PC infecté ZHP

PHHP · le 11 décembre 2011

Rapport de ZHPDiag v1.28.264 par Nicolas Coolman, Update du 10/12/2011

Run by sanscode at 11/12/2011 23:30:44

Web site : ZHPDiag Outil de diagnostic

State : Version à jour.

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox v3.6.10 (fr)

GCIE: Google Chrome v15.0.874.121 (Defaut)

OBIE: SeaMonkey

---\\ Windows Product Information

~ Langage: Français

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Windows Server License Manager Script : OK

~ Vista, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : WQD8Q

Windows Automatic Updates : OK

---\\ System Information

~ Processor: x86 Family 16 Model 2 Stepping 2, AuthenticAMD

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3069 MB (59% free)

System Restore: Activé (Enable)

System drive C: has 34 GB (7%) free of 455 GB

---\\ Logged in mode

~ Computer Name: PC-DE-FANNY

~ User Name: sanscode

~ All Users Names: sanscode, Patricia, Fanny, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\sanscode\AppData\Roaming\

~ %Desktop% : C:\Users\sanscode\Desktop\

~ %Favorites% : C:\Users\sanscode\Favorites\

~ %LocalAppData% : C:\Users\sanscode\AppData\Local\

~ %StartMenu% : C:\Users\sanscode\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 34 Go of 455 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ CD-ROM drive (Not Inserted)

G:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

H:\ Hard drive, Flash drive, Thumb drive (Free 887 Go of 931 Go)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

L:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.13/06/2008 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768]

[MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/10/2011 - 03:28:15.) -- C:\Windows\system32\wininet.dll [1126912]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.23/08/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]

[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.13/06/2008 - 08:34:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.23/08/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]

[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/06/2008 - 06:28:02.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]

[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.23/08/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]

[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]

[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.23/08/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]

[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.13/06/2008 - 06:49:18.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]

[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.13/06/2008 - 06:56:28.) -- C:\Windows\system32\drivers\IpNat.sys [100864]

[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]

[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.23/08/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.23/08/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]

[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]

[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/06/2008 - 06:56:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]

[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\drivers\rdpdr.sys [242688]

[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.23/08/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]

[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.23/08/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]

[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.23/08/2009 - 07:32:55.) -- C:\Windows\system32\drivers\volsnap.sys [226280]

~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/19

~ Mes musiques (My Musics) : 8/119

~ Mes Videos (My Videos) : 1/242

~ Mes Favoris (My Favorites) : 2/46

~ Mes Documents (My Documents) : 4/362

~ Mon Bureau (My Desktop) : 864/39830

~ Menu demarrer (Programs) : 6/122

~ Scan Hidden Files in 00mn 22s

---\\ Processus lancés

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3880]

[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.3888]

[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784] [PID.3916]

[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4874240] [PID.4008]

[MD5.F710C8EF01DA24FA55AD693782FCDD61] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\jureg.exe [54672] [PID.4016]

[MD5.099353D3B19A2B9FA4664E04872AC49A] - (.Spigot, Inc. - Search Settings application.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.exe [1024512] [PID.4072]

[MD5.C456658AF90F42BE3CDF1048F9CDB5CA] - (.Microsoft Corporation - Notifications du contrôle parental Windows.) -- C:\Windows\System32\wpcumi.exe [176128] [PID.4088]

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.2236]

[MD5.F90D5FFA020B693CB5A7115A5E07AA3F] - (.Bandoo Media, inc - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1599376] [PID.2188]

[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3722416] [PID.2272]

[MD5.5E0810A04D2C9AC2DC79D1E6885F5805] - (.PcTuto - PcTuto.) -- C:\Program Files\Agence-Exclusive\pctuto.exe [1040000] [PID.1488]

[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.2100]

[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2420]

[MD5.4C8942B8721813E5C8874D47112DCF73] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2741616] [PID.2412]

[MD5.CF03C8F6F6B0D71F6E5BCE167FCF7CA6] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [PID.1800]

[MD5.76DAC52F7A6D3AD3C8307D012ACF46CE] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.1724]

[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3260]

[MD5.EEBF2F715C02C8A6CE6DBE844DD1B4E3] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.2140]

[MD5.80B8AE8E18FF57BE13FF4A5959DB0EC1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [PID.4600]

[MD5.E343E343581F6DAEAD48D412F5CE911A] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [569344] [PID.4640]

[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4676]

[MD5.48B046322009D311A4BA1294F1321E64] - (.Sun Microsystems, Inc. - Java Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507624] [PID.2240]

[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3176]

[MD5.D1A41D53847198EE3B755DB18394C026] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2210304] [PID.2892]

[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]

[MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768] [PID.]

[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]

[MD5.F832F1505AD8B83474BD9A5B1B985E01] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]

[MD5.DEB82AF183F1CD06813D91ED104C645C] - (...) -- c:\hp\HPEZBTN\HPBtnSrv.exe [198240] [PID.]

[MD5.C34411A244029F1C08687F7C752C4563] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.1BBBF640BC0E0B750537BAECE8D66C18] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [641832] [PID.]

[MD5.799E48FDF68D388B1B9BCBB6BD062FA2] - (.Bandoo Media Inc. - Bandoo Coordinator.) -- C:\Program Files\Bandoo\Bandoo.exe [2051472] [PID.]

[MD5.0D26C438E2938A3E6BDD91173BC96FF0] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536] [PID.]

~ Scan Processes Running in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\sanscode\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\sanscode\AppData\Roaming\Mozilla\Firefox\Profiles\sw3tmdca.default\prefs.js

C:\Users\sanscode\AppData\Roaming\Mozilla\Firefox\Profiles\sw3tmdca.default\user.js

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M3 - MFPP: Plugins - [sanscode] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml

M0 - MFSP: prefs.js [sanscode - sw3tmdca.default] Google

M2 - MFEP: prefs.js [sanscode - sw3tmdca.default\ffox@bandoo.com] [] Bandoo for Firefox v5.1 (..)

M2 - MFEP: prefs.js [sanscode - sw3tmdca.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [sanscode - sw3tmdca.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20100830W (.Google Inc..)

M2 - MFEP: prefs.js [sanscode - sw3tmdca.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.4.20100423010936 (.Yahoo!.)

M2 - MFEP: prefs.js [sanscode - sw3tmdca.default\{99079a25-328f-4bd4-be04-00955acaa0a7}] [] Searchqu Toolbar v4.3.0.00 (.Visicom Media Inc..)

M2 - MFEP: prefs.js [sanscode - sw3tmdca.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v1.3.1 (.Wladimir Palant.)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0009.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin8.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@Nero.com/KM] - (.Nero AG - Plug-in for detecting Nero Kwik Media..) -- C:\Program Files\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@videolan.org/vlc;version=0.8.6d] - (...) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Jumpstation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Jumpstation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) (1, 2, 2, 2) -- C:\Program Files\pdfforge Toolbar\SearchSettings.dll

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: PCTBHO - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} Clé orpheline

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL - Librairie de lien dynamique AOL Toolbar pou.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} Clé orpheline

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: Loader Class - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google IE Client Toolbar.) -- c:\program files\google\googletoolbar1.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.dll

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} . (.Bandoo Media Inc. - Bandoo IE Plugin.) -- C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.)

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} . (.AOL - Librairie de lien dynamique AOL Toolbar pou.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google IE Client Toolbar.) -- c:\program files\google\googletoolbar1.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll

~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateReg] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\jureg.exe

O4 - HKLM\..\Run: [searchSettings] . (.Spigot, Inc. - Search Settings application.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - HKLM\..\Run: [WPCUMI] . (.Microsoft Corporation - Notifications du contrôle parental Windows.) -- C:\Windows\System32\wpcumi.exe

O4 - HKLM\..\Run: [QuickTime Update Completion 0] . (.Apple Inc. - QuickTime Update Helper.) -- C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [DATAMNGR] . (.Bandoo Media, inc - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe

O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe

O4 - HKLM\..\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe

O4 - HKLM\..\Run: [pctuto] . (.PcTuto - PcTuto.) -- C:\Program Files\Agence-Exclusive\pctuto.exe

O4 - HKLM\..\Run: [NvSvc] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 169.6.) -- C:\Windows\system32\nvsvc.dll

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-1219684600-3150017966-3007924504-1001\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-1219684600-3150017966-3007924504-1001\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe

O4 - HKUS\S-1-5-21-1219684600-3150017966-3007924504-1001\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\1964 - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Philippe\12_Divertissement\1964\1964.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\adsl TV.lnk . (.adsl TV / FM.) -- C:\Program Files\adslTV\adsltv.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\ASIO4ALL v2 Instruction Manual.lnk . (...) -- C:\Program Files\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf

O4 - Global Startup: C:\Users\sanscode\Desktop\ASIO4ALL v2 Off-Line Settings.lnk . (.Michael Tippach.) -- C:\Program Files\ASIO4ALL v2\a4apanel.EXE

O4 - Global Startup: C:\Users\sanscode\Desktop\Balabolka.lnk . (.Ilya Morozov.) -- C:\Program Files\Balabolka\balabolka.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\c3 - Raccourci.lnk . (...) -- C:\Sierra\CAESAR3DEMO\c3.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\Centre de solutions HP.lnk . (.Hewlett-Packard Company.) -- C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\cliquez-moi - Raccourci.lnk . (.Adobe Systems, Inc..) -- C:\Users\Public\Documents\Planete_2009\cliquez-moi.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\Collab.lnk . (...) -- C:\Program Files\Image-Line\Collab\Collab.exe (.not file.)

O4 - Global Startup: C:\Users\sanscode\Desktop\Cyberstella - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Philippe\12_Divertissement\STELLA\cyberstella_1.2.1_windows\cyberstella\Cyberstella.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files\Image-Line\FL Studio 8\FL.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\GK3 - Raccourci.lnk . (...) -- C:\Sierra\Gabriel Knight 3\GK3.exe (.not file.)

O4 - Global Startup: C:\Users\sanscode\Desktop\histoire - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Raconte-moi des histoires\histoire.html

O4 - Global Startup: C:\Users\sanscode\Desktop\jv16 PowerTools.lnk . (...) -- C:\Program Files\jv16 PowerTools\jv16 PowerTools.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\Lecteur CD - Raccourci.lnk . (...) -- E:\ (.not file.)

O4 - Global Startup: C:\Users\sanscode\Desktop\Les Chevaliers de Baphomet - Le Manuscrit de Voynich.lnk . (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe (.not file.)

O4 - Global Startup: C:\Users\sanscode\Desktop\mamepp - Raccourci.lnk . (.MAME Team.) -- C:\Users\Public\Documents\Philippe\12_Divertissement\MAME\mamepp.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files\monAlbumPhoto\monAlbumphoto.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\MOVIEMK - Raccourci.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker 2.6\MOVIEMK.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\MP4Tool.lnk . (...) -- C:\Program Files\AuthoringTool\MP4ToolE.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\pcplt2009 - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Philippe\Concours\pcplt2009

O4 - Global Startup: C:\Users\sanscode\Desktop\PDFCreator.lnk . (.pdfforge http://www.pdfforge.org/.) -- C:\Program Files\PDFCreator\PDFCreator.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\Philippe - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Philippe

O4 - Global Startup: C:\Users\sanscode\Desktop\Piano Virtuel Midi.lnk . (.Home.) -- C:\Program Files\Pvm\Piano virtuel midi.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\POB 7.lnk . (.Macromedia, Inc..) -- C:\Program Files\POB 7\POB7.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\POB 8.lnk . (.Macromedia, Inc..) -- C:\Program Files\POB 8\POB8.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\PrinceOfPersia_Launcher-MCE.lnk . (.Ubisoft.) -- C:\Program Files\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe

O4 - Global Startup: C:\Users\sanscode\Desktop\Raconte-moi des histoires - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Raconte-moi des histoires

O4 - Global Startup: C:\Users\sanscode\Desktop\RapidTyping.lnk . (...) -- C:\Program Files\RapidTyping\RapidTyping.exe (.not file.)

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk . (.inkscape.org.) -- C:\Program Files\Inkscape\inkscape.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files\monAlbumPhoto\monAlbumphoto.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\My HP Games.lnk . (.WildTangent, Inc..) -- C:\Program Files\HP Games\My HP Game Console\GameConsole-wt.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SeaMonkey.lnk . (.mozilla.org.) -- C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe

O4 - Global Startup: C:\Users\sanscode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 01s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} . (.AOL - AOL Toolbar.) -- c:\program files\aol\aol toolbar 5.0\resources\fr-fr\aoltbres.dll

O9 - Extra button: AOL Toolbar - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://a s s et s .photobox.com/a s s et s /aurigma/ImageUploader5.cab?20090618123620

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/re s ource s /Vi s taM S NPUplden-u s .cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NO S /getPlu s Plu s /1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/Vi s taM S NPUplden-u s .cab

~ Scan Objets ActiveX in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{9B003AD6-281C-4CC1-B6C9-95287689C201}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\..\{A599A961-F655-48C9-B408-709A37B8A29F}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{9B003AD6-281C-4CC1-B6C9-95287689C201}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{A599A961-F655-48C9-B408-709A37B8A29F}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{9B003AD6-281C-4CC1-B6C9-95287689C201}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{A599A961-F655-48C9-B408-709A37B8A29F}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS3\Services\Tcpip\..\{9B003AD6-281C-4CC1-B6C9-95287689C201}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS3\Services\Tcpip\..\{A599A961-F655-48C9-B408-709A37B8A29F}: DhcpNameServer = 212.27.40.241 212.27.40.240

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Bandoo Media, inc - Data Manager.) - C:\Program Files\wi371a~1\datamngr\datamngr.dll

~ Scan AppInit DLL in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

~ Scan SSODL in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bandoo Coordinator (Bandoo Coordinator) . (.Bandoo Media Inc. - Bandoo Coordinator.) - C:\Program Files\Bandoo\Bandoo.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe

O23 - Service: HP Chasis Button Service (HPBtnSrv) . (...) - C:\hp\HPEZBTN\HPBtnSrv.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: {22D78859-9CE9-4B77-BF18-AC83E81A9263} ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp. - FCL Driver.) - C:\Program Files\HP\DVDPlay\000.fcl

~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.6AB4C021FBD36DC6764924C312428D97] [APT] [JavaUpdateAdministrator] (.Sun Microsystems, Inc..) -- C:\Windows\System32\jusched.exe

[MD5.6AB4C021FBD36DC6764924C312428D97] [APT] [JavaUpdateFanny] (.Sun Microsystems, Inc..) -- C:\Windows\System32\jusched.exe

[MD5.6AB4C021FBD36DC6764924C312428D97] [APT] [JavaUpdatePatricia] (.Sun Microsystems, Inc..) -- C:\Windows\System32\jusched.exe

[MD5.6AB4C021FBD36DC6764924C312428D97] [APT] [JavaUpdatesanscode] (.Sun Microsystems, Inc..) -- C:\Windows\System32\jusched.exe

[MD5.B71102DDBC3887B309047811FF43F509] [APT] [RealUpgradeLogonTaskS-1-5-21-1219684600-3150017966-3007924504-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.B71102DDBC3887B309047811FF43F509] [APT] [RealUpgradeLogonTaskS-1-5-21-1219684600-3150017966-3007924504-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.B71102DDBC3887B309047811FF43F509] [APT] [RealUpgradeScheduledTaskS-1-5-21-1219684600-3150017966-3007924504-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.B71102DDBC3887B309047811FF43F509] [APT] [RealUpgradeScheduledTaskS-1-5-21-1219684600-3150017966-3007924504-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.29FD7B6ECF100A17CB43BDED28B414B6] [APT] [{6F06EC5C-0EA7-4D59-B3DC-8509DBEA5B68}] (...) -- C:\WESTWOOD\PLANETWW\UNINSTWC.exe

[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

[MD5.61D3771702DE72053FEE2A98F213A030] [APT] [scheduled Maintanence] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe

~ Scan Scheduled Task in 00mn 04s

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\Windows\system32\unregmp2.exe

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe

O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll

O40 - ASIC: Microsoft Reader - {05466845-FF44-4671-92C1-A5FD0F9EEE1C} . (.Microsoft Corporation - Microsoft Reader.) -- C:\Program Files\Microsoft Reader\msreader.exe

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Microsoft Windows Media Component Removal File..) -- C:\Windows\System32\msdxm.ocx

O40 - ASIC: Windows Media Player 5.2 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (...) -- C:\Windows\INF\mswmp.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.0 r1.) -- C:\Windows\System32\Macromed\Flash\Flash11c.ocx

~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys

~ Scan Drivers in 00mn 01s

---\\ Logiciels installés (O42)

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {2614F54E-A828-49FA-93BA-45A3F756BFAA}

O42 - Logiciel: AOL Toolbar 5.0 - (.AOL.) [HKLM] -- AOL Toolbar

O42 - Logiciel: ASIO4ALL - (.Pas de propriétaire.) [HKLM] -- ASIO4ALL

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 8.1.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81300000003}

O42 - Logiciel: Aménagez votre intérieur 3D - (.Pas de propriétaire.) [HKLM] -- gggg

O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}

O42 - Logiciel: AuthoringTool 1.0.4 - (.Pas de propriétaire.) [HKLM] -- AuthoringTool

O42 - Logiciel: BBC Bob The Builder - (.Pas de propriétaire.) [HKLM] -- {8D3A4F50-B820-4A2D-8F6F-6514710B3BB9}

O42 - Logiciel: Balabolka - (.Ilya Morozov.) [HKLM] -- Balabolka

O42 - Logiciel: Bandoo - (.Pas de propriétaire.) [HKLM] -- Bandoo

O42 - Logiciel: Bombermaaan 1.3 - (.The Bombermaaan team.) [HKLM] -- {577ACC96-0D1D-4AA1-BFCC-DA0630FA24B0}_is1

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Caesar 3 Demo - (.Pas de propriétaire.) [HKLM] -- Caesar 3 Demo

O42 - Logiciel: Codeur Windows Media Série 9 - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

O42 - Logiciel: Codeur Windows Media Série 9 - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9

O42 - Logiciel: Coloriage - (.AKVIS LLC.) [HKLM] -- {4C4F2C25-3D14-46C5-8D0D-BCD202AD5D9B}

O42 - Logiciel: CoreVorbis Audio Decoder (remove only) - (.Pas de propriétaire.) [HKLM] -- CoreVorbis Audio Decoder

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: DVD Play HD DVD - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}

O42 - Logiciel: Direct Show Ogg Vorbis Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- OggDS

O42 - Logiciel: EViews 4 - (.Pas de propriétaire.) [HKLM] -- {011A5720-AD17-11D4-8B12-00104B1F716F}

O42 - Logiciel: FL Studio 8 - (.Image-Line bvba.) [HKLM] -- FL Studio 8

O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM] -- Firebird SQL Server F

O42 - Logiciel: GTA2 - (.Pas de propriétaire.) [HKLM] -- {2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {1D14373E-7970-4F2F-A467-ACA4F0EA21E3}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Pas de propriétaire.) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {73A43E42-3658-4DD9-8551-FACDA3632538}

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {AFAD41A9-9687-48A3-848F-693C11451433}

O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC}

O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {9885A11E-60E4-417C-B58B-8B31B21C0B8A}

O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro

O42 - Logiciel: HP Photosmart All-In-One Driver Software 10.0 Rel .2 - (.HP.) [HKLM] -- {20B30DC1-E423-4939-B51D-05C58B0F9BBB}

O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}

O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing

O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}

O42 - Logiciel: Hewlett-Packard Active Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}

O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}

O42 - Logiciel: High-Definition Video Playback - (.Nero AG.) [HKLM] -- {9193490D-5229-4FC4-9BB9-A6D63C09574A}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows Media Encoder (KB929182) - (.Microsoft Corporation.) [HKLM] -- KB929182

O42 - Logiciel: IL Download Manager - (.Image-Line bvba.) [HKLM] -- IL Download Manager

O42 - Logiciel: Inkscape 0.48.2 - (.Pas de propriétaire.) [HKLM] -- Inkscape

O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player

O42 - Logiciel: Java 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}

O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}

O42 - Logiciel: Java 6 Update 4 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160040}

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}

O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}

O42 - Logiciel: K-Lite Codec Pack 2.72 Full - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF

O42 - Logiciel: LSDA Le Retour du Roi tm - (.Pas de propriétaire.) [HKLM] -- {6E298B0A-558C-4138-0096-740677B382CD}

O42 - Logiciel: La Bataille pour la Terre du Milieu - (.Pas de propriétaire.) [HKLM] -- {3F290582-3F4E-4B96-009C-E0BABAA40C42}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {E0E55FC1-C53D-4F8D-B14B-B59C312747C8}

O42 - Logiciel: MAGIX Music Maker 2008 Producer Edition Trial 13.0.2.1 (F) - (.MAGIX AG.) [HKLM] -- MAGIX Music Maker 2008 Producer Edition Trial F

O42 - Logiciel: MAGIX Screenshare 4.3.6.1987 (F) - (.MAGIX AG.) [HKLM] -- MAGIX Screenshare F

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: Magicbit 3GP Video Converter - (.Magicbit.) [HKLM] -- 3GP Video Converter

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Flight Simulator X Demo - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM] -- {9028040C-6000-11D3-8CFE-0050048383C9}

O42 - Logiciel: Microsoft Reader - (.Pas de propriétaire.) [HKLM] -- {B6F7DBE7-2FE2-458F-A738-B10832746036}

O42 - Logiciel: Microsoft Reader Text-to-Speech pour le français - (.Microsoft Corporation.) [HKLM] -- {6F1547AA-8DA7-4FAC-BA11-BE1659E7086E}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (.Pas de propriétaire.) [HKLM] -- MSTTS

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla (1.7.12) (fr) - (.Pas de propriétaire.) [HKLM] -- Mozilla (1.7.12) (fr)

O42 - Logiciel: Mozilla Firefox (3.6.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.10)

O42 - Logiciel: Mozilla Thunderbird (2.0.0.16) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (2.0.0.16)

O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: Nero 11 - (.Nero AG.) [HKLM] -- {B7E01095-8BAA-456E-8AED-504C3CCADBA0}

O42 - Logiciel: Nero 11 Disc Menus Basic - (.Nero AG.) [HKLM] -- {F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}

O42 - Logiciel: Nero 11 Effects Basic - (.Nero AG.) [HKLM] -- {E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}

O42 - Logiciel: Nero 11 Image Samples - (.Nero AG.) [HKLM] -- {F3743A2C-5D5F-4456-8F98-5DF36A954C50}

O42 - Logiciel: Nero 11 Kwik Themes Basic - (.Nero AG.) [HKLM] -- {5A212B2D-140D-46F4-B625-2D1CA5A00594}

O42 - Logiciel: Nero 11 PiP Effects Basic - (.Nero AG.) [HKLM] -- {2CA7225D-CB12-462A-9DD1-50319E158BA5}

O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}

O42 - Logiciel: Nero BackItUp 11 - (.Nero AG.) [HKLM] -- {AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}

O42 - Logiciel: Nero BackItUp 11 Help (CHM) - (.Nero AG.) [HKLM] -- {6AB2427E-A18F-4809-9A12-29F5EBABBB3A}

O42 - Logiciel: Nero Backup Drivers - (.Nero AG.) [HKLM] -- {F8EF9B71-53E7-41F5-8E54-47B4C979CB38}

O42 - Logiciel: Nero Burning ROM 11 - (.Nero AG.) [HKLM] -- {B1846721-A8E6-46C7-83B6-0DCF7ADB4267}

O42 - Logiciel: Nero Burning ROM 11 Help (CHM) - (.Nero AG.) [HKLM] -- {53F7746A-96AA-49A5-86B8-59989680DAC5}

O42 - Logiciel: Nero ControlCenter 11 - (.Nero AG.) [HKLM] -- {11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}

O42 - Logiciel: Nero ControlCenter 11 Help (CHM) - (.Nero AG.) [HKLM] -- {D4D66270-9147-4BDF-9946-FCA2B303AA8F}

O42 - Logiciel: Nero Core Components 11 - (.Nero AG.) [HKLM] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}

O42 - Logiciel: Nero CoverDesigner 11 - (.Nero AG.) [HKLM] -- {FF44BCE5-5A18-4051-85F0-BC172D7B4695}

O42 - Logiciel: Nero CoverDesigner 11 Help (CHM) - (.Nero AG.) [HKLM] -- {55C2143E-FBA5-442F-9AFA-726FF068F39D}

O42 - Logiciel: Nero Express 11 - (.Nero AG.) [HKLM] -- {E10AAE4A-98B8-420A-BD93-E0520C23D624}

O42 - Logiciel: Nero Express 11 Help (CHM) - (.Nero AG.) [HKLM] -- {D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}

O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM] -- {BE814218-3919-4EA3-868A-2F60BC135CB4}

O42 - Logiciel: Nero Kwik Media Help (CHM) - (.Nero AG.) [HKLM] -- {B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}

O42 - Logiciel: Nero Recode 11 - (.Nero AG.) [HKLM] -- {F69FB940-5031-4FE8-AFAD-085802D0BF63}

O42 - Logiciel: Nero Recode 11 Help (CHM) - (.Nero AG.) [HKLM] -- {57F80ECF-E27C-4EEE-AB58-E971BACE2639}

O42 - Logiciel: Nero RescueAgent 11 - (.Nero AG.) [HKLM] -- {034DCAF9-96E7-4936-9A07-712F80B5181E}

O42 - Logiciel: Nero RescueAgent 11 Help (CHM) - (.Nero AG.) [HKLM] -- {D01CE99A-8802-483C-A79F-298B691EB432}

O42 - Logiciel: Nero SoundTrax 11 - (.Nero AG.) [HKLM] -- {0713D1F9-DD77-42C1-8C7D-54D479E2E743}

O42 - Logiciel: Nero SoundTrax 11 Help (CHM) - (.Nero AG.) [HKLM] -- {390757AA-8830-43DC-AEE0-4E5B6F8439EB}

O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

O42 - Logiciel: Nero Video 11 - (.Nero AG.) [HKLM] -- {0D7A4289-99CF-4B8D-B812-86BE50A54552}

O42 - Logiciel: Nero Video 11 Help (CHM) - (.Nero AG.) [HKLM] -- {FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}

O42 - Logiciel: Nero WaveEditor 11 - (.Nero AG.) [HKLM] -- {8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}

O42 - Logiciel: Nero WaveEditor 11 Help (CHM) - (.Nero AG.) [HKLM] -- {EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}

O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: OPERATION7 - (.Pas de propriétaire.) [HKLM] -- OPERATION7

O42 - Logiciel: OpenOffice.org 3.0 - (.OpenOffice.org.) [HKLM] -- {6860B340-530D-46B3-91F8-1AE1F70F7C33}

O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: POB 7 - (.Pas de propriétaire.) [HKLM] -- pob7

O42 - Logiciel: POB 8 - (.Pas de propriétaire.) [HKLM] -- pob8

O42 - Logiciel: PdfGrabber 5.0 - (.PixelPlanet.) [HKLM] -- {6D9B4C6B-7879-477A-B5EE-7DF068B91F34}

O42 - Logiciel: PoiZone - (.Image-Line bvba.) [HKLM] -- PoiZone

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Prince of Persia - (.Ubisoft.) [HKLM] -- {7C11154F-3539-4CB5-979D-EF7913473E53}

O42 - Logiciel: Privateer - (.Pas de propriétaire.) [HKLM] -- Privateer

O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}

O42 - Logiciel: RealSpeak Solo pour la voix francaise Virginie - (.ScanSoft.) [HKLM] -- {58B0F3ED-6FAE-486C-9AB9-1C06514097B4}

O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Sam and Max - Season One - Episode 104 - Abe Lincoln Must Die! - (.Telltale Games.) [HKLM] -- Episode 104 - Abe Lincoln Must Die!

O42 - Logiciel: SeaMonkey (1.1.18) - (.Pas de propriétaire.) [HKLM] -- SeaMonkey (1.1.18)

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Security Update for Windows Media Encoder (KB2447961) - (.Microsoft Corporation.) [HKLM] -- KB2447961

O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] -- KB954156

O42 - Logiciel: Security Update for Windows Media Encoder (KB979332) - (.Microsoft Corporation.) [HKLM] -- KB979332

O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies

O42 - Logiciel: Sierra Utilities - (.Pas de propriétaire.) [HKLM] -- Sierra Utilities

O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD

O42 - Logiciel: Text-To-Speech-Runtime - (.Magix Development GmbH.) [HKLM] -- {7B3F0113-E63C-4D6D-AF19-111A3165CCA2}

O42 - Logiciel: The Sims Livin' Large - (.Pas de propriétaire.) [HKLM] -- {2727FBEF-3155-11D4-8F73-0050DA0F6297}

O42 - Logiciel: Total Commander (Remove or Repair) - (.Pas de propriétaire.) [HKLM] -- Totalcmd

O42 - Logiciel: Toxic Biohazard - (.Image-Line bvba.) [HKLM] -- Toxic Biohazard

O42 - Logiciel: Tuto Ccleaner1.0.0.0 - (.pctuto.) [HKLM] -- Tuto Ccleaner_is1

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523

O42 - Logiciel: Urban Terror 4.1 - (.Frozen Sand LLC.) [HKLM] -- Urban Terror_is1

O42 - Logiciel: Version de démonstration de Microsoft Office Home and Student 2007 - (.Pas de propriétaire.) [HKLM] -- OfficeTrial

O42 - Logiciel: Westwood Chat - (.Pas de propriétaire.) [HKLM] -- WChat

O42 - Logiciel: WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {BADF6744-3787-48F6-B8C9-4C4995401D65}

O42 - Logiciel: Windows Live installer - (.Microsoft Corporation.) [HKLM] -- {FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar

O42 - Logiciel: X-Lite 3.0 - (.CounterPath Solutions Inc..) [HKLM] -- X-Lite 3.0_is1

O42 - Logiciel: adsl TV - (.adsl TV / FM.) [HKLM] -- {3AFDD2C6-8663-46B5-B195-6CEB00D44768}

O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

O42 - Logiciel: bayardKids - (.Tribal Nova Inc.) [HKLM] -- {15126A91-4790-42DD-D883-26FE22E03EB4}

O42 - Logiciel: directGouv - (.UNKNOWN.) [HKLM] -- directGouv

O42 - Logiciel: directGouv - (.UNKNOWN.) [HKLM] -- {0B103E0F-6B29-7114-E73F-CCA46EC4C0E5}

O42 - Logiciel: ffdshow (remove only) - (.Pas de propriétaire.) [HKLM] -- ffdshow

O42 - Logiciel: iLivid - (.Bandoo Media Inc..) [HKLM] -- iLivid

O42 - Logiciel: iLivid - (.Bandoo Media Inc..) [HKLM] -- {8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}

O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] -- jv16 PowerTools_is1

O42 - Logiciel: monAlbumPhoto - (.monAlbumPhoto.) [HKLM] -- monAlbumPhoto_is1

O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {7C0B3A39-6602-4E52-9561-01C24E7BDFC0}

O42 - Logiciel: pdfforge Toolbar v1.1.1 - (.Spigot, Inc..) [HKLM] -- {4EF8BE6A-899C-4196-94E7-297C5F7A203E}

O42 - Logiciel: welcome - (.Nero AG.) [HKLM] -- {CCE210DF-7EEF-4A76-A63C-3EB091FDB992}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\1964VIDEO]

[HKCU\Software\1964emu_099]

[HKCU\Software\AKVIS]

[HKCU\Software\ALWIL Software]

[HKCU\Software\AOL]

[HKCU\Software\ASIO4ALL v2 by Wuschel]

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\Agence-Exclusive]

[HKCU\Software\AhnLab]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software\pdfforge]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Balabolka]

[HKCU\Software\Boolat Games]

[HKCU\Software\Class]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Codeminion]

[HKCU\Software\CoreVorbis]

[HKCU\Software\CounterPath]

[HKCU\Software\Cyberlink]

[HKCU\Software\DataMngr]

[HKCU\Software\EBInstaller]

[HKCU\Software\Electronic Arts]

[HKCU\Software\Fiaa]

[HKCU\Software\Fugazo]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GameHouse]

[HKCU\Software\GameSpy]

[HKCU\Software\GoBit]

[HKCU\Software\Google]

[HKCU\Software\HP Guide]

[HKCU\Software\HP]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HipSoft]

[HKCU\Software\IADirectShow]

[HKCU\Software\IM Providers]

[HKCU\Software\Image-Line]

[HKCU\Software\Innova engineering]

[HKCU\Software\InterActual Technologies]

[HKCU\Software\Iris]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\LightScribe]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MAP-DN]

[HKCU\Software\Macromedia]

[HKCU\Software\Magicbit]

[HKCU\Software\MainConcept (Muvee)]

[HKCU\Software\MainConcept]

[HKCU\Software\Modern UI Test]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NRage]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PDFCreator]

[HKCU\Software\Piriform]

[HKCU\Software\PixelPlanet]

[HKCU\Software\Policies]

[HKCU\Software\Pvm]

[HKCU\Software\RICEDAEDALUS520]

[HKCU\Software\Rapidtyping]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\Search Settings]

[HKCU\Software\SecuROM]

[HKCU\Software\SoftVoice]

[HKCU\Software\Softonic]

[HKCU\Software\Solid State Networks]

[HKCU\Software\Symantec]

[HKCU\Software\ToyBox]

[HKCU\Software\Trolltech]

[HKCU\Software\Ubisoft]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WildTangent]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Winsome File Renamer 7.1]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\e-merge]

[HKCU\Software\keyhole.com]

[HKCU\Software\mioreader]

[HKCU\Software\mozilla.org]

[HKCU\Software\pdfforge.org]

[HKCU\Software\zylom]

[HKLM\Software\3ivx]

[HKLM\Software\AKVIS]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ASIO]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\Agence-Exclusive]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Apple]

[HKLM\Software\Aureal]

[HKLM\Software\BBC Multimedia]

[HKLM\Software\BCL Technologies]

[HKLM\Software\Bombermaaan]

[HKLM\Software\Boonty]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DMA Design Ltd]

[HKLM\Software\DataMngr]

[HKLM\Software\Debug]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EA GAMES]

[HKLM\Software\Electronic Arts]

[HKLM\Software\Fiaa]

[HKLM\Software\FullCircle]

[HKLM\Software\GYOZA]

[HKLM\Software\Ghisler]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\Image-Line]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\InterActual Technologies]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\L&H]

[HKLM\Software\LightScribe]

[HKLM\Software\Logitech]

[HKLM\Software\MAP-DN]

[HKLM\Software\Macromedia]

[HKLM\Software\Magix]

[HKLM\Software\Maxis]

[HKLM\Software\MimarSinan]

[HKLM\Software\Morgan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NRJ]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\On2 Technologies]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Outsim]

[HKLM\Software\PC-Doctor]

[HKLM\Software\PDFCreator]

[HKLM\Software\Piriform]

[HKLM\Software\PixelPlanet]

[HKLM\Software\Policies]

[HKLM\Software\Propellerhead Software]

[HKLM\Software\Protexis]

[HKLM\Software\Quantitative Micro Software]

[HKLM\Software\RealDSF]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Rockstar Games]

[HKLM\Software\S3R521]

[HKLM\Software\SRS Labs]

[HKLM\Software\ScanSoft]

[HKLM\Software\Search Settings]

[HKLM\Software\SearchquMediabarTb]

[HKLM\Software\Services]

[HKLM\Software\Sierra On-Line]

[HKLM\Software\Sierra OnLine]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SymDebug]

[HKLM\Software\Symantec]

[HKLM\Software\Telltale Games]

[HKLM\Software\Ubisoft]

[HKLM\Software\UrbanTerror]

[HKLM\Software\VST]

[HKLM\Software\VideoLAN]

[HKLM\Software\Voice]

[HKLM\Software\Volatile]

[HKLM\Software\WebSupergoo]

[HKLM\Software\Westwood]

[HKLM\Software\WildTangent]

[HKLM\Software\Wilson WindowWare]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Yahoo]

[HKLM\Software\dddd]

[HKLM\Software\ilivid]

[HKLM\Software\ioUrbanTerror]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

[HKLM\Software\pdfforge.org]

[HKLM\Software\pdfforge]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 05/07/2008 - 07:44:54 - [3,697] ----D- C:\Program Files\1964

O43 - CFD: 27/02/2011 - 19:46:14 - [123,085] ----D- C:\Program Files\Adobe

O43 - CFD: 25/11/2011 - 21:38:12 - [39,632] ----D- C:\Program Files\adslTV

O43 - CFD: 19/10/2011 - 07:10:26 - [0,992] ----D- C:\Program Files\Agence-Exclusive

O43 - CFD: 06/09/2008 - 14:13:52 - [19,187] ----D- C:\Program Files\AKVIS

O43 - CFD: 01/09/2010 - 19:49:34 - [172,391] ----D- C:\Program Files\Alwil Software

O43 - CFD: 16/02/2008 - 20:57:02 - [2,370] ----D- C:\Program Files\AOL

O43 - CFD: 03/03/2011 - 22:52:40 - [2,200] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 29/07/2008 - 07:27:02 - [0,328] ----D- C:\Program Files\ASIO4ALL v2

O43 - CFD: 19/07/2009 - 20:23:12 - [69,130] ----D- C:\Program Files\AuthoringTool

O43 - CFD: 14/11/2011 - 00:20:06 - [9,158] ----D- C:\Program Files\Balabolka

O43 - CFD: 20/09/2011 - 20:46:04 - [21,069] ----D- C:\Program Files\Bandoo

O43 - CFD: 24/10/2009 - 13:02:42 - [3,852] ----D- C:\Program Files\bayardKids

O43 - CFD: 18/06/2008 - 21:45:44 - [0,069] ----D- C:\Program Files\BBC Multimedia

O43 - CFD: 05/02/2009 - 22:11:50 - [7,947] ----D- C:\Program Files\Bombermaaan 1.3

O43 - CFD: 03/03/2011 - 22:49:38 - [0,588] ----D- C:\Program Files\Bonjour

O43 - CFD: 13/02/2010 - 18:07:16 - [0,009] ----D- C:\Program Files\BoontyGames

O43 - CFD: 31/08/2008 - 17:52:56 - [12,700] ----D- C:\Program Files\calpinage

O43 - CFD: 15/10/2011 - 10:58:14 - [3,981] ----D- C:\Program Files\CCleaner

O43 - CFD: 14/11/2011 - 00:51:00 - [789,827] ----D- C:\Program Files\Common Files

O43 - CFD: 10/08/2008 - 18:35:52 - [26,760] ----D- C:\Program Files\CounterPath

O43 - CFD: 05/03/2011 - 19:05:16 - [387,474] ----D- C:\Program Files\CyberLink

O43 - CFD: 13/02/2010 - 18:07:24 - [0,015] ----D- C:\Program Files\Democracy2 Demo

O43 - CFD: 27/02/2011 - 19:46:18 - [1,059] ----D- C:\Program Files\directGouv

O43 - CFD: 05/03/2011 - 17:46:32 - [0,138] ----D- C:\Program Files\DivX

O43 - CFD: 05/03/2011 - 17:46:32 - [3,605] ----D- C:\Program Files\DOSBox-0.72

O43 - CFD: 02/01/2007 - 01:57:16 - [4,299] ----D- C:\Program Files\DOSBox-0.74

O43 - CFD: 05/04/2009 - 14:21:12 - [1171,662] ----D- C:\Program Files\EA GAMES

O43 - CFD: 14/12/2007 - 02:02:54 - [49,120] ----D- C:\Program Files\EasyBits

O43 - CFD: 25/02/2008 - 20:34:28 - [43,438] ----D- C:\Program Files\EViews4

O43 - CFD: 05/03/2011 - 19:13:14 - [10,180] ----D- C:\Program Files\GameSpy Arcade

O43 - CFD: 05/03/2011 - 18:02:02 - [409,745] ----D- C:\Program Files\Google

O43 - CFD: 28/10/2009 - 22:57:52 - [142,657] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 15/07/2011 - 00:14:22 - [379,623] ----D- C:\Program Files\HP

O43 - CFD: 09/07/2010 - 08:40:04 - [1732,864] ----D- C:\Program Files\HP Games

O43 - CFD: 20/09/2011 - 20:45:44 - [39,643] ----D- C:\Program Files\iLivid

O43 - CFD: 05/03/2011 - 19:17:00 - [256,237] ----D- C:\Program Files\Image-Line

O43 - CFD: 17/09/2011 - 07:39:24 - [160,203] ----D- C:\Program Files\Inkscape

O43 - CFD: 14/11/2011 - 00:49:58 - [66,943] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 03/10/2009 - 14:35:30 - [11,048] ----D- C:\Program Files\InterActual

O43 - CFD: 15/10/2011 - 02:32:16 - [6,243] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 05/09/2011 - 22:23:22 - [388,675] ----D- C:\Program Files\Java

O43 - CFD: 27/04/2009 - 04:51:26 - [15,244] ----D- C:\Program Files\JRE

O43 - CFD: 05/03/2011 - 23:23:52 - [2,610] ----D- C:\Program Files\jv16 PowerTools

O43 - CFD: 17/02/2008 - 15:52:12 - [22,690] ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 19/07/2009 - 22:08:22 - [16,291] ----D- C:\Program Files\Magicbit

O43 - CFD: 16/09/2008 - 22:31:42 - [241,728] ----D- C:\Program Files\MAGIX

O43 - CFD: 15/11/2009 - 21:25:48 - [1326,849] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 18/02/2008 - 00:05:40 - [197,569] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/11/2011 - 00:50:02 - [2,569] ----D- C:\Program Files\Microsoft Reader

O43 - CFD: 15/10/2011 - 02:33:38 - [36,633] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 16/12/2010 - 08:45:12 - [137,975] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 26/06/2010 - 07:22:26 - [0,015] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 10/09/2011 - 21:13:14 - [138,022] ----D- C:\Program Files\monAlbumPhoto

O43 - CFD: 15/08/2010 - 10:21:22 - [94,740] ----D- C:\Program Files\Movie Maker

O43 - CFD: 16/12/2010 - 08:45:20 - [8,875] ----D- C:\Program Files\Movie Maker 2.6

O43 - CFD: 05/11/2010 - 18:53:02 - [33,514] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 28/07/2008 - 17:15:58 - [24,707] ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD: 28/07/2008 - 17:20:18 - [65,451] ----D- C:\Program Files\mozilla.org

O43 - CFD: 02/11/2006 - 13:37:36 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 13/12/2007 - 18:31:08 - [143,327] ----D- C:\Program Files\muvee Technologies

O43 - CFD: 15/10/2011 - 01:23:34 - [1589,963] ----D- C:\Program Files\Nero

O43 - CFD: 09/03/2008 - 13:22:06 - [66,639] ----D- C:\Program Files\NRJ

O43 - CFD: 27/04/2009 - 04:51:24 - [338,174] ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD: 05/07/2008 - 19:09:24 - [3,286] ----D- C:\Program Files\Outsim

O43 - CFD: 31/05/2011 - 09:00:20 - [131,994] ----D- C:\Program Files\PC-Doctor 5 for Windows

O43 - CFD: 17/10/2011 - 12:25:02 - [6,209] ----D- C:\Program Files\pctuto

O43 - CFD: 12/09/2009 - 20:28:00 - [20,621] ----D- C:\Program Files\PDFCreator

O43 - CFD: 12/09/2009 - 20:27:46 - [2,864] ----D- C:\Program Files\pdfforge Toolbar

O43 - CFD: 12/09/2009 - 20:36:42 - [32,135] ----D- C:\Program Files\PdfGrabber 5.0

O43 - CFD: 05/03/2011 - 17:52:38 - [98,149] ----D- C:\Program Files\POB 7

O43 - CFD: 05/03/2011 - 17:52:40 - [97,752] ----D- C:\Program Files\POB 8

O43 - CFD: 19/06/2011 - 14:49:42 - [370,406] ----D- C:\Program Files\Privateer

O43 - CFD: 16/09/2008 - 21:48:08 - [0,393] ----D- C:\Program Files\Pvm

O43 - CFD: 05/03/2011 - 17:29:30 - [79,477] ----D- C:\Program Files\QuickTime

O43 - CFD: 05/03/2011 - 17:52:40 - [1,657] ----D- C:\Program Files\Real

O43 - CFD: 13/12/2007 - 18:20:22 - [15,325] ----D- C:\Program Files\Realtek

O43 - CFD: 02/11/2006 - 13:37:36 - [36,902] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 30/06/2008 - 20:07:30 - [0,001] ----D- C:\Program Files\RM-X Player V5.2

O43 - CFD: 14/07/2008 - 14:46:20 - [384,527] ----D- C:\Program Files\Rockstar Games

O43 - CFD: 14/11/2011 - 00:28:48 - [17,220] ----D- C:\Program Files\ScanSoft

O43 - CFD: 13/12/2007 - 18:42:40 - [6,381] ----D- C:\Program Files\Services en ligne

O43 - CFD: 05/10/2008 - 18:54:08 - [18,224] ----D- C:\Program Files\Sierra

O43 - CFD: 17/07/2008 - 22:41:08 - [3,179] ----D- C:\Program Files\Sierra On-Line

O43 - CFD: 16/02/2008 - 22:14:38 - [76,046] ----D- C:\Program Files\STeem

O43 - CFD: 07/08/2008 - 11:34:34 - [258,950] ----D- C:\Program Files\Telltale Games

O43 - CFD: 05/03/2011 - 19:08:46 - [0,013] ----D- C:\Program Files\Tsunami-Filter-Pack

O43 - CFD: 27/12/2008 - 23:29:54 - [-192,238] ----D- C:\Program Files\Ubisoft

O43 - CFD: 02/01/2007 - 03:17:04 - [736,890] ----D- C:\Program Files\UrbanTerror

O43 - CFD: 17/02/2008 - 08:17:34 - [0,497] ----D- C:\Program Files\VideoLAN

O43 - CFD: 29/07/2008 - 07:29:22 - [74,526] ----D- C:\Program Files\VstPlugins

O43 - CFD: 05/11/2009 - 01:23:34 - [0,970] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 05/11/2009 - 01:23:32 - [2,610] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 05/11/2009 - 01:23:30 - [4,283] ----D- C:\Program Files\Windows Defender

O43 - CFD: 20/09/2011 - 20:45:24 - [8,470] ----D- C:\Program Files\Windows iLivid Toolbar

O43 - CFD: 05/11/2009 - 01:23:32 - [6,756] ----D- C:\Program Files\Windows Journal

O43 - CFD: 17/06/2008 - 20:41:56 - [31,181] ----D- C:\Program Files\Windows Live

O43 - CFD: 15/10/2011 - 02:32:14 - [8,694] ----D- C:\Program Files\Windows Mail

O43 - CFD: 09/03/2008 - 13:26:00 - [13,639] ----D- C:\Program Files\Windows Media Components

O43 - CFD: 05/03/2011 - 17:52:46 - [4,394] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 05/03/2011 - 17:52:46 - [7,589] ----D- C:\Program Files\Windows NT

O43 - CFD: 05/11/2009 - 01:23:32 - [12,902] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 17/11/2009 - 21:19:22 - [0,128] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 05/09/2011 - 22:09:14 - [6,366] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 14/06/2011 - 22:29:22 - [3,693] ----D- C:\Program Files\WinRAR

O43 - CFD: 13/11/2011 - 21:26:56 - [0] ----D- C:\Program Files\Yahoo!

O43 - CFD: 11/12/2011 - 23:31:26 - [9,122] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 13/09/2009 - 18:16:08 - [10,383] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 27/02/2011 - 19:46:12 - [29,398] ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD: 03/03/2011 - 22:49:48 - [71,485] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 12/09/2009 - 20:36:44 - [4,412] ----D- C:\Program Files\Common Files\BCL Technologies

O43 - CFD: 19/01/2009 - 10:17:48 - [0,066] ----D- C:\Program Files\Common Files\BOONTY Shared

O43 - CFD: 13/07/2008 - 18:18:22 - [0,698] ----D- C:\Program Files\Common Files\Designer

O43 - CFD: 17/06/2008 - 13:50:28 - [0,448] ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 13/12/2007 - 18:23:18 - [5,036] ----D- C:\Program Files\Common Files\HP

O43 - CFD: 13/12/2007 - 18:48:04 - [17,206] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 10/08/2008 - 18:35:56 - [0,398] ----D- C:\Program Files\Common Files\Intel

O43 - CFD: 05/09/2011 - 22:24:30 - [48,326] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 14/11/2011 - 00:51:00 - [2,282] ----D- C:\Program Files\Common Files\L&H

O43 - CFD: 14/10/2011 - 23:44:42 - [37,376] ---AD- C:\Program Files\Common Files\LightScribe

O43 - CFD: 13/12/2007 - 18:30:30 - [0,054] ---AD- C:\Program Files\Common Files\LS Getting Started

O43 - CFD: 14/11/2011 - 00:50:00 - [341,821] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 19/02/2008 - 21:49:48 - [15,217] ----D- C:\Program Files\Common Files\mozilla.org

O43 - CFD: 13/12/2007 - 18:31:08 - [70,131] ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD: 15/10/2011 - 01:17:54 - [54,977] ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 02/11/2006 - 12:18:34 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 02/11/2006 - 12:18:34 - [39,198] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 07/08/2008 - 07:15:36 - [0,514] ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 10/11/2011 - 19:49:18 - [20,388] ----D- C:\Program Files\Common Files\System

O43 - CFD: 05/03/2011 - 17:46:12 - [17,459] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 12/09/2009 - 20:36:58 - [2,553] ----D- C:\Program Files\Common Files\XPressUpdate

O43 - CFD: 13/09/2009 - 18:16:00 - [0,001] ----D- C:\ProgramData\Adobe

O43 - CFD: 10/09/2011 - 21:13:44 - [13,777] ----D- C:\ProgramData\albumphoto

O43 - CFD: 01/09/2010 - 19:49:34 - [38,106] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 07/02/2010 - 19:06:04 - [41,685] ----D- C:\ProgramData\Apple

O43 - CFD: 07/02/2010 - 19:08:36 - [26,907] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 22/03/2009 - 15:31:16 - [0,030] ----D- C:\ProgramData\Arcade Lab

O43 - CFD: 06/07/2008 - 09:44:20 - [0] ----D- C:\ProgramData\Avg7

O43 - CFD: 06/10/2011 - 20:39:28 - [0,026] ----D- C:\ProgramData\Bandoo

O43 - CFD: 19/01/2009 - 10:17:50 - [0,024] ----D- C:\ProgramData\BOONTY

O43 - CFD: 20/09/2011 - 20:44:48 - [0,000] ----D- C:\ProgramData\boost_interprocess

O43 - CFD: 16/02/2008 - 20:53:18 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 17/03/2008 - 23:38:30 - [0,009] ----D- C:\ProgramData\CyberLink

O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 28/02/2009 - 14:13:08 - [0,025] ----D- C:\ProgramData\FarmFrenzy-PizzaParty

O43 - CFD: 16/02/2008 - 20:53:18 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 29/03/2009 - 18:49:26 - [0,002] ----D- C:\ProgramData\Fitn17

O43 - CFD: 11/04/2009 - 13:54:36 - [0] ----D- C:\ProgramData\Flood Light Games

O43 - CFD: 21/05/2009 - 06:19:12 - [29,446] ----D- C:\ProgramData\Fugazo

O43 - CFD: 01/08/2009 - 08:46:26 - [0,009] ----D- C:\ProgramData\GameHouse

O43 - CFD: 17/04/2009 - 20:40:50 - [11,412] ----D- C:\ProgramData\GoBit Games

O43 - CFD: 24/03/2009 - 20:54:50 - [4,062] ----D- C:\ProgramData\Gogii

O43 - CFD: 12/11/2009 - 22:42:10 - [0] ----D- C:\ProgramData\Google

O43 - CFD: 17/06/2008 - 13:57:10 - [5,547] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 30/03/2009 - 21:37:54 - [0,201] ----D- C:\ProgramData\HipSoft

O43 - CFD: 18/11/2009 - 22:11:52 - [19,867] ----D- C:\ProgramData\HP

O43 - CFD: 18/11/2009 - 20:56:50 - [0,009] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 20/03/2009 - 22:06:40 - [0] ----D- C:\ProgramData\iWin

O43 - CFD: 15/10/2011 - 01:24:16 - [0,000] ----D- C:\ProgramData\LightScribe

O43 - CFD: 22/10/2009 - 08:20:04 - [0] ----D- C:\ProgramData\Ludia

O43 - CFD: 16/09/2008 - 22:31:44 - [43,891] ----D- C:\ProgramData\MAGIX

O43 - CFD: 13/01/2010 - 08:04:54 - [0,027] ----D- C:\ProgramData\McAfee

O43 - CFD: 16/02/2008 - 20:53:18 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 04/06/2010 - 07:40:50 - [1053,071] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 16/02/2008 - 20:53:18 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 16/03/2008 - 22:33:40 - [0] ----D- C:\ProgramData\MSN Search Toolbar

O43 - CFD: 13/12/2007 - 18:31:04 - [0] ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 15/10/2011 - 01:23:34 - [2,387] ----D- C:\ProgramData\Nero

O43 - CFD: 01/11/2011 - 09:41:16 - [0,122] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 20/06/2009 - 15:14:12 - [0,046] ----D- C:\ProgramData\Oberon Games

O43 - CFD: 13/12/2007 - 18:36:38 - [0,001] ----D- C:\ProgramData\PC-Doctor

O43 - CFD: 12/09/2009 - 20:36:58 - [0,018] ----D- C:\ProgramData\PixelPlanet

O43 - CFD: 25/07/2009 - 20:54:04 - [0] ----D- C:\ProgramData\PlayFirst

O43 - CFD: 27/12/2008 - 16:58:32 - [0,009] ----D- C:\ProgramData\QuickTime

O43 - CFD: 21/02/2010 - 17:10:36 - [0,001] ----D- C:\ProgramData\Real

O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 03/04/2010 - 22:01:58 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 06/08/2008 - 22:58:08 - [0,143] ----D- C:\ProgramData\Symantec

O43 - CFD: 17/12/2008 - 15:51:56 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 02/11/2006 - 14:02:06 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 16/04/2010 - 08:43:26 - [0] ----D- C:\ProgramData\UClick

O43 - CFD: 09/04/2009 - 20:26:20 - [0] ----D- C:\ProgramData\Valusoft

O43 - CFD: 12/07/2009 - 23:41:38 - [0,146] ----D- C:\ProgramData\VirtualFarm

O43 - CFD: 17/06/2008 - 19:36:24 - [0,000] ----D- C:\ProgramData\WEBREG

O43 - CFD: 27/05/2009 - 19:57:12 - [30,761] ----D- C:\ProgramData\Wild Tangent

O43 - CFD: 09/07/2010 - 09:44:32 - [584,848] ----D- C:\ProgramData\WildTangent

O43 - CFD: 14/07/2010 - 08:16:06 - [0] ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 29/06/2008 - 15:12:20 - [0,732] ----D- C:\ProgramData\WLInstaller

O43 - CFD: 11/12/2011 - 22:43:54 - [0] ----D- C:\ProgramData\Yahoo!

O43 - CFD: 20/09/2011 - 20:45:48 - [5,939] --H-D- C:\ProgramData\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}

O43 - CFD: 16/05/2009 - 11:34:12 - [26,797] ----D- C:\Users\sanscode\AppData\Roaming\Adobe

O43 - CFD: 17/10/2011 - 12:24:26 - [1,383] ----D- C:\Users\sanscode\AppData\Roaming\Agence-Exclusive

O43 - CFD: 19/01/2009 - 12:10:14 - [0,000] ----D- C:\Users\sanscode\AppData\Roaming\Ancient Quest of Saqqarah_boonty

O43 - CFD: 14/09/2011 - 13:50:42 - [0,001] ----D- C:\Users\sanscode\AppData\Roaming\Apple Computer

O43 - CFD: 14/11/2011 - 00:20:06 - [0,010] ----D- C:\Users\sanscode\AppData\Roaming\Balabolka

O43 - CFD: 21/09/2011 - 07:30:04 - [0] ----D- C:\Users\sanscode\AppData\Roaming\Bandoo

O43 - CFD: 16/05/2009 - 11:38:26 - [23,981] ----D- C:\Users\sanscode\AppData\Roaming\bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1

O43 - CFD: 06/02/2009 - 00:55:26 - [0,003] ----D- C:\Users\sanscode\AppData\Roaming\Bombermaaan

O43 - CFD: 03/04/2009 - 20:41:10 - [0,006] ----D- C:\Users\sanscode\AppData\Roaming\Boolat Games

O43 - CFD: 27/05/2009 - 17:51:42 - [0,000] ----D- C:\Users\sanscode\AppData\Roaming\CyberLink

O43 - CFD: 07/05/2009 - 19:02:26 - [0,000] ----D- C:\Users\sanscode\AppData\Roaming\Deckadance

O43 - CFD: 27/02/2011 - 19:46:22 - [3,558] ----D- C:\Users\sanscode\AppData\Roaming\directGouv

O43 - CFD: 03/10/2009 - 08:14:08 - [0] ----D- C:\Users\sanscode\AppData\Roaming\DMCache

O43 - CFD: 18/10/2011 - 22:31:34 - [0,015] ----D- C:\Users\sanscode\AppData\Roaming\dvdcss

O43 - CFD: 19/01/2009 - 13:30:22 - [0,008] ----D- C:\Users\sanscode\AppData\Roaming\FarmerJane

O43 - CFD: 11/04/2009 - 13:54:36 - [0,075] ----D- C:\Users\sanscode\AppData\Roaming\Flood Light Games

O43 - CFD: 09/12/2009 - 21:03:04 - [6,537] ----D- C:\Users\sanscode\AppData\Roaming\Fuzzy Games

O43 - CFD: 20/03/2009 - 23:06:38 - [0,046] ----D- C:\Users\sanscode\AppData\Roaming\Gaijin Ent

O43 - CFD: 22/10/2009 - 07:32:36 - [0,003] ----D- C:\Users\sanscode\AppData\Roaming\Gamelab

O43 - CFD: 02/03/2009 - 13:34:08 - [0,003] ----D- C:\Users\sanscode\AppData\Roaming\GHISLER

O43 - CFD: 04/06/2009 - 20:05:00 - [0,007] ----D- C:\Users\sanscode\AppData\Roaming\GOL_byHasbro

O43 - CFD: 29/07/2008 - 06:44:36 - [0,031] ----D- C:\Users\sanscode\AppData\Roaming\Google

O43 - CFD: 13/04/2008 - 09:50:48 - [0,318] ----D- C:\Users\sanscode\AppData\Roaming\Hewlett-Packard

O43 - CFD: 02/09/2008 - 21:06:24 - [0,260] ----D- C:\Users\sanscode\AppData\Roaming\HP

O43 - CFD: 17/01/2010 - 20:46:16 - [0] ----D- C:\Users\sanscode\AppData\Roaming\HPAppData

O43 - CFD: 13/04/2008 - 09:49:16 - [0] ----D- C:\Users\sanscode\AppData\Roaming\Identities

O43 - CFD: 17/09/2011 - 07:51:28 - [0,025] ----D- C:\Users\sanscode\AppData\Roaming\inkscape

O43 - CFD: 20/03/2009 - 22:06:40 - [0,009] ----D- C:\Users\sanscode\AppData\Roaming\iWin

O43 - CFD: 26/05/2008 - 21:33:10 - [31,290] ----D- C:\Users\sanscode\AppData\Roaming\La Bataille pour la Terre du Milieu

O43 - CFD: 22/10/2009 - 08:20:04 - [0,007] ----D- C:\Users\sanscode\AppData\Roaming\Ludia

O43 - CFD: 09/04/2009 - 18:53:12 - [0,083] ----D- C:\Users\sanscode\AppData\Roaming\Macromedia

O43 - CFD: 03/04/2009 - 21:14:32 - [0,007] ----D- C:\Users\sanscode\AppData\Roaming\Magic Academy

O43 - CFD: 02/11/2006 - 13:37:36 - [0] ----D- C:\Users\sanscode\AppData\Roaming\Media Center Programs

O43 - CFD: 29/07/2008 - 08:13:30 - [0,000] ----D- C:\Users\sanscode\AppData\Roaming\Media Player Classic

O43 - CFD: 22/03/2010 - 11:53:42 - [8,016] -S--D- C:\Users\sanscode\AppData\Roaming\Microsoft

O43 - CFD: 23/11/2011 - 23:12:40 - [29,181] ----D- C:\Users\sanscode\AppData\Roaming\Mozilla

O43 - CFD: 03/03/2009 - 22:28:02 - [0,003] ----D- C:\Users\sanscode\AppData\Roaming\My Games

O43 - CFD: 21/05/2009 - 17:00:32 - [0,003] ----D- C:\Users\sanscode\AppData\Roaming\MysteryStudio

O43 - CFD: 15/10/2011 - 01:24:08 - [0,047] ----D- C:\Users\sanscode\AppData\Roaming\Nero

O43 - CFD: 20/06/2009 - 15:14:12 - [0,020] ----D- C:\Users\sanscode\AppData\Roaming\Oberon Games

O43 - CFD: 29/10/2008 - 00:39:32 - [0,354] ----D- C:\Users\sanscode\AppData\Roaming\ooVoo Details

O43 - CFD: 29/04/2009 - 21:16:58 - [2,562] ----D- C:\Users\sanscode\AppData\Roaming\OpenOffice.org

O43 - CFD: 26/04/2009 - 16:26:04 - [2,478] ----D- C:\Users\sanscode\AppData\Roaming\OpenOffice.org2

O43 - CFD: 29/05/2009 - 13:44:06 - [0,194] ----D- C:\Users\sanscode\AppData\Roaming\PetShowCraze

O43 - CFD: 12/09/2009 - 20:36:32 - [0,002] ----D- C:\Users\sanscode\AppData\Roaming\PixelPlanet

O43 - CFD: 25/07/2009 - 20:54:04 - [0,475] ----D- C:\Users\sanscode\AppData\Roaming\PlayFirst

O43 - CFD: 07/01/2009 - 21:46:30 - [0,087] ----D- C:\Users\sanscode\AppData\Roaming\RapidTyping

O43 - CFD: 21/02/2010 - 17:04:38 - [17,225] ----D- C:\Users\sanscode\AppData\Roaming\Real

O43 - CFD: 10/01/2009 - 00:01:40 - [0,003] ----D- C:\Users\sanscode\AppData\Roaming\Red Alert 3 Demo

O43 - CFD: 29/05/2009 - 11:42:30 - [0,045] ----D- C:\Users\sanscode\AppData\Roaming\Shape games

O43 - CFD: 13/04/2008 - 09:50:00 - [0] ----D- C:\Users\sanscode\AppData\Roaming\Symantec

O43 - CFD: 01/11/2008 - 06:00:58 - [0,357] ----D- C:\Users\sanscode\AppData\Roaming\Thunderbird

O43 - CFD: 16/04/2010 - 08:43:26 - [0,101] ----D- C:\Users\sanscode\AppData\Roaming\UClick

O43 - CFD: 09/04/2009 - 20:26:20 - [0,002] ----D- C:\Users\sanscode\AppData\Roaming\Valusoft

O43 - CFD: 03/11/2011 - 21:00:06 - [0,655] ----D- C:\Users\sanscode\AppData\Roaming\vlc

O43 - CFD: 30/03/2009 - 19:46:24 - [0,000] ----D- C:\Users\sanscode\AppData\Roaming\Wild Tangent

O43 - CFD: 16/05/2008 - 22:49:20 - [0,001] ----D- C:\Users\sanscode\AppData\Roaming\WildTangent

O43 - CFD: 02/09/2008 - 19:42:50 - [0] ----D- C:\Users\sanscode\AppData\Roaming\WinBatch

O43 - CFD: 11/06/2011 - 22:20:08 - [0,000] ----D- C:\Users\sanscode\AppData\Roaming\WinRAR

O43 - CFD: 02/01/2007 - 17:42:52 - [0,001] ----D- C:\Users\sanscode\AppData\Roaming\Winsome Technologies

O43 - CFD: 01/03/2009 - 15:23:10 - [0,007] ----D- C:\Users\sanscode\AppData\Roaming\World-LooM

O43 - CFD: 05/07/2010 - 18:18:42 - [0] ----D- C:\Users\sanscode\AppData\Roaming\Yahoo!

O43 - CFD: 27/02/2011 - 19:44:04 - [40,260] ----D- C:\Users\sanscode\AppData\Local\Adobe

O43 - CFD: 25/11/2011 - 21:39:04 - [17,772] ----D- C:\Users\sanscode\AppData\Local\adslTV

O43 - CFD: 17/10/2011 - 11:34:58 - [0,601] ----D- C:\Users\sanscode\AppData\Local\Agence-Exclusive

O43 - CFD: 26/07/2008 - 09:07:28 - [0,011] ----D- C:\Users\sanscode\AppData\Local\AOL

O43 - CFD: 07/02/2010 - 19:06:06 - [39,275] ----D- C:\Users\sanscode\AppData\Local\Apple

O43 - CFD: 13/04/2008 - 09:48:06 - [0] -SH-D- C:\Users\sanscode\AppData\Local\Application Data

O43 - CFD: 02/01/2007 - 17:44:32 - [0,010] ----D- C:\Users\sanscode\AppData\Local\DOSBox

O43 - CFD: 12/09/2009 - 20:35:58 - [18,497] ----D- C:\Users\sanscode\AppData\Local\Downloaded Installations

O43 - CFD: 20/11/2011 - 14:06:20 - [0,122] ----D- C:\Users\sanscode\AppData\Local\DVDPlay

O43 - CFD: 02/03/2009 - 13:35:44 - [0] ----D- C:\Users\sanscode\AppData\Local\GHISLER

O43 - CFD: 23/11/2011 - 23:16:14 - [555,836] ----D- C:\Users\sanscode\AppData\Local\Google

O43 - CFD: 13/04/2008 - 09:50:40 - [0,005] ----D- C:\Users\sanscode\AppData\Local\Hewlett-Packard

O43 - CFD: 13/04/2008 - 09:48:06 - [0] -SH-D- C:\Users\sanscode\AppData\Local\Historique

O43 - CFD: 02/09/2008 - 21:06:22 - [0,356] ----D- C:\Users\sanscode\AppData\Local\HP

O43 - CFD: 03/01/2009 - 22:18:54 - [0,003] ----D- C:\Users\sanscode\AppData\Local\HP Guide

O43 - CFD: 06/05/2011 - 18:13:00 - [697,177] ----D- C:\Users\sanscode\AppData\Local\Microsoft

O43 - CFD: 16/03/2009 - 20:05:36 - [1,821] ----D- C:\Users\sanscode\AppData\Local\Microsoft Games

O43 - CFD: 17/08/2008 - 08:11:54 - [0,260] ----D- C:\Users\sanscode\AppData\Local\MigWiz

O43 - CFD: 28/07/2008 - 21:14:50 - [43,475] ----D- C:\Users\sanscode\AppData\Local\Mozilla

O43 - CFD: 16/06/2009 - 20:06:00 - [12,844] ----D- C:\Users\sanscode\AppData\Local\Oberon Games

O43 - CFD: 11/12/2011 - 23:17:48 - [-1654,111] ----D- C:\Users\sanscode\AppData\Local\Temp

O43 - CFD: 13/04/2008 - 09:48:06 - [0] -SH-D- C:\Users\sanscode\AppData\Local\Temporary Internet Files

O43 - CFD: 01/11/2008 - 06:04:30 - [2,174] ----D- C:\Users\sanscode\AppData\Local\Thunderbird

O43 - CFD: 28/12/2008 - 13:34:06 - [16,814] ----D- C:\Users\sanscode\AppData\Local\VirtualStore

O43 - CFD: 07/03/2010 - 13:04:08 - [0] ----D- C:\Users\sanscode\AppData\Local\WMTools Downloaded Files

O43 - CFD: 12/06/2011 - 14:32:18 - [0] ----D- C:\Users\sanscode\AppData\Local\Yahoo

~ Scan Program Folder in 00mn 10s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.7E1778CEE98323444605CE28FC7DBA22] - 11/12/2011 - 23:30:42 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.85E8DBCF191FF8F4F3D7D44E1CEA0EF9] - 11/12/2011 - 23:09:26 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1202159]

O44 - LFC:[MD5.2918BFADC34E25B0F4C9128CE10444F2] - 11/12/2011 - 22:21:42 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.E9735F28FD6EE30365277C8476C7DBD9] - 10/12/2011 - 11:05:18 ---A- . (...) -- C:\Windows\MEMORY.DMP [389471132]

O44 - LFC:[MD5.818B05C416DDBF4F91CFF983AF81BDD9] - 10/12/2011 - 10:37:11 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1495948]

O44 - LFC:[MD5.96F15C6723D9225EE90B599316563216] - 10/12/2011 - 10:37:11 ---A- . (...) -- C:\Windows\system32\perfc009.dat [103872]

O44 - LFC:[MD5.69B1BED13BEBC20EBCCC291BB4980E20] - 10/12/2011 - 10:37:11 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [126420]

O44 - LFC:[MD5.238699D1F1BD4F8107A3C6B963F2E77A] - 10/12/2011 - 10:37:11 ---A- . (...) -- C:\Windows\system32\perfh009.dat [595798]

O44 - LFC:[MD5.CE9D3519D89EFA0A6CB1B4157F557CA2] - 10/12/2011 - 10:37:11 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [678804]

O44 - LFC:[MD5.03B68DEBB076B7A3CE6DCE698BF7183F] - 20/11/2011 - 14:19:52 ---A- . (...) -- C:\Windows\setupact.log [4933]

O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 20/11/2011 - 14:15:45 ---A- . (...) -- C:\Windows\system32\config.nt [2577]

O44 - LFC:[MD5.8633AFCD270183B6916B1F65C069A3FF] - 14/11/2011 - 10:03:01 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [366248]

~ Scan Files in 00mn 07s

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll

~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{55617bda-9987-11db-8ba9-806e6f6e6963}\AutoRun\command. (...) -- F:\Shelexec.exe (.not file.)

O51 - MPSK:{ce7b88f2-fb3b-11dc-8832-001644846417}\AutoRun\command. (...) -- G:\start.exe (.not file.)

~ Scan Keys in 00mn 00s

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm

O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw.dll" . (...) -- C:\Windows\system32\x264vfw.dll

O52 - TDSD: \Drivers32\"VIDC.3iv2"="3ivxVfWCodec.dll" . (.3ivx.com - 3ivx D4 4.5.1 Pro Video for Windows Codec.) -- C:\Windows\system32\3ivxVfWCodec.dll

O52 - TDSD: \Drivers32\"VIDC.FFDS"="C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/author s /VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\system32\vorbis.acm

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.divxa32"="DivXa32.acm" . (.Hacked With Joy ! - DivX;-) Audio Codec.) -- C:\Windows\system32\DivXa32.acm

O52 - TDSD: \Drivers32\"msacm.l3acm"="L3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\system32\L3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.YV12"="divx.dll" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"x264vfw.dll"="x264 H.264 Video Codec" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"3ivxVfWCodec.dll"="3ivx D4 4.5.1 Pro" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/author s /VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\system32\vorbis.acm

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC3 ACM Decompressor" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"DivXa32.acm"="DivX ;-) Audio Codec" . (.Hacked With Joy ! - DivX;-) Audio Codec.) -- C:\Windows\system32\DivXa32.acm

O52 - TDSD: \drivers.desc\"L3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec (Pro)" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\system32\L3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax"="ffdshow Video Codec" . (...) -- (.not file.)

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\HPADVISOR [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]

O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]

O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]

O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]

O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952]

O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]

O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]

O58 - SDL:[MD5.B979979AB8027F7F53FB16EC4229B7DB] - 17/02/2008 - 12:06:00 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\system32\drivers\ASPI32.SYS [25244]

O58 - SDL:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 01/09/2010 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568]

O58 - SDL:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 01/09/2010 - 21:36:26 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616]

O58 - SDL:[MD5.36239E24470A3DD81FAE37510953CC6C] - 01/09/2010 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392]

O58 - SDL:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 05/09/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200]

O58 - SDL:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 01/09/2010 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856]

O58 - SDL:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 01/09/2010 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]

O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]

O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]

O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]

O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]

O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]

O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.E240F3204E86B7B6CCF266B2A2AD32B4] - 14/10/2011 - 12:39:10 ---A- . (.Nero AG - Nero Backup Volume Filter Driver for the Disk Stack.) -- C:\Windows\system32\drivers\NBVol.sys [56496]

O58 - SDL:[MD5.C0CF3CCCCE3C75F7280C89029AB47866] - 14/10/2011 - 12:39:10 ---A- . (.Nero AG - Nero Backup Volume Upper Filter Driver for the Disk Stack.) -- C:\Windows\system32\drivers\NBVolUp.sys [12464]

O58 - SDL:[MD5.271AC1312EF1DDE187793183ABBFA8D0] - 26/02/2008 - 08:17:30 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr73.sys [493568]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.351265910A8EF5FC6CC4535A00054049] - 16/09/2008 - 18:57:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 169.) -- C:\Windows\system32\drivers\nvlddmkm.sys [8237120]

O58 - SDL:[MD5.B896FB556B4DC1E1D2943559EA79C5C5] - 14/12/2007 - 21:17:40 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmfdx32.sys [1035168]

O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]

O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]

O58 - SDL:[MD5.63B7838E9C272BAAA7B33A0CA4EBB748] - 13/12/2007 - 12:51:22 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [110624]

O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 13/12/2007 - 18:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072]

O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.EDC37B918E583A5A813C53D4F5588255] - 16/09/2008 - 18:19:04 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2047576]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]

O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]

O58 - SDL:[MD5.7B6FBB4C38F215D82DC5E254DB7D2B29] - 19/07/2009 - 11:03:46 ---A- . (.Your Corporation - Description string for Test_snow_bird driver.) -- C:\Windows\system32\drivers\SnowBird_usb.sys [75717]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512]

O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]

O58 - SDL:[MD5.4D89E3A5FDBEF0F749C1BC94DD1522AB] - 17/02/2008 - 15:54:27 RSHA- . (...) -- C:\Windows\system32\28E3D6A4D2.sys [56]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.E8DDD2E9D723559E7A872D975BDC1111] - 17/02/2008 - 15:54:27 -SHA- . (...) -- C:\Windows\system32\KGyGaAvL.sys [1890]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 22s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - 06/09/2011 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI

O64 - Services: CurCS - 13/07/2011 - C:\Windows\system32\DRIVERS\NBVol.sys (NBVol) .(.Nero AG - Nero Backup Volume Filter Driver for the Di.) - LEGACY_NBVOL

O64 - Services: CurCS - 13/07/2011 - C:\Windows\system32\DRIVERS\NBVolUp.sys (NBVolUp) .(.Nero AG - Nero Backup Volume Upper Filter Driver for.) - LEGACY_NBVOLUP

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 18/12/2007 - C:\Program Files\HP\DVDPlay\000.fcl ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) .(.Cyberlink Corp. - FCL Driver.) - LEGACY_{22D78859-9CE9-4B77-BF18-AC83E81A9263}

~ Scan Services in 00mn 19s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <Mozilla.exe> <Mozilla>[HKLM\..\Shell\open\Command] (.Mozilla Foundation - Mozilla.) -- C:\Program Files\mozilla.org\Mozilla\Mozilla.exe

O68 - StartMenuInternet: <SeaMonkey.exe> <SeaMonkey>[HKLM\..\Shell\open\Command] (.mozilla.org - SeaMonkey.) -- C:\Program Files\mozilla.org\SeaMonkey\SeaMonkey.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe

O68 - StartMenuInternet: <Mozilla.exe> <Mozilla>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\mozilla.org\Mozilla\uninstall\MozillaUninstall.exe

O68 - StartMenuInternet: <SeaMonkey.exe> <SeaMonkey>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\mozilla.org\SeaMonkey\uninstall\SeaMonkeyUninstall.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe

O68 - StartMenuInternet: <Mozilla.exe> <Mozilla>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Foundation - Mozilla.) -- C:\Program Files\mozilla.org\Mozilla\Mozilla.exe

O68 - StartMenuInternet: <SeaMonkey.exe> <SeaMonkey>[HKLM\..\InstallInfo\ReinstallCommand] (.mozilla.org - SeaMonkey.) -- C:\Program Files\mozilla.org\SeaMonkey\SeaMonkey.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe

O68 - StartMenuInternet: <Mozilla.exe> <Mozilla>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\mozilla.org\Mozilla\uninstall\MozillaUninstall.exe

O68 - StartMenuInternet: <SeaMonkey.exe> <SeaMonkey>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\mozilla.org\SeaMonkey\uninstall\SeaMonkeyUninstall.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {8793BD90-E48A-4D03-ABCE-9C73A81274C6} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {8AA51E48-2C91-4A0F-B1A0-6BCDF4CCAFC3} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France

O69 - SBI: SearchScopes [HKCU] {D711E1EC-B35A-48A8-85D2-8CD2F432F409} - (AOL Recherche) - http://s lir s redirect.s earch.aol.com

~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247808]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [125952]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [601600]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]

~ Scan Services in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.EEDF3738B6C3D32C31E1B120A8948044] [sPRF][24/11/2011] (...) -- C:\Users\sanscode\AppData\Local\d3d9caps.dat [680]

[MD5.83E884D7E409A65A0C8BD8601A44D64F] [sPRF][15/10/2011] (.pctuto - Tuto Ccleaner Setup.) -- C:\Users\sanscode\AppData\Local\Temp\ins6AE3.tmp.exe [3223480]

[MD5.A8D666FCE8EFD0788FA0DF14FB3491B4] [sPRF][10/02/2011] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\sanscode\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe [885536]

[MD5.D94E2558C359BDCBF3DA965D6D3F003B] [sPRF][04/08/2011] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\sanscode\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe [911136]

[MD5.B2C46C7064C867F4722A0F51CF18FB62] [sPRF][07/07/2011] (.McAfee, Inc. - McAfee Security Scan Plus Installer.) -- C:\Users\sanscode\AppData\Local\Temp\SecurityScan_Release.exe [3598224]

[MD5.62077A3DF75802D7388D001AD76306CE] [sPRF][06/09/2008] (.Pas de propriétaire - Coloriage.) -- C:\Users\sanscode\Desktop\akvis-coloriage-setup.exe [15926200]

[MD5.CA71848A8C8F9CA178D9A3A756903977] [sPRF][03/01/2009] (.Emjysoft - Anti-Spam 2009 Setup.) -- C:\Users\sanscode\Desktop\Antispam.exe [9581647]

[MD5.74D4BDB2F42773DFD7080F66BB3B8C5D] [sPRF][29/11/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Users\sanscode\Desktop\install_flash_player.exe [1851544]

[MD5.09CC2EA1A398838E1402D7778C963073] [sPRF][14/11/2011] (.Microsoft Corporation - Auto-extracteur de fichiers .Cab Win32.) -- C:\Users\sanscode\Desktop\lhttsfrf.exe [2354376]

[MD5.74E82D63FA7B1C72C3417E1300B7AFB4] [sPRF][14/10/2011] (.Nero AG - Pas de description.) -- C:\Users\sanscode\Desktop\nero-10_nero_11.0.10700_francais_45172.exe [384512408]

[MD5.9BF10785E977207D53BFA8B3158D17B4] [sPRF][26/04/2009] (...) -- C:\Users\sanscode\Desktop\OOo_3.0.1_Win32Intel_install_wJRE_fr.exe [143875176]

[MD5.83BEB5035768472F560A27460D122347] [sPRF][06/09/2009] (...) -- C:\Users\sanscode\Desktop\OOo_3.1.1_Win32Intel_install_wJRE_fr.exe [152012024]

[MD5.A2E496C99936505698BE3111485CF7A1] [sPRF][05/09/2009] (.Amic Utilities, Inc - PDF Writer Pro Setup.) -- C:\Users\sanscode\Desktop\PDFWriterProSetup.exe [8375421]

[MD5.549862DF42F109639B9BED6AD903C1F1] [sPRF][03/01/2009] (.Karlis Blumentals - Rapid CSS 2008 Setup.) -- C:\Users\sanscode\Desktop\rapidcss9.exe [4532912]

[MD5.1F993B569B1B0DCFFB603EA7F2B5FFFB] [sPRF][14/11/2011] (.Installshield Software Corporation - Setup Launcher.) -- C:\Users\sanscode\Desktop\ReaderTTSInstallFRA.exe [5661600]

[MD5.01572C7F8C6AAD32237F450F6C3522A4] [sPRF][21/02/2010] (.RealNetworks, Inc. - RealNetworks Installer.) -- C:\Users\sanscode\Desktop\RealPlayerSPGold_fr.exe [822296]

[MD5.D7AE32250F86AED483B8C4C430F9359A] [sPRF][05/09/2009] (...) -- C:\Users\sanscode\Desktop\seamonkey-1.1.18.en-US.win32.installer.exe [13266944]

[MD5.DF9142A49601601B0938DD30535D3C39] [sPRF][05/07/2010] (.Pas de propriétaire - adsl TV.) -- C:\Users\sanscode\Desktop\setup-adsltv.exe [31619387]

[MD5.B6D81E0DAE4A729A96DCA5AC4C300BE4] [sPRF][13/07/2008] (.Leroy Merlin - Cuisine Astuce Setup.) -- C:\Users\sanscode\Desktop\setupWeb.exe [28732074]

[MD5.7E8BF05CD8CE5D55B54B9C8DB7F33223] [sPRF][01/11/2011] (.Hewlett-Packard Development Company, L.P. - NVIDIA Unified Graphics Driver Update.) -- C:\Users\sanscode\Desktop\sp37331.exe [61114032]

[MD5.DC38B1B71CB7FF8F4241333B9EC84F03] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfbmp13n.dll [57344]

[MD5.6CBA9ECE3186ADEAE144A79E3AC769FE] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfcmp13n.dll [401408]

[MD5.BDD316D6479220B8FA2A911262898640] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfeps13n.dll [65536]

[MD5.8B83DC9053B8164731B15AF455CBD9A9] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lffax13n.dll [98304]

[MD5.A63B94BB949D5E836F144A0A754E5451] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfgif13n.dll [69632]

[MD5.1E1FDE2FF4B0197EF8A36259244CF142] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcd13n.dll [49152]

[MD5.9D9CA493D0864DF83D282E2393FE5825] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcx13n.dll [53248]

[MD5.AD6D6FAC370748775FB9FB33A398BFF9] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpng13n.dll [159744]

[MD5.4A3A0CE4ED63580116A7354E06B42CDF] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpsd13n.dll [55808]

[MD5.BBBE68D622945FF8BC9CE847975B2389] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftga13n.dll [53248]

[MD5.333F810C00745C05EDF17D6580A4601E] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftif13n.dll [155648]

[MD5.9788C72C2EC7011E6CC40CFDD5CE2251] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltclr13n.dll [1693696]

[MD5.55D16BEB62D0B6C54CE315F7063FA7A1] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltdis13n.dll [299008]

[MD5.F56BA445D7D36EB4DDBFE4477BAD594D] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltefx13n.dll [206336]

[MD5.BF1727ED495670881E18E346D162CA3D] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltfil13n.dll [163840]

[MD5.209B65395E75CD957E14B8EC3C742A7B] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltimg13n.dll [450560]

[MD5.CEFC7E62D25BDC3A4501062718D0A65F] [sPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS® DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltkrn13n.dll [462848]

[MD5.A0F541D9D2CACEEC7A4A378CD0C31626] [sPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [543544]

[MD5.03F57E8A00774D831926DAC89B21BB2D] [sPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\PURen-us.dll [117088]

~ Scan Files in 00mn 14s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{F20E211A-73E3-4421-AB65-57B53F21A5E4}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu\game.dat

O87 - FAEL: "{D661E1DA-2239-466D-8C44-59A4BBE870AC}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu\game.dat

O87 - FAEL: "{6117A608-E4E0-408C-956B-14D2E91F2D72}" |In - Public - P6 - FALSE | .(...) -- E:\setup\HPZNUI01.exe (.not file.)

O87 - FAEL: "{3F129409-7223-4965-8DF2-0A7927F920FA}" |In - Public - P17 - FALSE | .(...) -- E:\setup\HPZNUI01.exe (.not file.)

O87 - FAEL: "TCP Query User{12C896D3-D49D-4434-AADF-C3BAFC926025}C:\program files\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O87 - FAEL: "UDP Query User{C2EC82A1-6AEC-4C17-B7BF-A94B80851F28}C:\program files\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O87 - FAEL: "TCP Query User{272CA847-6611-4110-86D2-5BA58C7AA782}C:\users\public\documents\philippe\12_divertissement\jeux_emulation\puissance.exe" | In - Public - P6 - TRUE | .(...) -- C:\Users\Public\Documents\Philippe\12_Divertissement\JEUX_EMULATION\

O87 - FAEL: "UDP Query User{F0D8D36C-D000-4F81-9842-41F78E9735E7}C:\users\public\documents\philippe\12_divertissement\jeux_emulation\puissance.exe" | In - Public - P17 - TRUE | .(...) -- C:\Users\Public\Documents\Philippe\12_Divertissement\JEUX_EMULATION

O87 - FAEL: "{F4C96CD4-6ABC-4B8E-AFCF-AF0EF10E8637}" | In - None - P17 - TRUE | .(.CyberLink Corp. - HP DVDPlay.) -- C:\Program Files\HP\DVDPlay\DVDPlay.exe

O87 - FAEL: "{9EAA5948-B727-4BBE-8614-6D61E1BEB67C}" | In - None - P17 - TRUE | .(.CyberLink Corp. - HP DVDPlay Resident Program.) -- C:\Program Files\HP\DVDPlay\DPService.exe

O87 - FAEL: "{0BC88805-A599-48A1-AEF9-E53057613268}" | In - Public - P6 - TRUE | .(.Ubisoft - Prince of Persia.) -- C:\Program Files\Ubisoft\Prince of Persia\Prince of Persia.exe

O87 - FAEL: "{E73AE9A5-428C-499B-B61D-7638B4D27B75}" | In - Public - P17 - TRUE | .(.Ubisoft - Prince of Persia.) -- C:\Program Files\Ubisoft\Prince of Persia\Prince of Persia.exe

O87 - FAEL: "{7D99E4F0-CAFA-4020-BA34-5141D286D754}" | In - Public - P6 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe

O87 - FAEL: "{03D8B048-61D6-43B6-B45C-F82041DD42F8}" | In - Public - P17 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe

O87 - FAEL: "TCP Query User{7288FAB3-2F4A-42E6-8992-6F006C69433D}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O87 - FAEL: "UDP Query User{640EA036-A476-4E81-A17B-4B9B68A028C8}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O87 - FAEL: "TCP Query User{95887096-284A-4737-BC12-FA8DD66E1736}C:\program files\urbanterror\iourbanterror.exe" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\UrbanTerror\ioUrbanTerror.exe

O87 - FAEL: "UDP Query User{E30DB867-6716-4070-8506-54F2FA2CDAE8}C:\program files\urbanterror\iourbanterror.exe" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\UrbanTerror\ioUrbanTerror.exe

O87 - FAEL: "TCP Query User{833260AB-54C6-4001-A478-56E8BCA6F93E}C:\program files\google\chrome\application\chrome.exe" | In - Public - P6 - TRUE | .(.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O87 - FAEL: "UDP Query User{AD160FE4-9D39-4D36-BE98-B559B9FB0425}C:\program files\google\chrome\application\chrome.exe" | In - Public - P17 - TRUE | .(.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O87 - FAEL: "TCP Query User{70E63291-2BA4-4288-B79D-1802E65DA3EB}C:\users\sanscode\downloads\crimecraft_downloader (1).exe" | In - Public - P6 - TRUE | .(...) -- C:\Users\sanscode\Downloads\CrimeCraft_Downloader (1).exe

O87 - FAEL: "UDP Query User{0BA1030C-F48A-48E9-BF1C-E4C1388570EE}C:\users\sanscode\downloads\crimecraft_downloader (1).exe" | In - Public - P17 - TRUE | .(...) -- C:\Users\sanscode\Downloads\CrimeCraft_Downloader (1).exe

O87 - FAEL: "TCP Query User{0444979B-773A-4744-8A1E-8031EA3A6E62}C:\users\sanscode\downloads\crimecraft_downloader.exe" | In - Public - P6 - TRUE | .(...) -- C:\Users\sanscode\Downloads\CrimeCraft_Downloader.exe

O87 - FAEL: "UDP Query User{A57C7B0C-29E3-4621-A154-479CA4BC5DAA}C:\users\sanscode\downloads\crimecraft_downloader.exe" | In - Public - P17 - TRUE | .(...) -- C:\Users\sanscode\Downloads\CrimeCraft_Downloader.exe

O87 - FAEL: "{D7BC9EE3-901D-406A-BA15-371A4ECE1C9E}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{EAFCDB03-E48B-4BC2-94C8-30911BCD5D24}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{E4BDD529-00E7-4E3A-B22D-B93EAF5600D5}" | In - Public - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe

O87 - FAEL: "{7513733B-6250-400B-95C5-8FDAA21EA53E}" | In - Public - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe

O87 - FAEL: "TCP Query User{2F5B791B-357E-4D04-91DE-A1547806406E}C:\Program Files\adslTV\adsltv.exe" | In - Public - P6 - TRUE | .(.adsl TV / FM - Pas de description.) -- C:\Program Files\adslTV\adsltv.exe

O87 - FAEL: "UDP Query User{F8AB5074-1A94-4919-8E53-7620343A4C47}C:\Program Files\adslTV\adsltv.exe" | In - Public - P17 - TRUE | .(.adsl TV / FM - Pas de description.) -- C:\Program Files\adslTV\adsltv.exe

~ Scan Firewall in 00mn 03s

---\\ Scan Additionnel (O88)

Database Version : 8878 - (10/12/2011)

Clés trouvées (Keys found) : 101

Valeurs trouvées (Values found) : 5

Dossiers trouvés (Folders found) : 18

Fichiers trouvés (Files found) : 1

[HKLM\Software\Classes\bandoocore.statisticmngr.1] =>Adware.Bandoo

[HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin] =>Adware.Bandoo

[HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1] =>Adware.Bandoo

[HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl] =>Adware.Bandoo

[HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1] =>Adware.Bandoo

[HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl] =>Adware.Bandoo

[HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1] =>Adware.Bandoo

[HKLM\Software\Classes\PCTutoBHO.PCTBHO] =>Spyware.AgenceExclusive

[HKLM\Software\Classes\PCTutoBHO.PCTBHO.1] =>Spyware.AgenceExclusive

[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo

[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}] =>PUP.Eorezo

[HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}] =>PUP.Eorezo

[HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo

[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}] =>PUP.Dealio

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}] =>PUP.Dealio

[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4ef8be6a-899c-4196-94e7-297c5f7a203e}] =>Adware.BHO

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ef8be6a-899c-4196-94e7-297c5f7a203e}] =>Adware.BHO

[HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}] =>Toolbar.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}] =>Toolbar.Agent

[HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}] =>Spyware.AgenceExclusive

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh

[HKLM\Software\Classes\CLSID\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78}] =>PUP.Eorezo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] =>Adware.Bandoo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}] =>Adware.Bandoo

[HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo

[HKLM\Software\Classes\Installer\Features\a6eb8fe4c9986914497e92c7f5a702e3] =>Adware.BHO

[HKLM\Software\Classes\Installer\Products\a6eb8fe4c9986914497e92c7f5a702e3] =>Adware.BHO

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\a6eb8fe4c9986914497e92c7f5a702e3] =>Adware.BHO

[HKLM\SYSTEM\CurrentControlSet\Services\Bandoo Coordinator] =>Adware.Bandoo

[HKCU\Software\Agence-Exclusive] =>Spyware.AgenceExclusive

[HKLM\Software\Agence-Exclusive] =>Spyware.AgenceExclusive

[HKLM\Software\Bandoo] =>Adware.Bandoo

[HKCU\Software\DataMngr] =>Adware.Bandoo

[HKLM\Software\DataMngr] =>Adware.Bandoo

[HKLM\Software\ilivid] =>Adware.Bandoo

[HKCU\Software\AppDataLow\Software\pdfforge] =>PUP.Dealio

[HKLM\Software\pdfforge] =>PUP.Dealio

[HKCU\Software\pdfforge.org] =>PUP.Dealio

[HKLM\Software\pdfforge.org] =>PUP.Dealio

[HKCU\Software\Search Settings] =>PUP.Dealio

[HKLM\Software\Search Settings] =>PUP.Dealio

[HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iLivid] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{B922D405-6D13-4A2B-AE89-08A030DA4402} =>PUP.Dealio

[HKLM\Software\Mozilla\Firefox\Extensions]:ffox@bandoo.com =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:PCTuto =>Spyware.AgenceExclusive

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:SearchSettings =>PUP.Dealio

C:\Program Files\Agence-Exclusive =>Spyware.AgenceExclusive

C:\Program Files\Bandoo =>Adware.Bandoo

C:\Program Files\PCTuto =>Spyware.AgenceExclusive

C:\Program Files\pdfforge Toolbar =>PUP.Dealio

C:\Program Files\Windows iLivid Toolbar =>Adware.Bandoo

C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com =>PUP.Dealio

C:\ProgramData\Bandoo =>Adware.Bandoo

C:\ProgramData\iWin =>Adware.BHO

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo =>Adware.Bandoo

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto =>Spyware.AgenceExclusive

C:\Users\sanscode\AppData\Roaming\Agence-Exclusive =>Spyware.AgenceExclusive

C:\Users\sanscode\AppData\Roaming\Bandoo =>Adware.Bandoo

C:\Users\sanscode\AppData\Roaming\iWin =>Adware.BHO

C:\Users\sanscode\AppData\Local\Agence-Exclusive =>Spyware.AgenceExclusive

C:\Users\sanscode\AppData\LocalLow\Bandoo =>Adware.Bandoo

C:\Users\sanscode\AppData\LocalLow\pdfforge =>PUP.Dealio

C:\Users\sanscode\AppData\LocalLow\Search Settings =>PUP.Dealio

C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml =>Toolbar.Agent

~ Scan Additionnel in 00mn 10s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 03/03/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SR - | Auto 20/09/2011 2051472 | (Bandoo Coordinator) . (.Bandoo Media Inc..) - C:\Program Files\Bandoo\Bandoo.exe

SR - | Auto 03/03/2011 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Demand 19/01/2009 69120 | (Boonty Games) . (.BOONTY.) - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe

SS - | Demand 16/09/2008 1527900 | (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

SS - | Demand 12/02/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

SS - | Auto 01/09/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 01/09/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 13/12/2007 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe

SR - | Auto 198240 | (HPBtnSrv) . (...) - C:\hp\HPEZBTN\HPBtnSrv.exe

SS - | Demand 14/11/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

SR - | Auto 14/10/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 15/10/2011 641832 | C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe

SR - | Auto 13/06/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 16/09/2008 39408 | ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp..) - C:\Program Files\HP\DVDPlay\000.fcl

~ Scan Services in 00mn 12s

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by sanscode at 11/12/2011 23:33:12

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys

C:\Windows\system32\DRIVERS\nvstor32.sys NVIDIA Corporation NVIDIA nForce SATA Driver

1 ntkrnlpa!IofCallDriver[0x83256912] -> \Device\Harddisk0\DR0[0x873D15F8]

3 CLASSPNP[0x8B5AC8B3] -> ntkrnlpa!IofCallDriver[0x83256912] -> [0x863E1F08]

5 acpi[0x806106BC] -> ntkrnlpa!IofCallDriver[0x83256912] -> \Device\0000005e[0x863BAAF0]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 02s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.gee k s tog

Run by sanscode at 11/12/2011 23:33:14

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

End of the scan (1836 lines in 02mn 29s)(0)

Connexion

Pas encore inscrit ?

PC infecté ZHP

Messages recommandés

PHHP

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer