[Résolu] Problème de virus

ZINOU · le 14 septembre 2011

VOI

Web site : ZHPDiag Outil de diagnostic

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

---\\ Windows Product Information

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : 3Q6C9

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4095.2 MB (58% free)

System Restore: Activé (Enable)

System drive C: has 506 GB (73%) free of 685 GB

---\\ Logged in mode

~ Computer Name: ZINOU-HP

~ User Name: ZINOU

~ All Users Names: ZINOU, UpdatusUser, HomeGroupUser$, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\ZINOU\AppData\Roaming\

~ %Desktop% : C:\Users\ZINOU\Desktop\

~ %Favorites% : C:\Users\ZINOU\Favorites\

~ %LocalAppData% : C:\Users\ZINOU\AppData\Local\

~ %StartMenu% : C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 506 Go of 685 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 13 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn AMs

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.4/27/2011 - 7:19:30 AM.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.7/14/2009 - 2:39:31 AM.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/10/2011 - 6:36:16 AM.) -- C:\Windows\system32\wininet.dll [1389056]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2/24/2011 - 2:25:30 PM.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.4/27/2011 - 7:41:34 AM.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2/24/2011 - 2:27:26 PM.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.2/24/2011 - 2:07:20 PM.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

~ Scan Generic Processes in 00mn AMs

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 6/783

~ Mes musiques (My Musics) : 707/4934

~ Mes Videos (My Videos) : 2/459

~ Mes Favoris (My Favorites) : 5/331

~ Mes Documents (My Documents) : 40/15260

~ Mon Bureau (My Desktop) : 0/418

~ Menu demarrer (Programs) : 6/32

~ Scan Hidden Files in 12mn AMs

---\\ Processus lancés

[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.1932]

[MD5.63A648C5FEB5DE641E1174ACB6CF78C6] - (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888] [PID.1940]

[MD5.C11645E219C8C9113A8D9E0500ED25E5] - (.PacketVideo - TwonkyMedia Tray Application.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe [603736] [PID.3048]

[MD5.3AF02017597E4C6399FD3E390E601D5E] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3608240] [PID.2008]

[MD5.C983E62B6FB74457D173BA93F66F6068] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3384]

[MD5.A40432BB46793F3A2AD42E6D23A8290F] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252136] [PID.3552]

[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748336] [PID.4188]

[MD5.461A87D7A4304BDA228CF1DBB86D3CE9] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_ActiveX.exe [243360] [PID.3868]

[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.3676]

[MD5.457E6B550AABC987AF117ED968C2F3D9] - (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3029208] [PID.]

[MD5.B4837FE56D76B2E9EA90E5365CF6A2BE] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.]

[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.]

[MD5.DF5A3016052755C910A206058B4A1729] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]

[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]

[MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [349472] [PID.]

[MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.]

[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.3120A421ED14B0186675E295219D441C] - (.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336] [PID.]

[MD5.A2ABC52CD8A5B60262B220A17A92EB31] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472] [PID.]

[MD5.2748912E0E656AE1FB74C4BFDF7BC470] - (...) -- C:\Program Files (x86)\Serveur Media\TwonkyMediaServer.exe [1451608] [PID.]

~ Scan Processes Running in 00mn AMs

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\ZINOU\AppData\Local\Google\Chrome\User Data\Default\Preferences

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G2 - GCE: Preference [user Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé)

G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.3 (Activé)

G2 - GCE: Preference [user Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E HTML5 DivX Plus Web Player v.2.1.1.94 (Activé)

~ Scan Google Browser in 00mn AMs

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_27 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.1.0f4.) -- C:\Users\ZINOU\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

~ Scan Firefox Browser in 00mn AMs

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation

R0 - HKUS\S-1-5-21-4247541363-2138921599-923811196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing

R1 - HKUS\S-1-5-21-4247541363-2138921599-923811196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn AMs

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn AMs

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn AMs

---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn AMs

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi

O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

~ Scan BHO in 00mn AMs

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [smartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

O4 - HKLM\..\Run: [CamserviceHD] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Dualpix HD\XtrCtrl.exe

O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe

O4 - HKLM\..\Run: [spywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

O4 - HKLM\..\Run: [spywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [Digital Patrol Update 5] C:\Program Files (x86)\NictaTech Software\Digital Patrol 5\dpatrolu.exe (.not file.)

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

~ Scan Application in 00mn AMs

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files (x86)\Spotify\spotify.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\Audacity.lnk . (...) -- C:\Program Files (x86)\Audacity\audacity.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\captimag - Raccourci.lnk . (.Claude Dekokère.) -- C:\Users\ZINOU\Documents\captimag.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\CCleaner64 - Raccourci.lnk . (.Piriform Ltd.) -- C:\Users\ZINOU\Documents\CCleaner64.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\DivX Movies.lnk . (...) -- C:\Users\ZINOU\Videos\DivX Movies

O4 - Global Startup: C:\Users\ZINOU\Desktop\Free Music Zilla.lnk . (...) -- C:\Program Files (x86)\Free Music Zilla\FMZilla.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\Light Image Resizer 4.lnk . (.ObviousIdea SARL.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\Mixxx.lnk . (...) -- C:\Program Files (x86)\DjMixerStudio\mixxx.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\mkv2vob.lnk . (.3r1c.) -- C:\Program Files (x86)\mkv2vob\loader.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\MWAVSCAN.lnk . (...) -- C:\Users\ZINOU\AppData\Local\Temp\mwavscan.exe (.not file.)

O4 - Global Startup: C:\Users\ZINOU\Desktop\SmartRipper - Raccourci.lnk . (...) -- C:\Users\ZINOU\Documents\SmartRipper 2.41\SmartRipper.exe

O4 - Global Startup: C:\Users\ZINOU\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files (x86)\Spotify\spotify.exe

O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QUICKMEDIACONVERTER.lnk . (.CocoonSoftware.) -- C:\Program Files\QuickMediaConverter\QMC.exe

~ Scan Global Startup in 03mn AMs

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: ajouter cette page à vos favoris Orange . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html

O8 - Extra context menu item: envoyer le texte sélectionné par sms . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html

O8 - Extra context menu item: envoyer par sms . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html

O8 - Extra context menu item: envoyer un mail . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll

O8 - Extra context menu item: orange.fr . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html

O8 - Extra context menu item: traduire la page . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html

O8 - Extra context menu item: traduire le texte sélectionné . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html

~ Scan IE Menu Contextuel in 00mn AMs

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

~ Scan Winsock in 00mn AMs

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax64.cab

~ Scan Objets ActiveX in 00mn AMs

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home

O17 - HKLM\System\CS1\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home

O17 - HKLM\System\CS2\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home

~ Scan Domain in 00mn AMs

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

~ Scan Protocole Additionnel in 00mn AMs

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

~ Scan SSODL in 00mn AMs

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Emsisoft Anti-Malware 5.1 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O23 - Service: Serveur Média (Serveur Média) . (.PacketVideo - TwonkyMedia Server watchdog.) - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) . (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

~ Scan Services in 00mn AMs

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn AMs

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForZINOU.job

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForZINOU] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

[MD5.A40432BB46793F3A2AD42E6D23A8290F] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

[MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.7636713B4F0944045AB4AF7CED5245AB] [APT] [Programme de mise … jour en ligne de Divx] (...) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

[MD5.B114DB354D13A21C1AC2B1807EE2F500] [APT] [Programme de mise … jour en ligne de Real Player] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeLogonTaskS-1-5-21-4247541363-2138921599-923811196-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeScheduledTaskS-1-5-21-4247541363-2138921599-923811196-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.00000000000000000000000000000000] [APT] [{08513374-DDA9-4C13-A029-4A9BE1EA4C98}] (...) -- C:\Program Files\Alwil Software\Avast5\aswRundll.exe (.not file.)

[MD5.1C374EA1D363CE916F2D835C50A9C105] [APT] [{EFE60423-B3F3-499C-94DA-BFAD177043AB}] (...) -- C:\Users\ZINOU\Documents\PROGRAMMES ZINOU\CamStudio20.exe

[MD5.00000000000000000000000000000000] [APT] [{F57B0474-CDFE-4EF3-ADAD-542089BDE3D1}] (...) -- C:\Program Files (x86)\NOS\bin\getPlusUninst_Adobe.exe (.not file.)

[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

~ Scan Scheduled Task in 03mn AMs

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (SAVRKBootTasks) . (. - .) - C:\Windows\system32\SAVRKBootTasks.sys (.not file.)

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn AMs

---\\ Logiciels installés (O42)

O42 - Logiciel: AM-DeadLink 4.4 - (.www.aignes.com.) [HKLM] -- aignesamdeadlink_is1

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX 64

O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM] -- WT087420

O42 - Logiciel: Alcor Micro USB Card Reader - (.Nom de votre société.) [HKLM] -- InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}

O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1

O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT087428

O42 - Logiciel: CamStudio - (.Pas de propriétaire.) [HKLM] -- CamStudio

O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT087453

O42 - Logiciel: Clean Virus MSN - (.AxBx.) [HKLM] -- Clean Virus MSN_is1

O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: DJ Mix Lite - (.Pas de propriétaire.) [HKLM] -- DJ Mix Lite

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: Deezer Desktop - (.UNKNOWN.) [HKLM] -- DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1

O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT087536

O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM] -- Emsisoft Anti-Malware_is1

O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT087361

O42 - Logiciel: Fotosizer 1.31 - (.Fotosizer.com.) [HKLM] -- Fotosizer

O42 - Logiciel: Free Music Zilla - (.FreeMusicZilla.com.) [HKLM] -- Free Music Zilla_is1

O42 - Logiciel: Free Video Joiner 1.1 - (.FreeVideoJoiner.com.) [HKLM] -- {14FA6DD9-92ED-493D-A937-81A78870E08A}_is1

O42 - Logiciel: HP Game Console - (.WildTangent.) [HKLM] -- My HP Game Console

O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}

O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}

O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}

O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}

O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}

O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}

O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}

O42 - Logiciel: Hercules Dualpix HD - (.Hercules.) [HKLM] -- {59579B12-97E6-437E-B988-BA032165D355}

O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT087480

O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT087485

O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM] -- WT087490

O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM] -- WT087380

O42 - Logiciel: K-Lite Codec Pack 7.2.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM] -- LameACM

O42 - Logiciel: Light Image Resizer 4.0.6.8 - (.ObviousIdea.) [HKLM] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1

O42 - Logiciel: Live Media Plugin (Todae) - (.Todae.fr.) [HKLM] -- Live Media

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM] -- Microsoft IntelliPoint 8.2

O42 - Logiciel: Mises à jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller

O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver

O42 - Logiciel: NVIDIA 3D Vision Controller Driver 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB

O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX

O42 - Logiciel: NVIDIA Pilote 3D Vision 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision

O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.22.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver

O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo

O42 - Logiciel: NoVirusThanks Malware Remover Free 3.1 - (.NoVirusThanks Company Srl.) [HKLM] -- {C206F5C2-9C03-4FA1-8927-055E6D90488B}_is1

O42 - Logiciel: Orange Inside - (.Orange.) [HKCU] -- Orange Inside

O42 - Logiciel: Orange Installeur version 1.2.2.0 - (.Orange.) [HKLM] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.2.0

O42 - Logiciel: Orange Web Player 1.212788 - (.Orange.) [HKLM] -- Orange Web Player_is1

O42 - Logiciel: Orange WebTV Player 1.29418 - (.Orange.) [HKLM] -- Orange WebTV Player_is1

O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Package de pilotes Windows - eMPIA Technology Inc, (emAudio) MEDIA (06/22/2007 5.7.0622.0) - (.eMPIA Technology Inc,.) [HKLM] -- A5664D4A72F1AB05DE12885777A69C3EE46F204A

O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT087394

O42 - Logiciel: Photo Magician 1.9.2.0 - (.Sheldon Solutions.) [HKLM] -- {AF766933-2E99-4D86-916E-FEA0A482B89E}_is1

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT087501

O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT087396

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: QMC - (.Pas de propriétaire.) [HKCU] -- QUICKMEDIACONVERTER

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}

O42 - Logiciel: Sansa Media Converter - (.Pas de propriétaire.) [HKLM] -- {FC053571-8507-44E4-8B6D-AACEAB8CA57C}

O42 - Logiciel: Sansa Updater - (.SanDisk Corporation.) [HKCU] -- Sansa Updater

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Serveur Média - (.PacketVideo.) [HKLM] -- TwonkyMediaServeur Média

O42 - Logiciel: Shuangs Audio Joiner 1.0 - (.ShuangSoft, Inc..) [HKLM] -- Shuangs Audio Joiner_is1

O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM] -- WT087510

O42 - Logiciel: Sophos Anti-Rootkit 1.5.0 - (.Sophos Plc.) [HKLM] -- Sophos-AntiRootkit

O42 - Logiciel: Spyware Terminator 2012 - (.Crawler.com.) [HKLM] -- {56736259-613E-4A3B-B428-6235F2E76F44}_is1

O42 - Logiciel: SqueezePlay 7.5.0 - (.Logitech.) [HKLM] -- {09B790E3-21E3-4D1A-8130-AAA9227C9785}_is1

O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab

O42 - Logiciel: Total Video Converter 3.61 100319 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.61_is1

O42 - Logiciel: Trojan Remover 6.8.2 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1

O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM] -- WT087513

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM] -- WT087519

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM] -- Xvid Video Codec 1.3.0

O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT087533

O42 - Logiciel: barre d'outils Orange - (.Orange.) [HKLM] -- OrangeToolbar

O42 - Logiciel: mediAvatar MKV Converter - (.mediAvatar.) [HKLM] -- mediAvatar MKV Converter

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\ASProtect]

[HKCU\Software\AVAST Software]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\F-Secure]

[HKCU\Software\AppDataLow\LastScanTime]

[HKCU\Software\AppDataLow\Software\DivX]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Orange]

[HKCU\Software\AppDataLow\Software\Unity]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Audacity]

[HKCU\Software\Auslogics]

[HKCU\Software\Avg]

[HKCU\Software\Avira]

[HKCU\Software\BitDefender]

[HKCU\Software\Bits&Coffee]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CocoonSoftware]

[HKCU\Software\CyberLink]

[HKCU\Software\Cygwin]

[HKCU\Software\DVD Decrypter]

[HKCU\Software\Digital River]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\Driver Magician]

[HKCU\Software\ESET]

[HKCU\Software\Eraser]

[HKCU\Software\F-Secure]

[HKCU\Software\FlasK Development]

[HKCU\Software\Fotosizer]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\GridinSoft]

[HKCU\Software\Haali]

[HKCU\Software\Hercules]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IDAVLab]

[HKCU\Software\IM Providers]

[HKCU\Software\IPC software]

[HKCU\Software\InnoShock]

[HKCU\Software\InterVideo]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavasoft]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\M4ng]

[HKCU\Software\MONOGRAM]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Muvee Consumer)]

[HKCU\Software\MainConcept (Muvee)]

[HKCU\Software\Mainconcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaInfo]

[HKCU\Software\MicroWorld]

[HKCU\Software\MooSoft Development]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\NoVirusThanks]

[HKCU\Software\Norton]

[HKCU\Software\O&O]

[HKCU\Software\ObviousIdea]

[HKCU\Software\OrangeInside]

[HKCU\Software\PC SOFT]

[HKCU\Software\PDFCreator]

[HKCU\Software\Pegasys Inc.]

[HKCU\Software\Policies]

[HKCU\Software\Proantivirus Lab]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\Ripp-it]

[HKCU\Software\SUPERAntiSpyware.com]

[HKCU\Software\SWiSHzone.com]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SanDisk]

[HKCU\Software\Simply Super Software]

[HKCU\Software\Skype]

[HKCU\Software\Softonic]

[HKCU\Software\Spotify]

[HKCU\Software\Spyware Terminator]

[HKCU\Software\Sysinternals]

[HKCU\Software\TechSmith]

[HKCU\Software\Todae]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\Unity]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VFPlugin]

[HKCU\Software\VirtuaMedia]

[HKCU\Software\VirtualDub.org]

[HKCU\Software\Wget]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\aignes]

[HKCU\Software\antiufo]

[HKCU\Software\chermenin]

[HKCU\Software\cybelsoft]

[HKCU\Software\madFlac]

[HKCU\Software\mediAvatar]

[HKCU\Software\mkvconverter]

[HKCU\Software\tvp]

[HKCU\Software\udse]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVG]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Aleesoft]

[HKLM\Software\AntiTrojanElite]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Avira]

[HKLM\Software\Bits&Coffee]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CDDB]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\Cyberlink]

[HKLM\Software\Debug]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\DjMixerStudio]

[HKLM\Software\ESET]

[HKLM\Software\EasyBits]

[HKLM\Software\Emsi Software GmbH]

[HKLM\Software\Eset]

[HKLM\Software\Free Music Zilla]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hercules Technologies]

[HKLM\Software\Hercules]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\Hitman Pro]

[HKLM\Software\IDAVLab]

[HKLM\Software\IVIIS]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Khronos]

[HKLM\Software\L&H]

[HKLM\Software\Lavasoft]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MicroWorld]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NewspaperDirect]

[HKLM\Software\Nullsoft]

[HKLM\Software\ODBC]

[HKLM\Software\ObviousIdea]

[HKLM\Software\Orange]

[HKLM\Software\PDFComplete]

[HKLM\Software\PDFCreator]

[HKLM\Software\Panda Software]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\SUPERAntiSpyware.com]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Sandisk]

[HKLM\Software\ScanSoft]

[HKLM\Software\SecureDigitalServices]

[HKLM\Software\Sheldon Solutions]

[HKLM\Software\Simply Super Software]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Spyware Terminator]

[HKLM\Software\Swearware]

[HKLM\Software\TerraTec Electronic GmbH]

[HKLM\Software\Todae]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\TwonkyMedia]

[HKLM\Software\USB2800]

[HKLM\Software\VideoLAN]

[HKLM\Software\Voice]

[HKLM\Software\Volatile]

[HKLM\Software\Webroot]

[HKLM\Software\WildTangent]

[HKLM\Software\Win32 Services]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Xvid Team]

[HKLM\Software\cybelsoft]

[HKLM\Software\iTinySoft]

[HKLM\Software\mediAvatar]

[HKLM\Software\muvee Technologies]

[HKLM\Software\swearware]

~ Scan Softwares in 00mn AMs

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 1/19/2011 - 4:07:20 PM - [23099562] ----D- C:\Program Files\ATI

O43 - CFD: 1/19/2011 - 4:07:22 PM - [0] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 4/25/2011 - 5:26:22 PM - [195922] ----D- C:\Program Files\Bonjour

O43 - CFD: 9/12/2011 - 2:48:04 PM - [763227453] ----D- C:\Program Files\Common Files

O43 - CFD: 1/10/2011 - 11:18:36 AM - [930272] ----D- C:\Program Files\DIFX

O43 - CFD: 5/16/2011 - 10:35:28 AM - [7727936] ----D- C:\Program Files\DivX

O43 - CFD: 2/24/2011 - 11:01:38 AM - [90256916] ----D- C:\Program Files\DVD Maker

O43 - CFD: 1/16/2011 - 11:52:46 AM - [2448629] ----D- C:\Program Files\Eraser

O43 - CFD: 7/5/2011 - 7:42:02 AM - [0] ----D- C:\Program Files\Google

O43 - CFD: 9/24/2010 - 3:29:28 AM - [9779088] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 8/26/2011 - 7:15:22 AM - [7439168] ----D- C:\Program Files\Hitman Pro 3.5

O43 - CFD: 9/24/2010 - 2:54:24 AM - [1705] ----D- C:\Program Files\hp

O43 - CFD: 8/10/2011 - 6:57:34 PM - [6654703] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 6/13/2011 - 5:20:16 PM - [1939563] ----D- C:\Program Files\iPod

O43 - CFD: 6/13/2011 - 5:20:32 PM - [2345448] ----D- C:\Program Files\iTunes

O43 - CFD: 9/6/2011 - 1:17:48 PM - [102755868] ----D- C:\Program Files\Java

O43 - CFD: 6/4/2011 - 3:18:56 PM - [8995738] ----D- C:\Program Files\ma-config.com

O43 - CFD: 7/14/2009 - 9:45:56 AM - [149237810] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 8/11/2011 - 7:51:28 AM - [44066413] ----D- C:\Program Files\Microsoft IntelliPoint

O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 4/27/2011 - 3:58:52 PM - [593166179] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 7/17/2011 - 7:53:40 AM - [387870] ----D- C:\Program Files\Orange

O43 - CFD: 9/24/2010 - 3:18:14 AM - [2178436] ----D- C:\Program Files\PlayReady

O43 - CFD: 1/3/2011 - 4:20:16 PM - [80563925] ----D- C:\Program Files\QuickMediaConverter

O43 - CFD: 9/24/2010 - 2:48:18 AM - [15791736] ----D- C:\Program Files\Realtek

O43 - CFD: 7/14/2009 - 7:32:40 AM - [36813993] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 2/24/2011 - 11:01:36 AM - [4039680] ----D- C:\Program Files\Windows Defender

O43 - CFD: 2/24/2011 - 11:01:38 AM - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 7/14/2011 - 7:49:42 AM - [7987385] ----D- C:\Program Files\Windows Live

O43 - CFD: 2/24/2011 - 11:01:38 AM - [6667776] ----D- C:\Program Files\Windows Mail

O43 - CFD: 2/24/2011 - 11:01:38 AM - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627636] ----D- C:\Program Files\Windows NT

O43 - CFD: 2/24/2011 - 11:01:38 AM - [5516056] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 2/24/2011 - 11:01:38 AM - [244736] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 2/24/2011 - 11:01:38 AM - [9889997] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 1/25/2011 - 9:06:04 AM - [6580905] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 8/16/2011 - 4:49:48 PM - [682948053] ----D- C:\Program Files\Common Files\BitDefender

O43 - CFD: 7/14/2011 - 7:48:40 AM - [60892734] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 12/21/2010 - 7:34:34 PM - [12194291] ----D- C:\Program Files\Common Files\System

O43 - CFD: 6/17/2011 - 1:28:16 PM - [12443103] ----D- C:\ProgramData\Adobe

O43 - CFD: 1/18/2011 - 10:33:46 AM - [495] ----D- C:\ProgramData\AmUStor

O43 - CFD: 1/25/2011 - 9:05:50 AM - [119496704] ----D- C:\ProgramData\Apple

O43 - CFD: 1/25/2011 - 9:06:58 AM - [40044144] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 7/29/2011 - 7:19:02 AM - [5716] ----D- C:\ProgramData\AVG10

O43 - CFD: 7/30/2011 - 8:55:56 AM - [64642797] ----D- C:\ProgramData\Avira

O43 - CFD: 2/5/2011 - 1:58:48 PM - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 7/9/2011 - 5:51:08 PM - [0] ----D- C:\ProgramData\boost_interprocess

O43 - CFD: 7/2/2011 - 9:47:32 AM - [155720] --H-D- C:\ProgramData\CanonBJ

O43 - CFD: 7/6/2011 - 12:29:28 PM - [96] --H-D- C:\ProgramData\Common Files

O43 - CFD: 12/24/2010 - 11:23:06 AM - [144940] ----D- C:\ProgramData\CyberLink

O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 5/16/2011 - 10:36:02 AM - [4459924] ----D- C:\ProgramData\DivX

O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 5/31/2011 - 7:43:54 AM - [144] ----D- C:\ProgramData\Driver Mender

O43 - CFD: 1/10/2011 - 2:57:42 PM - [144] ----D- C:\ProgramData\Driver Whiz

O43 - CFD: 7/9/2011 - 4:36:28 PM - [1211] ----D- C:\ProgramData\F-Secure

O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 7/4/2011 - 4:59:34 PM - [527024] ----D- C:\ProgramData\Google

O43 - CFD: 8/13/2011 - 2:04:22 PM - [4096] ----D- C:\ProgramData\Grisoft

O43 - CFD: 12/21/2010 - 10:38:02 AM - [68732165] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 8/26/2011 - 7:14:20 AM - [532280] ----D- C:\ProgramData\Hitman Pro

O43 - CFD: 6/4/2011 - 3:18:52 PM - [1278453] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 12/24/2010 - 5:29:46 PM - [16803314] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 2/14/2011 - 9:56:50 AM - [8192] ----D- C:\ProgramData\mediAvatar

O43 - CFD: 7/28/2011 - 9:21:46 AM - [20892877] ----D- C:\ProgramData\MFAData

O43 - CFD: 1/18/2011 - 9:23:12 AM - [144] ----D- C:\ProgramData\Micro Application

O43 - CFD: 7/16/2011 - 6:14:10 PM - [328764388] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 8/26/2011 - 10:52:44 AM - [57126912] ----D- C:\ProgramData\MicroWorld

O43 - CFD: 1/23/2011 - 5:19:52 PM - [717] ----D- C:\ProgramData\MSNRecorderMax

O43 - CFD: 1/26/2011 - 8:50:08 PM - [117236835] ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 9/24/2010 - 3:21:32 AM - [0] ----D- C:\ProgramData\NewspaperDirect

O43 - CFD: 9/14/2011 - 8:05:42 AM - [2285269] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 4/27/2011 - 3:56:32 PM - [578505] ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 7/9/2011 - 2:59:50 PM - [2022228] ----D- C:\ProgramData\Orange

O43 - CFD: 9/3/2011 - 12:35:38 PM - [67671112] ----D- C:\ProgramData\PC Tools

O43 - CFD: 1/21/2011 - 1:55:38 PM - [1531990] ----D- C:\ProgramData\Real

O43 - CFD: 1/13/2011 - 10:05:06 AM - [33008] ----D- C:\ProgramData\Recovery

O43 - CFD: 9/14/2011 - 8:06:28 AM - [11869070] ----D- C:\ProgramData\Serveur Média

O43 - CFD: 7/31/2011 - 5:11:46 PM - [7562122] ----D- C:\ProgramData\Simply Super Software

O43 - CFD: 2/2/2011 - 2:36:12 PM - [19451154] ----D- C:\ProgramData\Skype

O43 - CFD: 9/13/2011 - 3:00:46 PM - [42083243] ----D- C:\ProgramData\Spyware Terminator

O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 1/7/2011 - 6:47:06 PM - [187] ----D- C:\ProgramData\Sun

O43 - CFD: 2/1/2011 - 3:30:20 PM - [0] ----D- C:\ProgramData\TechSmith

O43 - CFD: 9/11/2011 - 1:40:36 PM - [491733] ---AD- C:\ProgramData\Temp

O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 1/18/2011 - 11:25:56 AM - [3387632] ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 9/24/2010 - 3:21:20 AM - [1873450921] ----D- C:\ProgramData\WildTangent

O43 - CFD: 9/24/2010 - 2:54:48 AM - [35063286] ----D- C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268}

O43 - CFD: 12/21/2010 - 10:32:22 AM - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}

O43 - CFD: 1/18/2011 - 11:24:06 AM - [18225664] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

O43 - CFD: 1/25/2011 - 9:07:10 AM - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 1/8/2011 - 11:07:44 AM - [6755850] ----D- C:\Users\ZINOU\AppData\Roaming\Adobe

O43 - CFD: 1/27/2011 - 11:12:56 AM - [21041] ----D- C:\Users\ZINOU\AppData\Roaming\aignes

O43 - CFD: 4/7/2011 - 9:02:46 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Apowersoft

O43 - CFD: 1/25/2011 - 9:08:12 AM - [211543] ----D- C:\Users\ZINOU\AppData\Roaming\Apple Computer

O43 - CFD: 3/15/2011 - 8:13:18 PM - [402] ----D- C:\Users\ZINOU\AppData\Roaming\ArcSoft

O43 - CFD: 1/4/2011 - 9:46:12 AM - [2309] ----D- C:\Users\ZINOU\AppData\Roaming\AudioXP

O43 - CFD: 2/8/2011 - 11:10:38 AM - [13272] ----D- C:\Users\ZINOU\AppData\Roaming\Auslogics

O43 - CFD: 7/6/2011 - 1:19:58 PM - [610] ----D- C:\Users\ZINOU\AppData\Roaming\AVG10

O43 - CFD: 7/30/2011 - 9:03:20 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Avira

O43 - CFD: 2/5/2011 - 1:58:52 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\AVS4YOU

O43 - CFD: 1/3/2011 - 4:19:58 PM - [18374021] ----D- C:\Users\ZINOU\AppData\Roaming\CocoonSoftware

O43 - CFD: 12/24/2010 - 11:23:04 AM - [107] ----D- C:\Users\ZINOU\AppData\Roaming\CyberLink

O43 - CFD: 1/8/2011 - 11:08:24 AM - [304699] ----D- C:\Users\ZINOU\AppData\Roaming\DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1

O43 - CFD: 9/13/2011 - 10:51:52 PM - [61698] ----D- C:\Users\ZINOU\AppData\Roaming\Digital Patrol

O43 - CFD: 12/27/2010 - 11:16:06 AM - [203530] ----D- C:\Users\ZINOU\AppData\Roaming\DivX

O43 - CFD: 8/26/2011 - 10:51:26 AM - [770] ----D- C:\Users\ZINOU\AppData\Roaming\Download Manager

O43 - CFD: 6/6/2011 - 1:19:52 PM - [199] ----D- C:\Users\ZINOU\AppData\Roaming\dvdcss

O43 - CFD: 7/9/2011 - 4:38:34 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\f-secure

O43 - CFD: 5/11/2011 - 5:28:08 PM - [543] ----D- C:\Users\ZINOU\AppData\Roaming\FMZilla

O43 - CFD: 3/10/2011 - 4:27:16 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\GetRightToGo

O43 - CFD: 12/20/2010 - 4:43:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Google

O43 - CFD: 12/28/2010 - 6:12:32 PM - [90809] ----D- C:\Users\ZINOU\AppData\Roaming\Hewlett-Packard

O43 - CFD: 9/13/2011 - 5:30:52 PM - [382] ----D- C:\Users\ZINOU\AppData\Roaming\HP Support Assistant

O43 - CFD: 12/21/2010 - 10:37:46 AM - [14763] ----D- C:\Users\ZINOU\AppData\Roaming\hpqLog

O43 - CFD: 9/13/2011 - 5:30:52 PM - [18115] ----D- C:\Users\ZINOU\AppData\Roaming\HpUpdate

O43 - CFD: 12/20/2010 - 3:53:08 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Identities

O43 - CFD: 12/22/2010 - 3:20:14 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\InstallShield

O43 - CFD: 8/15/2011 - 3:12:00 PM - [23944864] ----D- C:\Users\ZINOU\AppData\Roaming\m4ng

O43 - CFD: 12/20/2010 - 3:54:04 PM - [75055] ----D- C:\Users\ZINOU\AppData\Roaming\Macromedia

O43 - CFD: 12/24/2010 - 5:31:32 PM - [1035] ----D- C:\Users\ZINOU\AppData\Roaming\Malwarebytes

O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Media Center Programs

O43 - CFD: 8/17/2011 - 2:49:34 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Media Player Classic

O43 - CFD: 2/14/2011 - 9:57:16 AM - [30452938] ----D- C:\Users\ZINOU\AppData\Roaming\mediAvatar

O43 - CFD: 1/10/2011 - 2:18:04 PM - [30514540] -S--D- C:\Users\ZINOU\AppData\Roaming\Microsoft

O43 - CFD: 1/23/2011 - 5:15:18 PM - [22] ----D- C:\Users\ZINOU\AppData\Roaming\MSNRecorderMax

O43 - CFD: 3/7/2011 - 5:45:48 PM - [700175] ----D- C:\Users\ZINOU\AppData\Roaming\muvee Technologies

O43 - CFD: 2/14/2011 - 9:57:22 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\NVIDIA

O43 - CFD: 8/9/2011 - 12:31:02 PM - [36616] ----D- C:\Users\ZINOU\AppData\Roaming\ObviousIdea

O43 - CFD: 7/28/2011 - 7:41:48 AM - [2356856] ----D- C:\Users\ZINOU\AppData\Roaming\Orange

O43 - CFD: 9/12/2011 - 1:45:00 PM - [26983] ----D- C:\Users\ZINOU\AppData\Roaming\QuickScan

O43 - CFD: 2/5/2011 - 2:13:56 PM - [167656656] ----D- C:\Users\ZINOU\AppData\Roaming\Real

O43 - CFD: 3/16/2011 - 1:50:04 PM - [100054319] ----D- C:\Users\ZINOU\AppData\Roaming\SanDisk

O43 - CFD: 7/31/2011 - 5:11:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Simply Super Software

O43 - CFD: 7/30/2011 - 10:33:38 PM - [1142565] ----D- C:\Users\ZINOU\AppData\Roaming\Skype

O43 - CFD: 8/9/2011 - 4:20:56 PM - [2211313] ----D- C:\Users\ZINOU\AppData\Roaming\Spotify

O43 - CFD: 9/3/2011 - 1:18:58 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Spyware Terminator

O43 - CFD: 5/23/2011 - 2:06:44 PM - [512] ----D- C:\Users\ZINOU\AppData\Roaming\SqueezePlay

O43 - CFD: 7/31/2011 - 8:09:28 AM - [328060] ----D- C:\Users\ZINOU\AppData\Roaming\thecleaner

O43 - CFD: 6/19/2011 - 10:51:18 AM - [11425790] ----D- C:\Users\ZINOU\AppData\Roaming\Todae

O43 - CFD: 1/18/2011 - 11:24:44 AM - [137096] ----D- C:\Users\ZINOU\AppData\Roaming\TuneUp Software

O43 - CFD: 7/2/2011 - 1:26:54 PM - [3197764] ----D- C:\Users\ZINOU\AppData\Roaming\uTorrent

O43 - CFD: 7/4/2011 - 9:25:44 AM - [1785317] ----D- C:\Users\ZINOU\AppData\Roaming\vlc

O43 - CFD: 12/21/2010 - 10:31:10 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\WinBatch

O43 - CFD: 1/14/2011 - 4:35:48 PM - [295] ----D- C:\Users\ZINOU\AppData\Roaming\Windows Live Writer

O43 - CFD: 12/21/2010 - 5:59:24 PM - [12] ----D- C:\Users\ZINOU\AppData\Roaming\WinRAR

O43 - CFD: 1/8/2011 - 11:07:40 AM - [15445816] ----D- C:\Users\ZINOU\AppData\Local\Adobe

O43 - CFD: 1/25/2011 - 9:06:12 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\Apple

O43 - CFD: 3/15/2011 - 8:57:42 PM - [13124006] ----D- C:\Users\ZINOU\AppData\Local\Apple Computer

O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Application Data

O43 - CFD: 1/11/2011 - 5:24:06 PM - [673598] ----D- C:\Users\ZINOU\AppData\Local\Apps

O43 - CFD: 7/5/2011 - 9:37:22 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\COMODO

O43 - CFD: 9/14/2011 - 8:06:36 AM - [37657507] ----D- C:\Users\ZINOU\AppData\Local\CrashDumps

O43 - CFD: 12/21/2010 - 6:00:12 PM - [104448] ----D- C:\Users\ZINOU\AppData\Local\CyberLink

O43 - CFD: 4/7/2011 - 1:47:42 PM - [186] ----D- C:\Users\ZINOU\AppData\Local\DDMSettings

O43 - CFD: 1/11/2011 - 5:24:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\Deployment

O43 - CFD: 8/23/2011 - 12:51:12 PM - [1900290] ----D- C:\Users\ZINOU\AppData\Local\Diagnostics

O43 - CFD: 2/8/2011 - 10:31:34 AM - [26146304] ----D- C:\Users\ZINOU\AppData\Local\Downloaded Installations

O43 - CFD: 8/8/2011 - 9:01:00 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\ElevatedDiagnostics

O43 - CFD: 1/21/2011 - 7:28:26 PM - [2779] ----D- C:\Users\ZINOU\AppData\Local\Eraser 6

O43 - CFD: 7/4/2011 - 4:59:36 PM - [7165283] ----D- C:\Users\ZINOU\AppData\Local\Google

O43 - CFD: 12/21/2010 - 6:00:08 PM - [934777] ----D- C:\Users\ZINOU\AppData\Local\Hewlett-Packard

O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Historique

O43 - CFD: 12/21/2010 - 2:28:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\HP MediaSmart Video

O43 - CFD: 4/3/2011 - 3:46:16 PM - [1234638317] ----D- C:\Users\ZINOU\AppData\Local\Microsoft

O43 - CFD: 6/1/2011 - 6:40:10 PM - [69773] ----D- C:\Users\ZINOU\AppData\Local\Mixxx

O43 - CFD: 8/11/2011 - 11:38:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PackageAware

O43 - CFD: 1/7/2011 - 6:37:14 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PDFC

O43 - CFD: 12/21/2010 - 6:00:10 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PowerCinema

O43 - CFD: 5/26/2011 - 10:26:04 AM - [1052] ----D- C:\Users\ZINOU\AppData\Local\Sheldon_Solutions

O43 - CFD: 5/11/2011 - 3:43:54 PM - [3226] ----D- C:\Users\ZINOU\AppData\Local\Songr

O43 - CFD: 8/9/2011 - 4:18:58 PM - [290630046] ----D- C:\Users\ZINOU\AppData\Local\Spotify

O43 - CFD: 7/9/2011 - 4:38:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\Sunbelt Software

O43 - CFD: 2/1/2011 - 3:24:26 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\TechSmith

O43 - CFD: 9/14/2011 - 10:16:58 AM - [191666] ----D- C:\Users\ZINOU\AppData\Local\Temp

O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Temporary Internet Files

O43 - CFD: 1/11/2011 - 5:24:18 PM - [210158] ----D- C:\Users\ZINOU\AppData\Local\Unity

O43 - CFD: 5/2/2011 - 2:28:38 PM - [137610657] ----D- C:\Users\ZINOU\AppData\Local\VirtualStore

O43 - CFD: 1/3/2011 - 4:19:44 PM - [275] ----D- C:\Users\ZINOU\AppData\Local\WDSetup

O43 - CFD: 9/12/2011 - 8:12:42 AM - [159744] ----D- C:\Users\ZINOU\AppData\Local\Windows Live

O43 - CFD: 1/9/2011 - 2:02:54 PM - [648463] ----D- C:\Users\ZINOU\AppData\Local\Windows Live Writer

O43 - CFD: 4/10/2011 - 11:32:26 AM - [2824] ----D- C:\Users\ZINOU\AppData\Local\zoug

O43 - CFD: 8/22/2011 - 6:13:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{042DE90B-9309-4C36-A58B-D4FF832994E9}

O43 - CFD: 8/16/2011 - 8:56:42 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{07D682C2-88D6-439F-B14E-853755ED630B}

O43 - CFD: 9/11/2011 - 9:55:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{0ED77867-F1F5-44C9-9D56-AABB2391BC58}

O43 - CFD: 8/29/2011 - 1:44:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{1BF7ADB0-8AA3-49CC-AB58-9FCF54583917}

O43 - CFD: 9/12/2011 - 8:12:20 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{1D9708A4-170E-495C-AE69-3E4824BAA2B7}

O43 - CFD: 8/23/2011 - 1:51:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{23123C98-4F9B-4D83-92D1-1316CBEF31A8}

O43 - CFD: 8/20/2011 - 8:55:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{36169623-578D-46ED-AF0D-5AB667607BD4}

O43 - CFD: 8/18/2011 - 4:42:30 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{46B4FDDC-3787-41AE-BE57-A32EBB9C9817}

O43 - CFD: 9/7/2011 - 12:11:00 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{49A04078-56B7-4407-B81B-8F89EE42CC19}

O43 - CFD: 8/20/2011 - 8:55:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4A78A985-B046-4252-822D-0AB0B874717B}

O43 - CFD: 9/6/2011 - 9:36:28 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4F38D26A-E279-4421-859B-C341F73A82C7}

O43 - CFD: 9/10/2011 - 1:57:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4FF470B5-8582-4B81-A14D-2C91F52D87F5}

O43 - CFD: 9/7/2011 - 12:10:48 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{52589771-E9A8-4C1C-8F8E-24D0F651D757}

O43 - CFD: 8/29/2011 - 1:44:58 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5900CCF3-2EBD-4682-98BE-D7495EEF88DA}

O43 - CFD: 8/23/2011 - 1:51:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5EB902B3-EDD4-4067-9AD3-C4C87133CBE0}

O43 - CFD: 9/1/2011 - 2:28:12 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5F01330B-799E-486C-986C-FC952997C03E}

O43 - CFD: 9/8/2011 - 11:19:42 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5F363922-760E-4409-B9F3-1BAA549C44B0}

O43 - CFD: 9/9/2011 - 10:35:16 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{611232E4-1ED6-40E7-8E4C-BE8C6EDDBA21}

O43 - CFD: 8/22/2011 - 6:13:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{6CB0E8B3-DF62-41B7-899C-F1AFBF21D57A}

O43 - CFD: 9/10/2011 - 1:58:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{78BD99D0-66D9-4AD9-B485-3A5B8E68D421}

O43 - CFD: 9/11/2011 - 9:56:02 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{7E90DEA2-6E41-4A50-BAD1-B2A568A618B3}

O43 - CFD: 9/5/2011 - 7:22:14 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8242AAE1-28D2-45D1-A424-98BA36CE1FD1}

O43 - CFD: 9/2/2011 - 1:44:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{839D2294-64BB-4092-9768-F1FC54427368}

O43 - CFD: 8/26/2011 - 3:51:00 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8A9B0AD2-409A-45F8-91EC-3B27EB3C83F1}

O43 - CFD: 9/1/2011 - 2:28:26 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8E8866AD-1E0D-4384-9986-EB6706E0A31A}

O43 - CFD: 8/20/2011 - 8:56:10 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{91677D36-54C9-4144-85B6-FEC9DE7F1AF8}

O43 - CFD: 9/9/2011 - 10:35:26 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{AF1BA447-B8D0-4404-97D1-A1718AC5CDE1}

O43 - CFD: 9/3/2011 - 8:00:06 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{B3D97126-8E3B-4D03-8949-A6A00F7E3EF7}

O43 - CFD: 9/12/2011 - 8:12:32 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{B9B4AEC1-998B-440D-9797-7FE7F53E923D}

O43 - CFD: 8/25/2011 - 10:11:02 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{BA2E2C7A-EFAC-467A-8473-6AAC3B74F3A7}

O43 - CFD: 9/6/2011 - 9:36:38 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C17343B9-90DD-49E8-8584-CD6F621B6D7A}

O43 - CFD: 9/2/2011 - 1:43:52 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C5196FCA-6E02-4160-BCDC-AB60C9B2BA6D}

O43 - CFD: 8/20/2011 - 8:56:00 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C972CD00-74E3-43D4-B931-F68F173345A7}

O43 - CFD: 8/31/2011 - 1:15:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{CBA3B6FB-0253-4870-935D-13BD60BA9922}

O43 - CFD: 9/8/2011 - 11:19:30 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D066336A-CFD0-4DC6-9074-63FA684C9642}

O43 - CFD: 9/5/2011 - 7:22:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D566C392-CE4A-40EA-A7C7-7894E8C1DDA4}

O43 - CFD: 9/2/2011 - 12:05:10 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D76865D2-FB11-424C-B901-99DB369F6692}

O43 - CFD: 9/4/2011 - 7:42:42 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DBED5189-1BA0-4191-A5E6-532AD243D72F}

O43 - CFD: 8/31/2011 - 1:15:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DCAF9654-2688-428E-A342-79AA2F504DCE}

O43 - CFD: 8/24/2011 - 1:39:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DCCB26DF-7A59-4AFF-9933-150AC1A4DAAB}

O43 - CFD: 8/18/2011 - 4:42:20 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{EAEAF148-8B91-4217-BAB8-EB7A94F25546}

O43 - CFD: 8/24/2011 - 1:40:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{EAFF6388-6E8C-43A9-8075-54C7A03597D6}

O43 - CFD: 9/3/2011 - 7:59:54 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{F357F7B4-719F-4020-B831-51379EDB796C}

O43 - CFD: 8/25/2011 - 10:10:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{F4F1AC4D-F6FB-43B5-928D-A029C65A023F}

O43 - CFD: 9/4/2011 - 7:42:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{FF4394C4-656D-4ABA-ACB1-13E4E4B73BC1}

O43 - CFD: 6/17/2011 - 1:28:14 PM - [164336192] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 2/5/2011 - 4:00:12 PM - [0] ----D- C:\Program Files (x86)\Aleesoft

O43 - CFD: 1/27/2011 - 11:10:52 AM - [2423013] ----D- C:\Program Files (x86)\AM-DeadLink

O43 - CFD: 1/18/2011 - 10:33:48 AM - [3037097] ----D- C:\Program Files (x86)\AmIcoSingLun

O43 - CFD: 8/12/2011 - 1:14:42 PM - [406] ----D- C:\Program Files (x86)\Anti Trojan Elite

O43 - CFD: 1/25/2011 - 9:06:12 AM - [2306366] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 9/3/2011 - 5:31:04 PM - [0] ----D- C:\Program Files (x86)\Arovax AntiSpyware

O43 - CFD: 12/27/2010 - 9:23:56 PM - [8691689] ----D- C:\Program Files (x86)\Audacity

O43 - CFD: 2/8/2011 - 11:10:32 AM - [9226698] ----D- C:\Program Files (x86)\Auslogics

O43 - CFD: 7/6/2011 - 1:15:30 PM - [390472] ----D- C:\Program Files (x86)\AVG

O43 - CFD: 7/30/2011 - 8:55:56 AM - [157273471] ----D- C:\Program Files (x86)\Avira

O43 - CFD: 4/26/2011 - 4:25:28 PM - [5869407] ----D- C:\Program Files (x86)\AviSynth 2.5

O43 - CFD: 2/5/2011 - 2:01:58 PM - [12440153] ----D- C:\Program Files (x86)\AVS4YOU

O43 - CFD: 4/25/2011 - 5:26:22 PM - [621242] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 8/15/2011 - 3:00:48 PM - [8327481] ----D- C:\Program Files (x86)\CamStudio

O43 - CFD: 9/12/2011 - 2:48:04 PM - [776709018] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 9/24/2010 - 3:03:10 AM - [1346142688] ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 4/30/2011 - 12:38:02 PM - [2922581] ----D- C:\Program Files (x86)\Deezer

O43 - CFD: 5/16/2011 - 10:36:02 AM - [104675483] ----D- C:\Program Files (x86)\DivX

O43 - CFD: 4/23/2011 - 3:59:16 PM - [1258073] ----D- C:\Program Files (x86)\DJ Mix Lite

O43 - CFD: 5/30/2011 - 5:16:44 PM - [44470061] ----D- C:\Program Files (x86)\DjMixerStudio

O43 - CFD: 1/18/2011 - 10:21:00 AM - [1222150] ----D- C:\Program Files (x86)\Driver-Soft

O43 - CFD: 8/13/2011 - 3:35:12 PM - [106829922] ----D- C:\Program Files (x86)\EasyBits For Kids

O43 - CFD: 9/12/2011 - 7:11:04 AM - [149595880] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware

O43 - CFD: 7/26/2011 - 8:27:28 AM - [202166361] ----D- C:\Program Files (x86)\ESET

O43 - CFD: 2/8/2011 - 11:37:14 AM - [4212437] ----D- C:\Program Files (x86)\Fotosizer

O43 - CFD: 6/8/2011 - 3:38:38 PM - [3553863] ----D- C:\Program Files (x86)\Free Music Zilla

O43 - CFD: 1/27/2011 - 3:26:16 PM - [12536570] ----D- C:\Program Files (x86)\Free Video Joiner

O43 - CFD: 7/5/2011 - 7:42:02 AM - [31240728] ----D- C:\Program Files (x86)\Google

O43 - CFD: 8/14/2011 - 7:20:14 AM - [6172097] ----D- C:\Program Files (x86)\GridinSoft Trojan Killer

O43 - CFD: 8/13/2011 - 2:29:22 PM - [41] ----D- C:\Program Files (x86)\Grisoft

O43 - CFD: 12/23/2010 - 9:16:10 AM - [26223398] ----D- C:\Program Files (x86)\Hercules

O43 - CFD: 12/21/2010 - 10:33:00 AM - [1566519255] ----D- C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 9/24/2010 - 2:58:24 AM - [3123440] ----D- C:\Program Files (x86)\Hp

O43 - CFD: 9/24/2010 - 3:21:24 AM - [284033140] ----D- C:\Program Files (x86)\HP Games

O43 - CFD: 5/31/2011 - 8:01:18 AM - [177874688] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 1/10/2011 - 3:20:08 PM - [96668] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 8/10/2011 - 6:57:34 PM - [5347553] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 6/13/2011 - 5:20:30 PM - [126499047] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 9/11/2011 - 3:43:18 PM - [95889619] ----D- C:\Program Files (x86)\Java

O43 - CFD: 6/21/2011 - 9:03:16 AM - [49835545] ----D- C:\Program Files (x86)\K-Lite Codec Pack

O43 - CFD: 7/30/2011 - 12:06:10 PM - [6996189] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 2/14/2011 - 9:56:50 AM - [94442582] ----D- C:\Program Files (x86)\mediAvatar

O43 - CFD: 7/16/2011 - 6:14:10 PM - [0] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 1/31/2011 - 1:13:28 PM - [0] ----D- C:\Program Files (x86)\Microsoft Antimalware

O43 - CFD: 1/30/2011 - 10:36:56 AM - [34307107] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 6/16/2011 - 8:17:02 AM - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 7/14/2011 - 7:52:26 AM - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 12/20/2010 - 9:43:48 PM - [15715] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 2/6/2011 - 3:20:22 PM - [10667746] ----D- C:\Program Files (x86)\mkv2vob

O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 1/4/2011 - 3:26:12 PM - [66546585] ----D- C:\Program Files (x86)\MSECache

O43 - CFD: 7/16/2011 - 7:59:46 AM - [11804] ----D- C:\Program Files (x86)\MSSOAP

O43 - CFD: 12/20/2010 - 4:47:44 PM - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 1/26/2011 - 8:47:26 PM - [40217332] ----D- C:\Program Files (x86)\muvee Technologies

O43 - CFD: 9/24/2010 - 3:21:32 AM - [7515506] ----D- C:\Program Files (x86)\NewspaperDirect

O43 - CFD: 8/26/2011 - 7:22:00 AM - [19670458] ----D- C:\Program Files (x86)\NoVirusThanks

O43 - CFD: 4/26/2011 - 2:12:50 PM - [111596855] ----D- C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 5/2/2011 - 8:47:04 AM - [35491648] ----D- C:\Program Files (x86)\ObviousIdea

O43 - CFD: 12/20/2010 - 3:49:44 PM - [20281413] R---D- C:\Program Files (x86)\Online Services

O43 - CFD: 9/4/2011 - 5:25:34 PM - [47041692] ----D- C:\Program Files (x86)\Orange

O43 - CFD: 8/24/2011 - 7:35:12 AM - [0] ----D- C:\Program Files (x86)\Panda Security

O43 - CFD: 9/4/2011 - 7:24:10 AM - [144656] ----D- C:\Program Files (x86)\PC Tools Security

O43 - CFD: 6/13/2011 - 10:50:10 AM - [30640621] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 8/21/2011 - 9:00:10 AM - [183808] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 6/25/2011 - 6:32:04 PM - [95909788] ----D- C:\Program Files (x86)\Real

O43 - CFD: 4/1/2011 - 10:38:08 AM - [51061071] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 7/14/2009 - 7:32:40 AM - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 3/16/2011 - 2:32:26 PM - [85448757] ----D- C:\Program Files (x86)\SanDisk

O43 - CFD: 8/10/2011 - 2:07:44 PM - [18056185] ----D- C:\Program Files (x86)\ScanSoft

O43 - CFD: 9/14/2011 - 8:05:42 AM - [13736319] ----D- C:\Program Files (x86)\Serveur Media

O43 - CFD: 5/26/2011 - 10:25:52 AM - [7170794] ----D- C:\Program Files (x86)\Sheldon Solutions

O43 - CFD: 3/10/2011 - 4:33:26 PM - [1575693] ----D- C:\Program Files (x86)\Shuangs Audio Joiner

O43 - CFD: 2/2/2011 - 2:36:16 PM - [25623426] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 8/16/2011 - 6:46:14 PM - [2873747] ----D- C:\Program Files (x86)\Sophos

O43 - CFD: 5/10/2011 - 5:25:04 PM - [5344094] ----D- C:\Program Files (x86)\Spotify

O43 - CFD: 9/4/2011 - 9:58:16 AM - [5145259] ----D- C:\Program Files (x86)\Spybot - Search & Destroy

O43 - CFD: 9/3/2011 - 1:19:08 PM - [19741681] ----D- C:\Program Files (x86)\Spyware Terminator

O43 - CFD: 5/23/2011 - 2:06:24 PM - [43847197] ----D- C:\Program Files (x86)\Squeezebox

O43 - CFD: 4/26/2011 - 1:22:54 PM - [768113] ----D- C:\Program Files (x86)\SystemRequirementsLab

O43 - CFD: 4/27/2011 - 3:38:42 PM - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 3/9/2011 - 9:39:26 AM - [53257311] ----D- C:\Program Files (x86)\Total Video Converter

O43 - CFD: 7/31/2011 - 5:11:56 PM - [10163787] ----D- C:\Program Files (x86)\Trojan Remover

O43 - CFD: 8/12/2011 - 8:20:10 PM - [0] ----D- C:\Program Files (x86)\Trojan Remover 1.2

O43 - CFD: 7/14/2009 - 6:57:08 AM - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 12/29/2010 - 5:21:16 PM - [84718031] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 3/5/2011 - 2:13:58 PM - [0] ----D- C:\Program Files (x86)\Winamp

O43 - CFD: 7/14/2011 - 7:54:48 AM - [189778394] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 2/24/2011 - 11:01:40 AM - [6181376] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 2/24/2011 - 11:01:38 AM - [8278928] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 7/14/2009 - 7:32:40 AM - [12197556] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 2/24/2011 - 11:01:38 AM - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 2/24/2011 - 11:01:40 AM - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 2/24/2011 - 11:01:40 AM - [6371452] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 12/21/2010 - 5:59:02 PM - [3886217] ----D- C:\Program Files (x86)\WinRAR

O43 - CFD: 6/1/2011 - 10:23:14 AM - [21114589] ----D- C:\Program Files (x86)\Xvid

O43 - CFD: 9/14/2011 - 10:21:42 AM - [4182896] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 6/17/2011 - 1:28:18 PM - [3606170] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 8/9/2011 - 4:22:28 PM - [31529878] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 6/13/2011 - 5:20:16 PM - [86144520] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 2/5/2011 - 2:02:00 PM - [179547] ----D- C:\Program Files (x86)\Common Files\AVSMedia

O43 - CFD: 5/16/2011 - 10:35:02 AM - [24006656] ----D- C:\Program Files (x86)\Common Files\DivX Shared

O43 - CFD: 8/10/2011 - 2:06:34 PM - [8905847] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 9/11/2011 - 3:43:54 PM - [1239723] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 9/24/2010 - 3:11:04 AM - [38513660] ---AD- C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 9/24/2010 - 3:09:56 AM - [51570] ---AD- C:\Program Files (x86)\Common Files\LS Getting Started

O43 - CFD: 7/14/2011 - 7:48:38 AM - [132899986] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 8/26/2011 - 10:52:44 AM - [0] ----D- C:\Program Files (x86)\Common Files\MicroWorld

O43 - CFD: 7/16/2011 - 7:59:46 AM - [707584] ----D- C:\Program Files (x86)\Common Files\MSSoap

O43 - CFD: 1/26/2011 - 8:47:38 PM - [106494825] ----D- C:\Program Files (x86)\Common Files\muvee Technologies

O43 - CFD: 9/4/2011 - 7:24:10 AM - [779696] ----D- C:\Program Files (x86)\Common Files\PC Tools

O43 - CFD: 12/22/2010 - 5:52:04 PM - [4740928] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 6/25/2011 - 6:32:24 PM - [0] ----D- C:\Program Files (x86)\Common Files\Real

O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 7/14/2009 - 5:20:10 AM - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 12/21/2010 - 7:34:32 PM - [10245619] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 1/19/2011 - 2:53:16 PM - [0] ----D- C:\Program Files (x86)\Common Files\TerraTec

O43 - CFD: 12/20/2010 - 3:46:36 PM - [276367460] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 2/6/2011 - 3:19:44 PM - [8836608] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

O43 - CFD: 6/25/2011 - 6:31:58 PM - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared

~ Scan Program Folder in 34mn AMs

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 11/7/2010 - 6:20:24 PM ---A- . (...) -- C:\Windows\MBR.exe [208896]

O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 6/26/2011 - 7:45:56 AM ---A- . (...) -- C:\Windows\PEV.exe [256000]

O44 - LFC:[MD5.22104AFBCBF41EF3D3982707268546E5] - 8/16/2011 - 4:04:33 PM ---A- . (...) -- C:\bdlog.txt [8401]

O44 - LFC:[MD5.53BA8E9693581FBAB0FBDED7DD143355] - 8/26/2011 - 1:43:25 PM ---A- . (...) -- C:\Windows\REGBK00.ZIP [17080047]

O44 - LFC:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 8/26/2011 - 6:15:21 AM RSHAD . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\drivers\hitmanpro35.sys [25160]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 8/27/2011 - 6:04:42 AM ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.187472C67377994BBA4A410D2CDCABD1] - 8/27/2011 - 8:55:43 AM ---A- . (...) -- C:\Windows\ntbtlog.txt [296596]

O44 - LFC:[MD5.CB8F27F1079A9F140B22508D04E6454B] - 8/30/2011 - 9:53:43 AM ---A- . (...) -- C:\Windows\UPDLL.LOG [1796]

O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\grep.exe [80412]

O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\sed.exe [98816]

O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\zip.exe [68096]

O44 - LFC:[MD5.3521CD4DC0F1020648836B4777B5DB12] - 9/10/2011 - 12:39:43 PM ---A- . (...) -- C:\Windows\win.ini [891]

O44 - LFC:[MD5.D34B612DFBA2D401204E4B6B902DFE8F] - 9/10/2011 - 12:40:18 PM ---A- . (...) -- C:\Windows\Lic.xxx [56]

O44 - LFC:[MD5.DCDF3C155B21B4B6346892D2A7E05A7E] - 9/11/2011 - 4:27:48 PM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 9/12/2011 - 1:44:52 PM ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416]

O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 9/12/2011 - 1:44:52 PM ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144]

O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 9/12/2011 - 1:44:52 PM ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528]

O44 - LFC:[MD5.B70EACB82B9FFDA061199D0E2C67AB2F] - 9/12/2011 - 1:51:37 PM ---A- . (...) -- C:\Windows\PFRO.log [17208]

O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 9/12/2011 - 1:53:05 PM ---A- . (...) -- C:\Windows\system.ini [215]

O44 - LFC:[MD5.9433D9FB3205899323ADF6BB4158CF9F] - 9/12/2011 - 1:58:02 PM ---A- . (...) -- C:\ComboFix.txt [32439]

O44 - LFC:[MD5.7EE4545AD0A03963A5223A36B0E52161] - 9/12/2011 - 9:20:27 AM ---A- . (...) -- C:\TDSSKiller.2.5.21.0_12.09.2011_10.19.15_log.txt [51046]

O44 - LFC:[MD5.B198AB98FBEFBFA7746BD98CDB48FBE6] - 9/14/2011 - 7:04:59 AM ---A- . (...) -- C:\aaw7boot.log [2460]

O44 - LFC:[MD5.A98B0E8155B37EAF6131735AC84113B0] - 9/14/2011 - 7:05:19 AM -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.E4E715D693BDF668E8CB98552ABAF409] - 9/14/2011 - 7:05:21 AM ---A- . (...) -- C:\Windows\setupact.log [2408]

O44 - LFC:[MD5.11B64191A8B3755D03444EE9E359AA49] - 9/14/2011 - 7:20:08 AM ---A- . (...) -- C:\Windows\WindowsUpdate.log [783933]

O44 - LFC:[MD5.94F2B6A61A825519F0F36AF3C1A57C82] - 9/3/2011 - 11:22:47 AM RSHAD . (...) -- C:\Windows\system32\drivers\Cat.DB [1800100]

O44 - LFC:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 9/3/2011 - 12:18:58 PM RSHAD . (.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\system32\drivers\stflt.sys [51496]

O44 - LFC:[MD5.B9FD129D82655A28D9165AFD471B71C1] - 9/4/2011 - 4:27:55 PM ---A- . (...) -- C:\Windows\DirectX.log [75574]

O44 - LFC:[MD5.8833455D54C7783B0B11BD58F77B209B] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [525544]

O44 - LFC:[MD5.F746FD41625D5FFE4D10A4C0BFE13316] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\java.exe [171808]

O44 - LFC:[MD5.DDE850A07810C49B2FE7E45B3BFFF6B2] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [171808]

O44 - LFC:[MD5.13A0D57FEB2CC1D543F953BEA2339FCB] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [190752]

O44 - LFC:[MD5.8833455D54C7783B0B11BD58F77B209B] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525544]

O44 - LFC:[MD5.F746FD41625D5FFE4D10A4C0BFE13316] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [171808]

O44 - LFC:[MD5.DDE850A07810C49B2FE7E45B3BFFF6B2] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [171808]

O44 - LFC:[MD5.13A0D57FEB2CC1D543F953BEA2339FCB] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [190752]

O44 - LFC:[MD5.87832DD7249AAA772CB8AD79C114A0E5] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]

O44 - LFC:[MD5.826F4268068EB54A7111A94C31428203] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190]

O44 - LFC:[MD5.29757208CFED9545C6424DF8EC7D790C] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548]

O44 - LFC:[MD5.E5AEADA25BDCA39726FD6395ADF86890] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810]

O44 - LFC:[MD5.6B1A790ADD4BBCD07E39D7688754FA3D] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242]

O44 - LFC:[MD5.87832DD7249AAA772CB8AD79C114A0E5] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700]

O44 - LFC:[MD5.826F4268068EB54A7111A94C31428203] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106190]

O44 - LFC:[MD5.29757208CFED9545C6424DF8EC7D790C] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130548]

O44 - LFC:[MD5.E5AEADA25BDCA39726FD6395ADF86890] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfh009.dat [615810]

O44 - LFC:[MD5.6B1A790ADD4BBCD07E39D7688754FA3D] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704242]

~ Scan Files in 38mn AMs

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Free Music Zilla\FMZilla.exe" [Enabled] .(.Pas de propriétaire - FMZilla Module.) -- C:\Program Files (x86)\Free Music Zilla\FMZilla.exe

~ Scan Keys in 00mn AMs

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro35.sys . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\Drivers\hitmanpro35.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn AMs

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.CSCD"="camcodec.dll" . (.RenderSoft Software. - CamStudio lossless video codec.) -- C:\Windows\system32\camcodec.dll

O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll

~ Scan Keys in 00mn AMs

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\CamserviceHD [Key] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Dualpix HD\XtrCtrl.exe

O53 - SMSR:HKLM\...\startupreg\DivX Download Manager [Key] . (.DivX, LLC - DivX Download Manager Service.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe

O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

~ Scan SMSR Keys in 00mn AMs

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn AMs

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

~ Scan Keys in 00mn AMs

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=153

O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=153

~ Scan Keys in 00mn AMs

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 6/10/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 7/14/2009 - 2:52:21 AM RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 6/10/2009 - 2:52:20 AM RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 7/30/2011 - 11:15:15 AM RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288]

O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 7/30/2011 - 11:15:16 AM RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 6/10/2009 - 9:34:23 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 7/14/2009 - 2:19:07 AM RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 6/10/2009 - 9:34:28 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.7FDC91FAC8E72F24E3E2B3D22B5E3F63] - 12/20/2010 - 4:43:34 PM RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\camfilt2.sys [146728]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 7/14/2009 - 2:52:31 AM RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.A398ED024F739E7BE74ECFFA8A713A89] - 9/24/2010 - 5:43:50 PM RSHAD . (...) -- C:\Windows\system32\drivers\cpqdfw.sys [24376]

O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 9/24/2010 - 5:43:50 PM RSHAD . (...) -- C:\Windows\system32\drivers\cqcpu.sys [24376]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 6/10/2009 - 2:47:48 AM RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.8F34C3EDB39A25DDDDE20670B1613386] - 1/10/2011 - 5:59:50 PM RSHAD . (.eMPIA Technology, Inc. - USB EMP Audio Device.) -- C:\Windows\system32\drivers\emAudio64.sys [77824]

O58 - SDL:[MD5.9494736E4865F9B3A0A525EE9AB0D991] - 8/20/2010 - 3:45:28 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\system32\drivers\emBDA64.sys [654720]

O58 - SDL:[MD5.F18629B95D2F62180E1142F26D184A3D] - 1/7/2011 - 11:02:50 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx WDM Lower filter.) -- C:\Windows\system32\drivers\emFilter64.sys [12608]

O58 - SDL:[MD5.612FC1CB117CCF62D3C55488C8AEBD82] - 8/20/2010 - 3:44:48 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\system32\drivers\emOEM64.sys [943872]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 6/10/2009 - 9:34:33 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 7/14/2009 - 9:31:59 PM RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.8ED7D078B21B7E2DB15A69BFCBEE8691] - 12/20/2010 - 2:45:54 PM RSHAD . (.Guillemont Corporation - Stream Class Mini Driver.) -- C:\Windows\system32\drivers\HDvidvx.sys [186496]

O58 - SDL:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 8/26/2011 - 6:15:21 AM RSHAD . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\drivers\hitmanpro35.sys [25160]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 2/24/2011 - 2:33:35 PM RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.4B7423FCC37664954460AC3E71752B62] - 12/21/2010 - 12:43:10 AM RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\hxctlflt.sys [111104]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 4/27/2011 - 7:41:26 AM RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 7/13/2009 - 2:48:04 AM RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.9C4FB231B6E02F84580DE2F00F3C5293] - 12/24/2010 - 6:52:42 PM RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 6/10/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 7/13/2009 - 2:48:26 AM RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 6/10/2009 - 2:45:46 AM RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 7/13/2009 - 2:45:45 AM RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.ED5873F7DFB2F96D37F13322211B6BDC] - 4/1/2011 - 4:11:08 PM RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [428136]

O58 - SDL:[MD5.13089F31AA37CDE1CE3784EE01A48484] - 4/27/2011 - 5:54:04 PM RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2727912]

O58 - SDL:[MD5.FD833BEE2FD9BEFDC0AFD1941A306D9E] - 7/12/2011 - 6:13:53 PM RSHAD . (.Sunbelt Software - 64-bit Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [55384]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 7/14/2009 - 9:37:19 PM RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 6/10/2009 - 2:45:45 AM RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 7/13/2009 - 2:45:46 AM RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 7/13/2009 - 2:45:55 AM RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 9/3/2011 - 12:18:58 PM RSHAD . (.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\system32\drivers\stflt.sys [51496]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 7/14/2009 - 2:45:55 AM RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 6/10/2009 - 2:45:55 AM RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 7/30/2011 - 6:52:42 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272]

O58 - SDL:[MD5.4AC11B2250106774F694DF2DB4FFED61] - 3/16/2011 - 5:27:20 PM ---A- . (.InterVideo, Inc. - InterVideo ASPI Shell.) -- C:\Windows\SysWOW64\iviaspi.sys [10368]

~ Scan Drivers in 04mn AMs

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn AMs

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 2/20/2011 - C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys - No object(No service) .(.Emsi Software GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC

O64 - Services: CurCS - 7/21/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 7/21/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 8/30/2010 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys - No object(No service) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64

O64 - Services: CurCS - 11/22/2010 - C:\Windows\system32\DRIVERS\Lbd.sys - No object(No service) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD

O64 - Services: CurCS - 9/3/2011 - C:\Windows\system32\DRIVERS\stflt.sys - No object(No service) .(.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) - LEGACY_SP_RSDRV2

~ Scan Services in 02mn AMs

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (...) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (...) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn AMs

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn AMs

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {79085C51-08CA-4B1C-BB72-8DD02BAF58B6} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - Orange : téléphones, forfaits, Internet, actualité, sport, video

O69 - SBI: SearchScopes [HKCU] {B4D6826E-799C-4FF7-9FE7-D7F0509737C3} - (Yahoo) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {FD5B2C46-96E6-48D0-8373-6AF44AE016D1} - (Wikipedia) - Wikipédia, l'encyclopédie libre

~ Scan Keys in 00mn AMs

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.DFD49939CC7AB1D7332128CDB160EEC9] [sPRF][8/13/2011] (.Arovax Software - Arovax AntiSpyware Installer.) -- C:\Users\ZINOU\Desktop\aas_2.1_setup_153.exe [3599329]

[MD5.B00FA0C5D1620797F5DC535A45829A31] [sPRF][8/25/2005] (.Pas de propriétaire - VirtualDub Setup Utility.) -- C:\Users\ZINOU\Desktop\AuxSetup.exe [40960]

[MD5.4E5F50EB2D7358C83B5DA85EDF6037D9] [sPRF][8/26/2011] (...) -- C:\Users\ZINOU\Desktop\mwav.exe [136988056]

[MD5.94E744FC0CA84284470DC23522C4A324] [sPRF][9/3/2011] (.Pas de propriétaire - PC Tools Installer.) -- C:\Users\ZINOU\Desktop\sdsetup.exe [512992]

[MD5.F3246D2E451C71A42A7ED70F4FED3298] [sPRF][4/9/2010] (.Pas de propriétaire - VirtualDub.) -- C:\Users\ZINOU\Desktop\VirtualDub.exe [2668544]

[MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][9/11/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\ZINOU\Desktop\ZHPDiag2.exe [2582227]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32]

[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]

[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]

[MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [sPRF][10/21/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728]

[MD5.D4B7A651CB12B6C1A4FEB9FB5115CFE7] [sPRF][7/12/2000] (...) -- C:\Windows\Downloaded Program Files\fxfileop.dll [36864]

[MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376]

[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32]

[MD5.A7E770B48CB0B6EB979FA6C518B1B518] [sPRF][5/30/2011] (.Akamai Technologies, Inc. - Download Manager ActiveX Control.) -- C:\Windows\Downloaded Program Files\Manager.exe [707744]

[MD5.F43C810230BEAEF1D3BAF3D645B3E46C] [sPRF][3/20/2009] (.CA - eTrust PestPatrol version 5 SDK.) -- C:\Windows\Downloaded Program Files\ppctl.dll [820464]

[MD5.823451876778F382B23AFE20EF2DDC20] [sPRF][7/20/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll [1220672]

[MD5.E5EC6E96293203461999B2DFEEDE4C4D] [sPRF][7/20/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax64.dll [1373136]

[MD5.2FD994827193B68DD301F80BDF744231] [sPRF][4/3/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll [354608]

[MD5.81093A8A1719E11B22B586E10BFDC523] [sPRF][10/31/2001] (...) -- C:\Windows\Downloaded Program Files\uninst.bat [118]

~ Scan Files in 02mn AMs

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{39CE62A2-6D1B-4577-B016-9194036A85E0}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe

O87 - FAEL: "{C2434DBF-9BE7-410B-8ADA-53DAF34F5E8D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe

O87 - FAEL: "{74C3B2DE-7835-4D35-9C02-0607FC29A31E}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe

O87 - FAEL: "{E0C83026-4359-4677-9597-3DD26928C830}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe

O87 - FAEL: "{F8A8EE1C-F2F4-425F-930F-95FA5EBF5894}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe

O87 - FAEL: "{6C18A400-1A81-48F2-8E31-AD64360AB28B}" | In - Public - P6 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe

O87 - FAEL: "{4D7F5101-AE4F-4378-8F88-ADA452898AA5}" | In - Public - P17 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe

O87 - FAEL: "TCP Query User{A5140418-1C56-467B-BE17-C2868C18B9F6}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Public - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe

O87 - FAEL: "UDP Query User{A79020C3-CCE2-4732-99FE-0F95F829DDF7}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Public - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe

O87 - FAEL: "{EBA3D638-85E3-4757-B79D-9C7471BE3631}" | In - Public - P6 - FALSE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O87 - FAEL: "{18A5E496-7893-42B5-B207-A9C994468B09}" | In - Public - P17 - FALSE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O87 - FAEL: "{844AE9FD-5E9F-4EFC-A24F-F3CB0DB582DA}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe

O87 - FAEL: "{37F4A99A-F7F7-4FE6-B8BA-968A628AEB1A}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe

O87 - FAEL: "{AEC3907A-CB3B-404E-9BD0-27BCE3E5D5C3}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe

O87 - FAEL: "{F31FE4D6-273A-4771-93EC-9C1751C21393}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe

O87 - FAEL: "TCP Query User{2CC60C9E-6146-4ABA-958F-BCBB13CCAC59}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe

O87 - FAEL: "UDP Query User{366F5B85-A7CA-483F-8889-DC648C231206}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe

O87 - FAEL: "{3AF625EC-2797-46E7-8817-A6F72BA38DE5}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "TCP Query User{504BB014-7437-4796-89FC-C1CF64374C28}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe

O87 - FAEL: "UDP Query User{F3385E37-3C4F-4DAF-849F-DE06C9D10311}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe

O87 - FAEL: "TCP Query User{F435FD52-C678-41E4-87E8-A6620764A01B}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe

O87 - FAEL: "UDP Query User{25316F5F-C892-4CCA-B9A6-16D0816ED997}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe

O87 - FAEL: "{F89B5DD5-6FA7-4718-A82E-F7C789418A77}" | In - Private - P6 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O87 - FAEL: "{A183435C-1223-4A28-B75B-6F87B26A60BC}" | In - Private - P17 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O87 - FAEL: "{20B09ED6-6663-4516-BAD2-F1170D69FCDC}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe

O87 - FAEL: "{EC0FDE6E-D7E6-43F7-8D53-FDFEE1833244}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe

O87 - FAEL: "{1CD713C4-1B7E-483A-9302-B99C2F25F432}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe

O87 - FAEL: "{9E5D127B-DE2D-4B3A-8525-38AC3FE306BB}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe

O87 - FAEL: "{09BC5637-DCE8-46C4-A4A7-B2BD470090FA}" | In - Private - P6 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O87 - FAEL: "{B35C2701-D025-419D-BD8D-BB89B6453BCE}" | In - Private - P17 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

O87 - FAEL: "{B272A3BA-0EFA-48C8-A775-3FA92256F25B}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe

O87 - FAEL: "{69DC73A9-9B3F-4C74-9C11-8BB0F6F30B47}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe

O87 - FAEL: "TCP Query User{62A1BD43-1EEB-4603-8E52-EAE0A805A120}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe

O87 - FAEL: "UDP Query User{CA84F0B3-C9FF-497C-9609-E358B31640BE}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe

O87 - FAEL: "{265D39B1-932B-4844-9EC2-92BEB379E498}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{EAC96B28-F523-4543-B570-C6661E704132}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "TCP Query User{2F5A93BC-42D8-4CE6-84B6-C423B0F71390}C:\program files (x86)\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe

O87 - FAEL: "UDP Query User{48F2395B-40C2-490E-8F08-04973FDD287D}C:\program files (x86)\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe

O87 - FAEL: "TCP Query User{59620409-7C8E-44D1-82C2-B4A950E33E4D}C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe" | In - Private - P6 - TRUE | .(.Logitech Inc. - jive.) -- C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe

O87 - FAEL: "UDP Query User{C1FF98E6-77E2-497B-A96D-6F7F84BEA37A}C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe" | In - Private - P17 - TRUE | .(.Logitech Inc. - jive.) -- C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe

O87 - FAEL: "{AD98CAF7-99AE-4DA3-8C1D-F8622DFA1A62}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "{583FDBBF-71D3-4333-A344-6FE4FB3C2481}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "TCP Query User{B826487D-93C7-428C-88EE-FB031CF73B69}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe

O87 - FAEL: "UDP Query User{37B566DD-9F7F-4BDB-8CA3-0C8266C80C84}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe

O87 - FAEL: "{D9A0AC3B-0428-4FF9-8319-5DF9585988CC}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

O87 - FAEL: "{A83B0D14-2235-413A-A42B-FD6E28EFC906}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "{83C45770-DD60-4EC5-87F4-C3F532159271}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "{1669EF1A-3FC8-4987-96CC-2B056BE78133}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

O87 - FAEL: "{C0C4CC1E-927F-4449-AF32-B3BAE2FC4819}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

O87 - FAEL: "{C404C689-1C10-4460-B30C-C46E9C13286C}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

O87 - FAEL: "{008F7DED-193D-4B89-88BA-0EDD9F196385}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

~ Scan Firewall in 01mn AMs

---\\ Scan Additionnel (O88)

Database Version : 8621 - (29/08/2011)

Clés trouvées (Keys found) : 1

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange

~ Scan Additionnel in 05mn AMs

---\\ Recherche détournement de DNS routeur (O89)

Serveur : livebox.livebox.home

Address: 192.168.1.1

Nom : www.l.google.com

Addresses: 209.85.148.104

209.85.148.106

209.85.148.105

209.85.148.99

209.85.148.147

209.85.148.103

Aliases: www.google.fr

www.google.com

~ Scan DNS in 02mn AMs

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 9/2/2011 3029208 | C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

SR - | Auto 6/17/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 7/30/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 7/30/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 3/14/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 4/25/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

SS - | Demand 9/24/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

SS - | Auto 12/20/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 12/20/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SR - | Auto 12/21/2010 126520 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

SR - | Auto 12/21/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

SS - | Demand 12/21/2010 751672 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

SS - | Demand 8/10/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

SS - | Demand 6/13/2011 934176 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 9/24/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

SS - | Demand 6/4/2011 420864 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe

SS - | Demand 8/18/2011 6144 | (MEMSWEEP2) . (.Sophos Plc.) - C:\Windows\system32\E512.tmp

SS - | Disabled 4/27/2011 1012328 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SS - | Disabled 4/26/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

SS - | Auto 2/14/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

SR - | Auto 2/18/2011 501336 | (Serveur Média) . (.PacketVideo.) - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe

SR - | Auto 9/3/2011 1139928 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe

SR - | Auto 4/27/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

SR - | Auto 7/14/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

~ Scan Services in 05mn AMs

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

~ Scan MBR in 07mn AMs

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by ZINOU at 9/14/2011 10:23:34 AM

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 09mn AMs

End of the scan (1516 lines in 13mn AMs)(0)

CI LE RAPPORT