6 v.4.0.1938.5 (Activé)
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\EARL DE\AppData\Roaming\Mozilla\Firefox\Profiles\j7gf7t5w.default\prefs.js
M3 - MFPP: Plugins - [EARL DE] -- C:\Users\EARL DE\AppData\Roaming\Mozilla\Firefox\Profiles\j7gf7t5w.default\searchplugins\live-search.xml
M3 - MFPP: Plugins - [EARL DE] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [EARL DE] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [EARL DE] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [EARL DE] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [EARL DE] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [EARL DE] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M2 - MFEP: prefs.js [EARL DE - j7gf7t5w.default\ChoiceGuard@Microsoft] [] Microsoft Choice Guard v1.2 (.Microsoft.)
M2 - MFEP: prefs.js [EARL DE - j7gf7t5w.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [EARL DE - j7gf7t5w.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v3.0.20070525W (.Google Inc..)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\System32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) (5, 0, 1, 3) -- C:\Program Files\Mininova\tbMin1.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) (5, 0, 1, 3) -- C:\Program Files\Mininova\tbMin1.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Interest recogniser for Widestream6 (powered by Spointer) - {1a6dc111-b030-4c3e-be65-299284128b91} . (.Widestream6 - Interest Recognizer for Widestream6.) -- C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\System32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} . (.F-Secure Corporation - Litmus.) -- C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Mininova\tbMin1.dll
~ Scan BHO in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Mininova\tbMin1.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} . (.F-Secure Corporation - Litmus.) -- C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [TOSHIBA Volume Indicator] . (.TOSHIBA Inc. - TOSHIBA Volume Up/Dwon Filter Application.) -- C:\Program Files\TOSHIBA\Utilities\VolControl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [NvSvc] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 97.48.) -- C:\Windows\System32\nvsvc.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\System32\nvcpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\nvmctray.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] . (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - TNBUtil.) -- C:\Program Files\Orange\Antivirus Firewall\FSGUI\tnbutil.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [Google Updater] . (.Google - Google Updater.) -- C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKCU\..\Run: [POEngine5] Clé orpheline
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.exe.NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C; BRI\2; 9887075603; Version\10.02211) (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [POEngine5] Clé orpheline
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [Xvid] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKUS\S-1-5-21-446684339-475883331-3734545399-1008-446684339-475883331-3734545399-1000\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.exe.NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3
~ Scan Application in 00mn 02s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\postgres\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\postgres\Desktop\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Mcx2\Desktop\Dofus.lnk . (...) -- C:\Program Files\Dofus\UpLauncher.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx2\Desktop\Free Mp3 Wma Converter.lnk . (...) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx2\Desktop\Installer Norton Internet Security-2008.lnk . (...) -- C:\ProgramData\Symantec Temporary Files\NIS081550FR.exe
O4 - Global Startup: C:\Users\Mcx2\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\Mcx2\Desktop\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\Mcx2\Desktop\Super Card.lnk . (...) -- C:\Program Files\SC\SuperCardRumble.exe
O4 - Global Startup: C:\Users\Mcx2\Desktop\Virtualis.lnk . (.Orbiscom Ltd. All rights reserved..) -- C:\Program Files\Virtualis\CMB.exe
O4 - Global Startup: C:\Users\Mcx2\Desktop\Winamax Poker.lnk . (...) -- C:\Program Files\WinamaxPoker\StartWinamaxPoker.exe
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk . (...) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\Mcx2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk . (...) -- C:\Poker\Titan Poker\casino.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\Aldo's Pianito.lnk . (...) -- C:\Program Files\Aldo's Pianito\Pianito.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\Desktop\Dofus.lnk . (...) -- C:\Program Files\Dofus\UpLauncher.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\Desktop\Free Mp3 Wma Converter.lnk . (...) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\Desktop\Installer Norton Internet Security-2008.lnk . (...) -- C:\ProgramData\Symantec Temporary Files\NIS081550FR.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\Piano Virtuel Midi.lnk . (.Home.) -- C:\Program Files\Pvm\Piano virtuel midi.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\Super Card.lnk . (...) -- C:\Program Files\SC\SuperCardRumble.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\Virtualis.lnk . (.Orbiscom Ltd. All rights reserved..) -- C:\Program Files\Virtualis\CMB.exe
O4 - Global Startup: C:\Users\Mcx1\Desktop\WebMediaPlayer.lnk . (...) -- C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\Desktop\Winamax Poker.lnk . (...) -- C:\Program Files\WinamaxPoker\StartWinamaxPoker.exe
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk . (...) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe (.not file.)
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk . (...) -- C:\Poker\Titan Poker\casino.exe (.not file.)
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian FLV Player.lnk . (...) -- C:\Program Files\FLV Player\FLVPlayer.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Palette.LNK . (.Loisel.) -- C:\palette.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\EARL DE\Desktop\Agranet.lnk . (...) -- C:\Program Files\ARSOE de Bretagne\Agranet\Agranet\Agranet.exe
O4 - Global Startup: C:\Users\EARL DE\Desktop\Internet - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\EARL DE\Desktop\VETELEVAGE.lnk . (.Vétocom S.A.S.) -- C:\VETELEVAGE\VETELEVAGE.exe
O4 - Global Startup: C:\Users\EARL DE\Desktop\Virtualis.lnk . (.Orbiscom Ltd. All rights reserved..) -- C:\Program Files\Virtualis\CMB.exe
O4 - Global Startup: C:\Users\EARL DE\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (2).lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Security Suite.lnk . (...) -- C:\ProgramData\f72542\ISf72_2211.exe (.not file.)
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files\Google\Picasa3\Picasa3.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProfPDF Protection Manager.lnk . (...) -- C:\Program Files\llionsoft\PDFProtMgr\PDFProtectMgr.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk . (...) -- C:\Poker\Titan Poker\casino.exe (.not file.)
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\viCompte.lnk . (.www.vionline.fr.) -- C:\Program Files\viCompte\viCompte.exe
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos Démarches Administratives.lnk - Clé orpheline
O4 - Global Startup: C:\Users\EARL DE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (...) -- C:\Program Files\uTorrent\uTorrent.exe (.not file.)
~ Scan Global Startup in 00mn 06s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} . (...) -- C:\Toshiba\ebay\ebay.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A11C4F6-7D33-4D8C-B4AF-9EE0AAE74654}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{835EA7DD-8798-425B-BC77-649EA6DC009C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A11C4F6-7D33-4D8C-B4AF-9EE0AAE74654}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{835EA7DD-8798-425B-BC77-649EA6DC009C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{835EA7DD-8798-425B-BC77-649EA6DC009C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{835EA7DD-8798-425B-BC77-649EA6DC009C}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 01s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\WI371A~1\Datamngr\datamngr.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de licence ABBYY FineReader 9.0 (ABBYY.Licensing.FineReader.Professional.9.0) . (.ABBYY (BIT Software) - ABBYY network license server.) - C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Management Agent (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate Notice Service (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Planificateur LiveUpdate automatique (Planificateur LiveUpdate automatique) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Realtek11nSU (Realtek11nSU) . (.Realtek - RtlService MFC Application.) - C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\System32\TODDSrv.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe
~ Scan Services in 00mn 03s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.408DDD80EEDE47175F6844817B90213E] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\Nosibay\Bubble Shopping\Launcher.exe (.not file.)
[MD5.81BBCE93B9463948F97592B9B4B5B33E] [APT] [{9550C9E5-11DA-4A5E-BF91-02CF551E472F}] (.PC SOFT.) -- C:\VETELEVAGE\WDUNINST.exe
[MD5.DB6BE4901878EDA9D7C89CD443998767] [APT] [{BCB3C12B-898E-4377-9A8D-DC8562371F88}] (.RealTek.) -- C:\Program Files\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\Install.exe
~ Scan Scheduled Task in 00mn 09s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\Windows\system32\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\swdir.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.0 r1.) -- C:\Windows\System32\Macromed\Flash\Flash11c.ocx
~ Scan Active Setup in 00mn 01s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (F-Secure HIPS) . (.F-Secure Corporation - HIPS 32-bit kernel module.) - C:\Program Files\Orange\Antivirus Firewall\HIPS\drivers\fshs.sys
O41 - Driver: (FSES) . (.F-Secure Corporation - F-Secure Email Interceptor.) - C:\Windows\system32\drivers\fses.sys
O41 - Driver: (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver.) - C:\Windows\system32\drivers\fsdfw.sys
O41 - Driver: (fsvista) . (...) - C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 46s



---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 9.0 Professional Edition - (.ABBYY.) [HKLM] -- {F9000000-0001-0000-0000-074957833700}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agranet - (.ARSOE de Bretagne.) [HKLM] -- {AB8FED9B-85DF-4B2B-AC51-EB2C437807FC}
O42 - Logiciel: Agranet Modules Externes - (.ARSOE de Bretagne.) [HKLM] -- {F7A10BFF-9E14-46A1-A8BB-F9E2E243541F}
O42 - Logiciel: Anti-virus firewall - (.Pas de propriétaire.) [HKLM] -- F-Secure Product 440
O42 - Logiciel: Applian FLV Player - (.Applian Technologies Inc..) [HKLM] -- Applian FLV Player2.0.23
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Belltech Greeting Card Designer 5.4.0 - (.Belltech Systems.) [HKLM] -- Belltech Greeting Card Designer 5.4.0_is1
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.Pas de propriétaire.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CNARILH - (.Jean LAMAISON.) [HKCU] -- deff544638a43650
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Codeur Windows Media Série 9 - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
O42 - Logiciel: Codeur Windows Media Série 9 - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 -
0

Discussions similaires

Annuaire portable gratuit à partir d'un nom
dani26 -
Authority -

9 réponses