cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.3.31.116 par Nicolas Coolman, Update du 31/03/2013
Run by NABIL at 01/04/2013 17:28:12
State : Version � jour.
High Elevated Privileges : OK
UAC : Not Found


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 19.0.2 v19.0.2 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ System Information
~ Processor: x86 Family 15 Model 3 Stepping 3, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (65% free)
System Restore: Activ� (Enable)
System drive C: has 7 GB (7%) free of 96 GB

---\\ Logged in mode
~ Computer Name: YOUNES
~ User Name: NABIL
~ All Users Names: SUPPORT_388945a0, NABIL, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\NABIL\Application Data\
~ %Desktop% : C:\Documents and Settings\NABIL\Bureau\
~ %Favorites% : C:\Documents and Settings\NABIL\Favoris\
~ %LocalAppData% : C:\Documents and Settings\NABIL\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\NABIL\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 96 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 83 Go of 87 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 3 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)
L:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
M:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
N:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
O:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.FCDD66EE148885E900285ADE8417E40B] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/02/2013 - 20:56:42.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/10
~ Mes musiques (My Musics) : 6/13
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/31
~ Mes Documents (My Documents) : 3/1246
~ Mon Bureau (My Desktop) : 3/783
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 07s



---\\ Processus lanc�s
[MD5.327EAC8C955C19D3F6384CE3AAB5ED31] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.808]
[MD5.B458A95F12D36F55F98A42FD66BAEBFA] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224] [PID.1396]
[MD5.9F0BE235A0136EA9E94CF9BD037C30EC] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664] [PID.260]
[MD5.6E95474CB9E22BC9768EFA176C6A0A29] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208] [PID.212]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [252848] [PID.396]
[MD5.BF147446809517043C56426CB0DCEFEE] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1804648] [PID.404]
[MD5.CC3110EEF77AA0810CAA03741168BA8F] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032] [PID.1040]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1160]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1484]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120] [PID.1288]
[MD5.999DB5F88C8E145CCA9D471E33227143] - (.Oracle Corporation - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [170912] [PID.1664]
[MD5.850A7A21661B97583914A430E9C2DAEA] - (.Computer Associates - LogWatNT.) -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [53248] [PID.1332]
[MD5.C2A0C464F810D75524BDD532E3D1C171] - (...) -- C:\Program Files\Fichiers communs\NMSAccessU.exe [65536] [PID.2320]
[MD5.F620772888B6E3EDEF5C3E71E3D447F0] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.2416]
[MD5.E869E31D3FD7B6314EEFEA4304C413CA] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [80336] [PID.2528]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.1208]
[MD5.AA6844A5127ED4B20DF6D313467B929D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.2364]
[MD5.CC5CFE5A9C826B934DC3BE176617E182] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6306816] [PID.3488]
[MD5.76435797185A73349D8F10B15A5AC81D] - (.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe [643944] [PID.312]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.3468]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\NABIL\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\prefs.js
C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\m5e0ofq7.default\prefs.js
C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\va0qmmyt.Utilisateur par défaut\prefs.js (.not file.)
C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\va0qmmyt.Utilisateur par défaut\user.js
M3 - MFPP: Plugins - [NABIL] -- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\m5e0ofq7.default\searchplugins\live-search.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [NABIL] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [NABIL - l6nnrzrs.default-1362762311640] http://www.google.fr
M2 - MFEP: prefs.js [NABIL - m5e0ofq7.default\{62760FD6-B943-48C9-AB09-F99C6FE96088}] [] eBay Sidebar pour Firefox v2.0.3 (.Glaxstar Limited.)
M2 - MFEP: prefs.js [NABIL - m5e0ofq7.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.1.20091029021655 (.Yahoo!.)
M2 - MFEP: prefs.js [NABIL - m5e0ofq7.default\{73a6fe31-595d-460b-a920-fcc0f8843232}] [noscript] NoScript v1.9.9.57 (.Giorgio Maone.)
M2 - MFEP: prefs.js [NABIL - m5e0ofq7.default\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}] [] DriverAgent Plugin for Firefox and Opera v2.2008.6.24 (.Giorgio Maone.)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 10.3.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npPDFXCviewNPPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.17.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\WINDOWS\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.17.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.17.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin
http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
P2 - FPN: [HKLM] [@real.com/npracplug;version=1.0.0.0] - (.RealNetworks - Allows browsing on RealArcade sites with Mozilla browsers..) -- C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
~ Firefox Browser: Scanned in 00mn 01s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 01s
~ Nombre de lignes (Lines number): 4581



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 5 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{41E543CB-B261-4A87-B690-D5B155810075} Cl� orpheline
O3 - Toolbar: Easy-WebPrint - [HKLM]{327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propri�taire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [KernelFaultCheck] Cl� orpheline
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
O4 - HKUS\S-1-5-21-527907513-1244960946-960528300-1007\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: Visionneuse Journal Windows.lnk . (.InstallShield Software Corp. - InstallShield.) -- C:\WINDOWS\Installer\{43DCF766-6838-4F9A-8C91-D92DA586DFA7}\_C68C351F090F4EF39AFB6B7B54014C9E.exe
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\NABIL\Menu D�marrer\Programmes\Zylom - Have Fun..url . (...) -- C:\Documents And Settings\NABIL\Menu D�marrer\Programmes\Zylom - Have Fun..url
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} -- Cl� orpheline
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 5 Legitimates Scanned in 00mn 00s



---\\ Piratage de l'Option 'R�tablir les param�tres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
~ IE Param�tres WEB: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ((no name)) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} ((no name)) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ((no name)) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348688756250
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} ((no name)) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection.cab?version=
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} ((no name)) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} ((no name)) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38027.2133564815
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} ((no name)) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} ((no name)) - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} ((no name)) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} ((no name)) - http://88.247.215.109/activex/AMC.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} ((no name)) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{554BBCA4-B823-4CE9-A6FA-E7A367D7A185}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF85A979-4C4E-4D6A-A534-052913F36786}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{33600AC6-8B88-4FC4-AF9F-C609D29309AD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF85A979-4C4E-4D6A-A534-052913F36786}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{554BBCA4-B823-4CE9-A6FA-E7A367D7A185}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF85A979-4C4E-4D6A-A534-052913F36786}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{33600AC6-8B88-4FC4-AF9F-C609D29309AD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF85A979-4C4E-4D6A-A534-052913F36786}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{33600AC6-8B88-4FC4-AF9F-C609D29309AD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{554BBCA4-B823-4CE9-A6FA-E7A367D7A185}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF85A979-4C4E-4D6A-A534-052913F36786}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{33600AC6-8B88-4FC4-AF9F-C609D29309AD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF85A979-4C4E-4D6A-A534-052913F36786}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notification.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WRNotifier . (.Webroot Software, Inc. - Spy Sweeper SDK.) -- C:\WINDOWS\system32\WRLogonNTF.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ SSODL: 6 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Application syst�me COM+ (COMSysApp) . (. - .) - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
O23 - Service: Event Log Watch (LogWatch) . (.Computer Associates - LogWatNT.) - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 13 Legitimates Scanned in 00mn 05s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:http://www.google.fr/
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\A76C432791CFC207.job [230]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\ACFC4C75919FFEB9.job [260]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job [944]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AFD07F6B9283F733.job [230]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At1.job [462]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At2.job [462]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At3.job [462]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At4.job [462]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job [1000]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\HP Photo Creations Messager.job [332]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job [408]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Orb Index when idle.job [310]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\XoftSpy.job [300]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [246]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [282]
~ Scheduled Task: 18 Legitimates Scanned in 00mn 00s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Fax Provider - {94de52c8-2d59-4f1b-883e-79663d2d9a8c} . (.Microsoft Corporation - Installateur de composant facultatif Microsoft Fax.) -- C:\WINDOWS\System32\Setup\FxsOcm.dll
~ Active Setup: 23 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AVG Anti-Spyware Driver) . (. - .) - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (.not file.)
O41 - Driver: (AvgAsCln) . (. - .) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys (.not file.)
O41 - Driver: (ewido security suite driver) . (. - .) - C:\Program Files\ewido anti-malware\guard.sys (.not file.)
~ Drivers: 103 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: Ad-Aware Browsing Protection - (.Lavasoft.) [HKLM] -- Ad-Aware Browsing Protection
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.4) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Arikus IQ for MSDN - (...) [HKLM] -- {D23F41A5-D305-42A7-97ED-57A383FD3761}
O42 - Logiciel: Atelier Photo FNAC - (.CEWE COLOR AG u Co. OHG.) [HKLM] -- Atelier Photo FNAC
O42 - Logiciel: AutoData version 3.38 - (...) [HKLM] -- {B1F3EDAC-F0A2-4615-A4E1-AAF4358B0157}_is1
O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Data Access Objects (DAO) 3.5 - (...) [HKLM] -- Data Access Objects (DAO) 3.5
O42 - Logiciel: Easy-WebPrint - (...) [HKLM] -- Easy-WebPrint
O42 - Logiciel: ITEDO IsoView 5 - (...) [HKLM] -- {BCB873D5-94BD-4ADC-B80A-A3B381D7E8FA}
O42 - Logiciel: J2SE Development Kit 5.0 Update 11 - (.Sun Microsystems, Inc..) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0150110}
O42 - Logiciel: Java 2 Runtime Environment, SE v1.4.2_06 - (.Sun Microsystems, Inc..) [HKLM] -- {7148F0A8-6813-11D6-A77B-00B0D0142060}
O42 - Logiciel: Java 7 Update 17 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Java(TM) 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Java(TM) 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Medion Flash XL - (...) [HKLM] -- {EA1CB7AC-E221-4822-A789-0ADB051DC498}
O42 - Logiciel: Multimedia Keyboard Driver Ver1.0 (KB-0108) - (...) [HKLM] -- {FF262740-C85A-11D5-BBEC-00D0B740900A}
O42 - Logiciel: Numedia CD-DVD writing as non-admin user - (.H&M System Software GmbH.) [HKLM] -- {94056AE8-EF0F-45E4-A1B4-D754115F8A28}
O42 - Logiciel: Orb Runtime libraries - (.Orb Networks, Inc..) [HKLM] -- {2133CB3F-F891-4081-8681-FEE2B2419FF4}
O42 - Logiciel: Power IEv3 - (.Technicland informatique.) [HKLM] -- {AF7C627C-F354-4FF1-8450-398C806B436E}
O42 - Logiciel: SD Viewer for DSC - (...) [HKLM] -- {5A8D3524-79DB-11D5-99D1-00010256D40E}
O42 - Logiciel: Utilitaire de sauvegarde Windows - (.Microsoft Corporation.) [HKLM] -- {76EFFC7C-17A6-479D-9E47-8E658C1695AE}
O42 - Logiciel: Xinek - (.Xinek.) [HKLM] -- {4457B2A8-DE37-4F37-8DD0-F88A2604A1F4}
O42 - Logiciel: dMC mp3PRO (CLI) Encoder - (...) [HKLM] -- dMC mp3PRO (CLI) Encoder
O42 - Logiciel: inook-v4-3 Screen Saver - (...) [HKLM] -- inook-v4-3
O42 - Logiciel: oggcodecs - (.illiminable.) [HKLM] -- {D65F0073-A820-4085-B997-A061171595A7}
O42 - Logiciel: overland - (.HP.) [HKLM] -- {766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
O42 - Logiciel: �Torrent - (...) [HKCU] -- uTorrent
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM] -- uTorrent
O42 - Logiciel: �Torrent 1.6.1 (Build 490) - (...) [HKLM] -- �Torrent 1.6.1 (Build 490)
~ Logic: 159 Legitimates Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\3SOFT]
[HKCU\Software\AVIExpert]
[HKCU\Software\Angus Johnson]
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\Arabuusimiehet]
[HKCU\Software\Arikus]
[HKCU\Software\BI]
[HKCU\Software\BitTorrent]
[HKCU\Software\CodePoet Computing]
[HKCU\Software\Comptoir Des Plan�tes]
[HKCU\Software\Crimson System]
[HKCU\Software\Danang Probo Sayekti]
[HKCU\Software\DiligenceSoftworks]
[HKCU\Software\Feuerstein]
[HKCU\Software\KLC]
[HKCU\Software\Kerio]
[HKCU\Software\KinKo]
[HKCU\Software\M5T8QL3YW3]
[HKCU\Software\MicroSim]
[HKCU\Software\No Spy]
[HKCU\Software\NoAdware]
[HKCU\Software\OrCAD]
[HKCU\Software\PDFDesk]
[HKCU\Software\ParisHilton]
[HKCU\Software\Prodiff]
[HKCU\Software\QZAIB7KITK]
[HKCU\Software\SDR]
[HKCU\Software\SRS]
[HKCU\Software\Sarbakan]
[HKCU\Software\SmartDraw Software Inc.]
[HKCU\Software\Spotlife]
[HKCU\Software\StudioLine]
[HKCU\Software\Terravirtual]
[HKCU\Software\Theorica]
[HKCU\Software\VPz]
[HKCU\Software\VWIJIPVBO]
[HKCU\Software\VirtuaMedia]
[HKCU\Software\WISE Software]
[HKCU\Software\X10]
[HKCU\Software\Xinek]
[HKCU\Software\ZDB]
[HKCU\Software\brizsoft]
[HKCU\Software\eBook Pro]
[HKCU\Software\gamescafe.com]
[HKCU\Software\http://www.ecran-de-veille.com]
[HKCU\Software\qcam]
[HKCU\Software\stevengould.org]
[HKCU\Software\up2settingsMulti]
[HKLM\Software\ADSECURITY]
[HKLM\Software\AUTODATA LIMITED]
[HKLM\Software\AUTODATA]
[HKLM\Software\Aardwork]
[HKLM\Software\Acudata]
[HKLM\Software\Alkero]
[HKLM\Software\Ariad]
[HKLM\Software\BackupAP]
[HKLM\Software\BoilSoft]
[HKLM\Software\Boonty]
[HKLM\Software\ComputerAssociates]
[HKLM\Software\DiskClean]
[HKLM\Software\DocuTrack]
[HKLM\Software\H&M System Software]
[HKLM\Software\Hasbro Interactive]
[HKLM\Software\ICSI]
[HKLM\Software\K!]
[HKLM\Software\KLC]
[HKLM\Software\Network Associates]
[HKLM\Software\Panicware]
[HKLM\Software\ParisHilton]
[HKLM\Software\QuickCamInstallTemp]
[HKLM\Software\SDR]
[HKLM\Software\SEDREAP]
[HKLM\Software\Soeperman Enterprises Ltd.]
[HKLM\Software\TerraVirtual]
[HKLM\Software\VWIJIPVBO]
[HKLM\Software\Via4in1Driver]
[HKLM\Software\Volkswagen AG]
[HKLM\Software\Xinek]
[HKLM\Software\ZDB]
[HKLM\Software\ewido]
[HKLM\Software\oqsfmf]
~ Key Software: 354 Legitimates Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/11/2012 - 11:36:39 - [157,451] ----D C:\Program Files\Ad-Aware Antivirus
O43 - CFD: 31/07/2007 - 16:02:53 - [1,031] ----D C:\Program Files\Axis Communications
O43 - CFD: 03/10/2005 - 22:03:17 - [0,008] ----D C:\Program Files\Chartist
O43 - CFD: 26/03/2013 - 10:00:35 - [48,304] ----D C:\Program Files\Convertisseur PDF
O43 - CFD: 05/02/2013 - 22:50:31 - [0,001] ----D C:\Program Files\Core Temp
O43 - CFD: 16/04/2005 - 23:07:21 - [0,005] ----D C:\Program Files\Crimson Editor
O43 - CFD: 17/09/2007 - 23:33:23 - [0] ----D C:\Program Files\DaemonTools_WhenUSave_Installer
O43 - CFD: 05/04/2005 - 22:50:09 - [0,181] ----D C:\Program Files\DeliPlayer2
O43 - CFD: 13/12/2007 - 20:51:33 - [0] ----D C:\Program Files\denouvel
O43 - CFD: 23/01/2005 - 23:49:09 - [0,822] ----D C:\Program Files\DevStudio
O43 - CFD: 20/01/2012 - 21:29:07 - [0] ----D C:\Program Files\Diagnose-BK
O43 - CFD: 09/02/2005 - 21:33:53 - [1,877] ----D C:\Program Files\Digital Catalogue
O43 - CFD: 20/01/2012 - 21:22:47 - [171,834] ----D C:\Program Files\DocBackupAP
O43 - CFD: 15/01/2008 - 08:31:06 - [0,120] ----D C:\Program Files\Elfima
O43 - CFD: 17/02/2013 - 20:23:39 - [230,460] ----D C:\Program Files\Fnac
O43 - CFD: 25/03/2010 - 19:52:06 - [0,254] ----D C:\Program Files\FotoTagger
O43 - CFD: 10/02/2004 - 15:20:22 - [2,147] ----D C:\Program Files\HighMAT CD Writing Wizard
O43 - CFD: 25/02/2006 - 12:55:26 - [2,211] ----D C:\Program Files\ITEDO Software
O43 - CFD: 30/10/2004 - 13:40:56 - [0,254] ----D C:\Program Files\JavaScript Maker
O43 - CFD: 08/10/2008 - 00:18:24 - [0,000] ----D C:\Program Files\JOOG
O43 - CFD: 08/11/2005 - 02:46:19 - [0,000] ----D C:\Program Files\Kazaa Lite
O43 - CFD: 08/11/2005 - 00:54:27 - [3,006] ----D C:\Program Files\Kerio
O43 - CFD: 08/10/2008 - 00:35:19 - [0,000] ----D C:\Program Files\khi3
O43 - CFD: 01/10/2005 - 14:19:08 - [4,254] ----D C:\Program Files\Kit ADSL
O43 - CFD: 01/06/2008 - 12:50:40 - [1,207] ----D C:\Program Files\KONAMI
O43 - CFD: 03/04/2007 - 21:32:58 - [9,787] ----D C:\Program Files\LIUtilities
O43 - CFD: 10/02/2004 - 13:11:17 - [3,855] ----D C:\Program Files\Make bootable flashcards
O43 - CFD: 15/01/2005 - 12:52:13 - [0,107] ----D C:\Program Files\Microids
O43 - CFD: 24/03/2010 - 23:40:04 - [110,812] ----D C:\Program Files\Navilog1
O43 - CFD: 13/04/2004 - 15:23:19 - [0,162] ----D C:\Program Files\Nova Intelligence
O43 - CFD: 10/02/2005 - 20:35:42 - [0,424] ----D C:\Program Files\OfficeUpdate11
O43 - CFD: 04/08/2005 - 12:57:22 - [7,727] ----D C:\Program Files\Overland
O43 - CFD: 14/01/2005 - 23:37:13 - [0] ----D C:\Program Files\Panicware
O43 - CFD: 07/05/2007 - 21:41:46 - [1,826] ----D C:\Program Files\Power IE
O43 - CFD: 30/06/2012 - 19:15:24 - [0,020] ----D C:\Program Files\Radio Decoder
O43 - CFD: 27/03/2013 - 19:39:42 - [0] ----D C:\Program Files\rkfree
O43 - CFD: 08/10/2008 - 00:19:39 - [0,001] ----D C:\Program Files\RM-X� Video Converter 2
O43 - CFD: 09/04/2006 - 19:25:03 - [1,349] ----D C:\Program Files\Simple Sudoku
O43 - CFD: 28/03/2010 - 22:54:46 - [0,196] ----D C:\Program Files\SinEspias
O43 - CFD: 14/12/2010 - 00:23:11 - [3,851] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 02/09/2007 - 18:05:55 - [0,005] ----D C:\Program Files\Super logiciels
O43 - CFD: 23/09/2007 - 19:22:26 - [1,621] ----D C:\Program Files\Tamagotchi Simulator
O43 - CFD: 02/07/2008 - 23:02:42 - [0,002] ----D C:\Program Files\ThePoolClub
O43 - CFD: 23/04/2006 - 18:22:56 - [6,776] ----D C:\Program Files\ToniArts
O43 - CFD: 30/09/2012 - 18:50:09 - [0,722] ----D C:\Program Files\Toolbar Cleaner
O43 - CFD: 28/03/2009 - 16:05:35 - [0,001] ----D C:\Program Files\Toolbar Uninstaller
O43 - CFD: 17/03/2013 - 14:04:43 - [0,834] ----D C:\Program Files\utorrent
O43 - CFD: 12/04/2005 - 12:55:22 - [0] ----D C:\Program Files\WinUAE
O43 - CFD: 09/05/2005 - 21:18:49 - [0,027] ----D C:\Program Files\XoftSpy
O43 - CFD: 23/09/2007 - 19:31:15 - [0] ----D C:\Program Files\Fichiers communs\BOONTY Shared
O43 - CFD: 16/02/2006 - 23:32:24 - [0,009] ----D C:\Documents and Settings\NABIL\Application Data\.bittorrent
O43 - CFD: 30/09/2012 - 22:39:23 - [0,110] ----D C:\Documents and Settings\NABIL\Application Data\Ad-Aware Antivirus
O43 - CFD: 31/03/2010 - 23:37:46 - [0] ----D C:\Documents and Settings\NABIL\Application Data\AdSigner
O43 - CFD: 20/01/2012 - 22:37:16 - [0,640] ----D C:\Documents and Settings\NABIL\Application Data\Azureus
O43 - CFD: 18/08/2010 - 22:24:23 - [1,744] ----D C:\Documents and Settings\NABIL\Application Data\Bump Technologies, Inc
O43 - CFD: 08/10/2005 - 21:10:04 - [0,001] ----D C:\Documents and Settings\NABIL\Application Data\Checkflow
O43 - CFD: 26/03/2013 - 10:00:35 - [0,003] ----D C:\Documents and Settings\NABIL\Application Data\Convertisseur PDF
O43 - CFD: 23/04/2007 - 12:34:58 - [0] ----D C:\Documents and Settings\NABIL\Application Data\eBookPro6
O43 - CFD: 22/01/2005 - 14:44:24 - [0,001] ----D C:\Documents and Settings\NABIL\Application Data\fltk.org
O43 - CFD: 14/12/2008 - 03:05:07 - [0,012] ----D C:\Documents and Settings\NABIL\Application Data\GamesCafe
O43 - CFD: 01/06/2009 - 00:03:32 - [624,659] ----D C:\Documents and Settings\NABIL\Application Data\GoPal Assistant
O43 - CFD: 25/02/2006 - 13:45:51 - [0,001] ----D C:\Documents and Settings\NABIL\Application Data\ITEDO
O43 - CFD: 21/05/2004 - 20:03:24 - [0,127] ----D C:\Documents and Settings\NABIL\Application Data\Kazaa Lite
O43 - CFD: 09/08/2010 - 13:06:14 - [0,134] ----D C:\Documents and Settings\NABIL\Application Data\LimeWire
O43 - CFD: 03/07/2008 - 21:41:04 - [0,000] ----D C:\Documents and Settings\NABIL\Application Data\LuckyTender
O43 - CFD: 21/10/2004 - 21:59:40 - [0,000] ----D C:\Documents and Settings\NABIL\Application Data\Mercora
O43 - CFD: 03/10/2005 - 22:02:01 - [0,005] ----D C:\Documents and Settings\NABIL\Application Data\Novagraph
O43 - CFD: 02/04/2012 - 21:16:52 - [0,010] ----D C:\Documents and Settings\NABIL\Application Data\nProtect
O43 - CFD: 30/12/2004 - 22:18:11 - [0,785] ----D C:\Documents and Settings\NABIL\Application Data\Phoenix
O43 - CFD: 07/08/2006 - 21:14:30 - [0] ----D C:\Documents and Settings\NABIL\Application Data\Simple Sudoku
O43 - CFD: 15/01/2005 - 00:58:17 - [0] ----D C:\Documents and Settings\NABIL\Application Data\Site Grim Bone
O43 - CFD: 17/07/2005 - 18:51:57 - [0,627] ----D C:\Documents and Settings\NABIL\Application Data\SmartDraw
O43 - CFD: 09/02/2005 - 13:50:39 - [0] ----D C:\Documents and Settings\NABIL\Application Data\spweng
O43 - CFD: 25/05/2008 - 21:18:18 - [0,027] ----D C:\Documents and Settings\NABIL\Application Data\TaoUSign
O43 - CFD: 01/04/2013 - 00:57:03 - [7,549] ----D C:\Documents and Settings\NABIL\Application Data\uTorrent
O43 - CFD: 22/07/2007 - 20:38:35 - [0,079] ----D C:\Documents and Settings\NABIL\Application Data\XINEK
O43 - CFD: 18/08/2010 - 22:24:53 - [0] ----D C:\Documents and Settings\NABIL\Local Settings\Application Data\Bump Technologies, Inc
O43 - CFD: 21/10/2004 - 21:49:40 - [0,001] ----D C:\Documents and Settings\NABIL\Local Settings\Application Data\Shareaza
O43 - CFD: 31/10/2004 - 02:20:47 - [0,000] ----D C:\Documents and Settings\NABIL\Local Settings\Application Data\X10 Commander
O43 - CFD: 24/03/2010 - 23:45:30 - [50,472] ----D C:\Documents and Settings\NABIL\Local Settings\Application Data\{32A3A4F2-B792-11D6-A78A-00B0D0150110}
O43 - CFD: 26/03/2013 - 10:00:28 - [0,003] ----D C:\Documents and Settings\NABIL\Menu D�marrer\Programmes\Convertisseur PDF
~ Program Folder: 312 Legitimates Scanned in 01mn 45s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.E9958D1F056E4684C57E0F34076B6107] - 31/03/2013 - 23:56:29 ---A- . (...) -- C:\WINDOWS\M3JPEG.INI [578]
O44 - LFC:[MD5.081EFA3D9D0FC78DBF209452A4F64D12] - 01/04/2013 - 16:07:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.45A052905F9F61155D271133C1504387] - 01/04/2013 - 16:07:06 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.F0321B31DB4797576C65CED24AEE4C1D] - 01/04/2013 - 16:05:26 ---A- . (...) -- C:\AdwCleaner[S4].txt [1808]
O44 - LFC:[MD5.FC0EE9276EC3768610F16E9B299EEDCB] - 23/03/2013 - 19:58:10 ---A- . (...) -- C:\AdwCleaner[S3].txt [3372]
O44 - LFC:[MD5.4088E91AE89E3365CB69FDE635BE9A4E] - 23/03/2013 - 19:57:09 ---A- . (...) -- C:\AdwCleaner[R4].txt [3484]
O44 - LFC:[MD5.52E2D77CEBAFA722CF50B93743CC4F73] - 09/03/2013 - 01:05:58 ---A- . (...) -- C:\Mediacenter Evolution.lnk [104]
~ Files: 28 Legitimates Scanned in 01mn 23s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.93B36D66243D749B490282AF48B33DF1] - 01/04/2013 - 15:47:30 ---A- - C:\WINDOWS\Prefetch\AQUARI~1.SCR-057434C4.pf
O45 - LFCP:[MD5.ACB9077C9123F9FD3AD8620D6CE82200] - 01/04/2013 - 16:01:00 ---A- - C:\WINDOWS\Prefetch\MESSAGECHECK.EXE-19FD9FD3.pf
O45 - LFCP:[MD5.FB96B9004E0C6A90ACF9D349CE50ECAC] - 01/04/2013 - 16:04:04 ---A- - C:\WINDOWS\Prefetch\ADWCLEANER(1).EXE-2FB1319C.pf
O45 - LFCP:[MD5.926334C68E9E8A8B0DF8842BA455151A] - 01/04/2013 - 16:07:32 ---A- - C:\WINDOWS\Prefetch\JQS.EXE-21B69FF4.pf
O45 - LFCP:[MD5.05A75028DBB4FF689A4BB6DC1B5C1427] - 01/04/2013 - 16:07:32 ---A- - C:\WINDOWS\Prefetch\LOGWATNT.EXE-014D7F7A.pf
O45 - LFCP:[MD5.6D45E5E8B0C73A9042FAC3DA7D478D9C] - 01/04/2013 - 16:07:32 ---A- - C:\WINDOWS\Prefetch\NMSACCESSU.EXE-05B3E8BB.pf
O45 - LFCP:[MD5.DDF03F7943944D8E531BD1F33D457EFE] - 01/04/2013 - 16:12:11 ---A- - C:\WINDOWS\Prefetch\JRT.EXE-2BB41233.pf
O45 - LFCP:[MD5.C6CE8C4CD05FEFD934E818D0198C2E72] - 01/04/2013 - 16:20:57 ---A- - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf
O45 - LFCP:[MD5.49C22EA266445D0B13F0A653FCDB4B94] - 01/04/2013 - 16:20:59 ---A- - C:\WINDOWS\Prefetch\FC.EXE-1B9F0926.pf
O45 - LFCP:[MD5.81F67E907869A1C5C947E2BB4DF6C0AA] - 01/04/2013 - 16:21:10 ---A- - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf
O45 - LFCP:[MD5.91FAB44F33DE40262F0649A76BAC032D] - 01/04/2013 - 16:21:29 ---A- - C:\WINDOWS\Prefetch\CUT.EXE-0407EB6B.pf
O45 - LFCP:[MD5.FE30EF30862F6E7DD82E587421D477B3] - 01/04/2013 - 16:21:31 ---A- - C:\WINDOWS\Prefetch\SED.EXE-386AED89.pf
O45 - LFCP:[MD5.0BA0ADB685D786977E8F184C679F7C63] - 01/04/2013 - 16:26:36 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
O45 - LFCP:[MD5.4F1D3AF30E6A51D5FD622FECE09C4485] - 26/03/2013 - 13:33:58 ---A- - C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf
O45 - LFCP:[MD5.3409FC50F78B8A337CEE7D88425046C3] - 27/03/2013 - 18:48:07 ---A- - C:\WINDOWS\Prefetch\WISEREGISTRYCLEANER.EXE-0EFA520B.pf
O45 - LFCP:[MD5.5FAF387F7E232891E4A637D5E8558094] - 27/03/2013 - 18:48:32 ---A- - C:\WINDOWS\Prefetch\UNINS000.EXE-1B7D4B8C.pf
O45 - LFCP:[MD5.C933F13CA68F589FD04C4BCCDC4E1F68] - 27/03/2013 - 18:48:34 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-0E651392.pf
O45 - LFCP:[MD5.2BE73227D35AA46CF90A03CF72775678] - 27/03/2013 - 18:49:16 ---A- - C:\WINDOWS\Prefetch\SDRAW.EXE-010579FE.pf
O45 - LFCP:[MD5.A25510FEA0011993521D4D0719B38698] - 27/03/2013 - 18:52:21 ---A- - C:\WINDOWS\Prefetch\VLC-2.0.5-WIN32.EXE-1891AEAF.pf
O45 - LFCP:[MD5.E868DEBDEBB8B77872FA6C61F9A7DD61] - 27/03/2013 - 18:56:11 ---A- - C:\WINDOWS\Prefetch\VLC-CACHE-GEN.EXE-09B9CDF2.pf
O45 - LFCP:[MD5.50DCF2A0E20F944D6A82CB53D262FF5F] - 29/03/2013 - 20:00:36 ---A- - C:\WINDOWS\Prefetch\PDFXCVIEW.EXE-00A8C460.pf
O45 - LFCP:[MD5.9E83E3A6CCE86B9957B052AB10B7FE32] - 30/03/2013 - 18:37:00 ---A- - C:\WINDOWS\Prefetch\HPCUSTPARTIC.EXE-248969E6.pf
O45 - LFCP:[MD5.762986CCC90DBFA05A297CCD2472859A] - 31/03/2013 - 23:45:06 ---A- - C:\WINDOWS\Prefetch\UTORRENT.EXE-3888D1B0.pf
~ Prefetcher: 89 Legitimates Scanned in 00mn 00s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Disabled] .(...) -- C:\Program Files\BitTorrent\bittorrent.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe" [Disabled] .(...) -- C:\Program Files\Azureus\Azureus.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitSpirit\BitSpirit.exe" [Enabled] .(...) -- C:\Program Files\BitSpirit\BitSpirit.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" [Enabled] .(...) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\utorrent\utorrent.exe" [Enabled] .(.BitTorrent Inc..) -- C:\Program Files\utorrent\utorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\SopCast.exe" [Enabled] .(...) -- C:\Program Files\SopCast\SopCast.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\sopvod.exe" [Enabled] .(...) -- C:\Program Files\SopCast\sopvod.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\adv\SopAdver.exe" [Enabled] .(...) -- C:\Program Files\SopCast\adv\SopAdver.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [Enabled] .(...) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" [Enabled] .(...) -- C:\Program Files\Microsoft ActiveSync\WCESMgr.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Lemoncast\lemoncast.exe" [Enabled] .(...) -- C:\Program Files\Lemoncast\lemoncast.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(...) -- C:\Program Files\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\TeamViewer\Version4\TeamViewer.exe" [Enabled] .(...) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\DocBackupJRE\j2re1.4.2_12\bin\javaw.exe" [Enabled] .(...) -- C:\Program Files\DocBackupJRE\j2re1.4.2_12\bin\javaw.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\DocBackupJRE\j2re1.4.2_17\bin\javaw.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files\DocBackupJRE\j2re1.4.2_17\bin\javaw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\SFR\Media Center\MediaCenter.exe" [Enabled] .(...) -- C:\Program Files\SFR\Media Center\MediaCenter.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\javaw.exe" [Enabled] .(.Sun Microsystems, Inc..) -- C:\Program Files\Java\jre6\bin\javaw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Free Download Manager\fdm.exe" [Enabled] .(...) -- C:\Program Files\Free Download Manager\fdm.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc..) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orb Networks\Orb\bin\OrbjetManager.exe" [Enabled] .(...) -- C:\Program Files\Orb Networks\Orb\bin\OrbjetManager.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orb Networks\Orb\bin\Orb.exe" [Enabled] .(...) -- C:\Program Files\Orb Networks\Orb\bin\Orb.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orb Networks\Orb\bin\OrbLauncher.exe" [Enabled] .(...) -- C:\Program Files\Orb Networks\Orb\bin\OrbLauncher.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orb Networks\Orb\bin\OrbSetupWizard.exe" [Enabled] .(...) -- C:\Program Files\Orb Networks\Orb\bin\OrbSetupWizard.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orb Networks\Orb\bin\OrbControlPanel.exe" [Enabled] .(...) -- C:\Program Files\Orb Networks\Orb\bin\OrbControlPanel.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe" [Enabled] .(...) -- C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\NABIL\Local Settings\Temp\nsqC.tmp\sweetim_0711-adf025c2.exe" [Enabled] .(...) -- C:\Documents and Settings\NABIL\Local Settings\Temp\nsqC.tmp\sweetim_0711-adf025c2.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [Enabled] .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe" [Enabled] .(.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe" [Enabled] .(.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\plugin-container.exe" [Enabled] .(.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
O47 - AAKE:Key Export SP - "C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe" [Enabled] .(.SFR.) -- C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe
~ Keys Export: 44 Legitimates Scanned in 00mn 01s



---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Notification Packages . (...) --
~ LSA: 8 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 23 Legitimates Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0b63962a-a11f-11dc-b3ac-000c76a76484}\AutoRun\command. (...) -- C:\WINDOWS\system32\cmd \C launch.bat (.not file.)
O51 - MPSK:{30a5d51b-fd6c-11db-b232-101111111111}\AutoRun\command - Cl� orpheline
O51 - MPSK:{adda666c-bbcc-11de-b78b-000c76a76484}\AutoRun\command - Cl� orpheline
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"vidc.MJPG"="M3JPEG32.dll" . (.Morgan Multimedia - Morgan MJPEG VFW codec.) -- C:\WINDOWS\system32\M3JPEG32.dll
O52 - TDSD: \Drivers32\"vidc.dmb1"="M3JPEG32.dll" . (.Morgan Multimedia - Morgan MJPEG VFW codec.) -- C:\WINDOWS\system32\M3JPEG32.dll
O52 - TDSD: \Drivers32\"vidc.jpeg"="M3JPEG32.dll" . (.Morgan Multimedia - Morgan MJPEG VFW codec.) -- C:\WINDOWS\system32\M3JPEG32.dll
O52 - TDSD: \Drivers32\"vidc.mxmc"="MimicICM.DLL" . (.Pas de propri�taire - MimicICM.) -- C:\WINDOWS\system32\MimicICM.dll
O52 - TDSD: \Drivers32\"MSACM.CEGSM"="mobilev.acm" . (...) -- C:\WINDOWS\system32\mobilev.acm
O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo� video Raw YVU9 by Intel" . (...) -- C:\WINDOWS\system32\iyvu9_32.dll
O52 - TDSD: \drivers.desc\"M3JPEG32.dll"="Morgan Multimedia M-JPEG Codec" . (.Morgan Multimedia - Morgan MJPEG VFW codec.) -- C:\WINDOWS\system32\M3JPEG32.dll
O52 - TDSD: \drivers.desc\"mobilev.acm"="Hewlett Packard Mobile Voice" . (...) -- C:\WINDOWS\system32\mobilev.acm
O52 - TDSD: \drivers.desc\"MimicICM.DLL"="MimicICM.DLL" . (.Pas de propri�taire - MimicICM.) -- C:\WINDOWS\system32\MimicICM.dll
~ TDSD: 25 Legitimates Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Ad-Aware Browsing Protection [Key] . (.Lavasoft - Ad-Aware Browsing Protection and Anti-Phish.) -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
O53 - SMSR:HKLM\...\startupreg\SFR Mediacenter [Key] . (.SFR - Mediacenter Evolution.) -- C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
~ SMSR Keys: 21 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 6 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
~ MWPS: 7 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWindowsUpdate"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFavoritesMenu"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMMyDocs"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMMyPictures"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuMyMusic"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentDocsOnExit"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsNetHood"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoUserNameInStartMenu"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuPinnedList"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "ForceStartMenuLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSharedDocuments"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoBandCustomize"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoMovingBands"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoCloseDragDropBands"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSetTaskbar"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoToolbarsOnTaskbar"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSaveSettings"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoActiveDesktop"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "ClassicShell"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsMenu"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoFavoritesMenu"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSMMyDocs"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSMMyPictures"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoStartMenuMyMusic"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsHistory"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsNetHood"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSMHelp"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoInstrumentation"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSimpleStartMenu"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
~ Keys: Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.5EE8AAA16951E46D197392BA6F2402EA] - 01/07/2009 - 15:43:06 R--A- . (.none - Autodata Licensing System.) -- C:\WINDOWS\system32\Drivers\adatadrv.sys [762112]
O58 - SDL:[MD5.E0B421FAE3F18D0A429E3BED52A8D275] - 25/09/2004 - 11:19:34 RSH-- . (...) -- C:\WINDOWS\system32\6981EFE1C6.sys [56]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 01/04/2013 - 15:31:08 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\bookmarkbackups\bookmarks-2013-04-01.json [16720]
O61 - LFC: 01/04/2013 - 15:53:31 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\formhistory.sqlite [147456]
O61 - LFC: 01/04/2013 - 15:53:33 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\signons.sqlite [52224]
O61 - LFC: 01/04/2013 - 16:03:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\webappsstore.sqlite [819200]
O61 - LFC: 01/04/2013 - 16:03:39 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\goog-malware-shavar.cache [12]
O61 - LFC: 01/04/2013 - 16:03:39 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\goog-malware-shavar.pset [828344]
O61 - LFC: 01/04/2013 - 16:03:39 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\goog-malware-shavar.sbstore [1510097]
O61 - LFC: 01/04/2013 - 16:03:47 ---A- C:\Documents and Settings\NABIL\Mes documents\T�l�chargements\adwcleaner(1).exe [609993]
O61 - LFC: 01/04/2013 - 16:05:04 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\content-prefs.sqlite [229376]
O61 - LFC: 01/04/2013 - 16:05:26 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [69297]
O61 - LFC: 01/04/2013 - 16:06:32 -SHA- C:\Documents and Settings\NABIL\Application Data\Microsoft\Credentials\S-1-5-21-527907513-1244960946-960528300-1007\Credentials [4812]
O61 - LFC: 01/04/2013 - 16:06:32 -SHA- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-527907513-1244960946-960528300-1007\Credentials [17354]
O61 - LFC: 01/04/2013 - 16:07:05 ---A- C:\Documents and Settings\NABIL\Menu D�marrer\Programmes\D�marrage\Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (r�seau).lnk [1741]
O61 - LFC: 01/04/2013 - 16:07:08 ---A- C:\Documents and Settings\NABIL\Bureau\AdwCleaner[S4].txt [1808]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\0\E2\25FC0d01 [20145]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\1\E9\B4CA2d01 [35470]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\2\A5\B56D1d01 [58969]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\5\90\164FFd01 [25989]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\6\1B\80DA1d01 [61427]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\D\E2\68EC2d01 [131794]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\E\77\54139d01 [16479]
O61 - LFC: 01/04/2013 - 16:07:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\F\3E\EB0E7d01 [32058]
O61 - LFC: 01/04/2013 - 16:07:55 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\F\99\73F2Fd01 [20801]
O61 - LFC: 01/04/2013 - 16:07:57 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\E\B8\F4EBDd01 [35197]
O61 - LFC: 01/04/2013 - 16:08:02 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\C\58\D8966d01 [22952]
O61 - LFC: 01/04/2013 - 16:08:03 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\2\FC\6E50Fd01 [37439]
O61 - LFC: 01/04/2013 - 16:08:03 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\8\3A\737C8d01 [23974]
O61 - LFC: 01/04/2013 - 16:08:03 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\A\AA\11DC7d01 [27090]
O61 - LFC: 01/04/2013 - 16:08:04 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\0\91\B894Dd01 [22632]
O61 - LFC: 01/04/2013 - 16:08:04 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\7\5F\580F5d01 [21399]
O61 - LFC: 01/04/2013 - 16:08:04 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\A\2C\A2F11d01 [36578]
O61 - LFC: 01/04/2013 - 16:08:05 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\5\CD\55181d01 [51031]
O61 - LFC: 01/04/2013 - 16:11:38 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\4\4F\B3F40d01 [33673]
O61 - LFC: 01/04/2013 - 16:11:39 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\9\8B\24D08d01 [17618]
O61 - LFC: 01/04/2013 - 16:11:40 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\A\42\E0273d01 [25013]
O61 - LFC: 01/04/2013 - 16:11:40 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\A\55\31996d01 [43419]
O61 - LFC: 01/04/2013 - 16:11:41 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\4\9A\D8EC7d01 [36326]
O61 - LFC: 01/04/2013 - 16:11:41 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\4\AF\36F32d01 [29294]
O61 - LFC: 01/04/2013 - 16:11:41 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\5\9F\42766d01 [22402]
O61 - LFC: 01/04/2013 - 16:11:41 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\6\62\B2E98d01 [22952]
O61 - LFC: 01/04/2013 - 16:11:42 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\0\88\0F295d01 [16432]
O61 - LFC: 01/04/2013 - 16:11:42 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\1\DD\65C6Bd01 [29384]
O61 - LFC: 01/04/2013 - 16:11:42 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\9\D5\B66A5d01 [19370]
O61 - LFC: 01/04/2013 - 16:11:43 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\F\01\E0C56d01 [180985]
O61 - LFC: 01/04/2013 - 16:11:44 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\thumbnails\1368614c740bbc515d4ad8592c238fe2.png [22280]
O61 - LFC: 01/04/2013 - 16:11:47 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\5\6D\0A8F4d01 [37439]
O61 - LFC: 01/04/2013 - 16:11:54 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\thumbnails\46b5b7a454eceb0aeaff80c841eacd3e.png [18903]
O61 - LFC: 01/04/2013 - 16:11:56 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\downloads.sqlite [98304]
O61 - LFC: 01/04/2013 - 16:11:56 ---A- C:\Documents and Settings\NABIL\Mes documents\T�l�chargements\JRT.exe [550772]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\cert8.db [163840]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\jetpack\jid0-5zkqw0l5jBWPCHzR9mnB6h7y1tU@jetpack\simple-storage\store.json [79]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\key3.db [16384]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\localstore.rdf [5304]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\places.sqlite [10485760]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\7816821a-3c98-4662-8cc7-60075c7c071a [46334]
O61 - LFC: 01/04/2013 - 16:12:28 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\sessionstore.bak [1193582]
O61 - LFC: 01/04/2013 - 16:12:29 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Telemetry.ShutdownTime.txt [6]
O61 - LFC: 01/04/2013 - 16:21:29 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\m5e0ofq7.default\prefs.js [0]
O61 - LFC: 01/04/2013 - 16:26:29 ---A- C:\Documents and Settings\NABIL\Bureau\JRT.txt [1833]
O61 - LFC: 01/04/2013 - 16:26:36 ---A- C:\Documents and Settings\NABIL\Application Data\Logitech\SetPoint\gamelist.xml [37]
O61 - LFC: 01/04/2013 - 16:26:42 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\extensions.sqlite [458752]
O61 - LFC: 01/04/2013 - 16:26:42 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\extensions.sqlite-journal [229944]
O61 - LFC: 01/04/2013 - 16:26:43 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\cookies.sqlite-shm [32768]
O61 - LFC: 01/04/2013 - 16:26:43 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\places.sqlite-shm [32768]
O61 - LFC: 01/04/2013 - 16:26:43 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\webapps\webapps.json [2]
O61 - LFC: 01/04/2013 - 16:26:44 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\3\92\CC876d01 [18946]
O61 - LFC: 01/04/2013 - 16:26:44 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\8\98\838DFd01 [177058]
O61 - LFC: 01/04/2013 - 16:26:44 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\A\71\7619Bd01 [28836]
O61 - LFC: 01/04/2013 - 16:26:44 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\_CACHE_MAP_ [8468]
O61 - LFC: 01/04/2013 - 16:26:45 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\urlclassifierkey3.txt [154]
O61 - LFC: 01/04/2013 - 16:26:45 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\B\E4\3276Cd01 [18763]
O61 - LFC: 01/04/2013 - 16:26:45 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\C\A0\680F4d01 [20510]
O61 - LFC: 01/04/2013 - 16:26:45 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\D\0D\C2744d01 [25052]
O61 - LFC: 01/04/2013 - 16:26:45 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\test-malware-simple.sbstore [232]
O61 - LFC: 01/04/2013 - 16:26:46 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\test-malware-simple.cache [44]
O61 - LFC: 01/04/2013 - 16:26:46 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\test-malware-simple.pset [16]
O61 - LFC: 01/04/2013 - 16:26:46 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\test-phish-simple.cache [44]
O61 - LFC: 01/04/2013 - 16:26:46 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\test-phish-simple.pset [16]
O61 - LFC: 01/04/2013 - 16:26:46 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\test-phish-simple.sbstore [232]
O61 - LFC: 01/04/2013 - 16:26:46 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\thumbnails\ab9e3dc4e10e5726a37d0de82985b926.png [10502]
O61 - LFC: 01/04/2013 - 16:26:51 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\pluginreg.dat [18833]
O61 - LFC: 01/04/2013 - 16:26:52 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\cookies.sqlite [1572864]
O61 - LFC: 01/04/2013 - 16:26:52 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\B\CF\A036Bd01 [47627]
O61 - LFC: 01/04/2013 - 16:26:56 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\cookies.sqlite-wal [590288]
O61 - LFC: 01/04/2013 - 16:26:56 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\_CACHE_CLEAN_ [1]
O61 - LFC: 01/04/2013 - 16:26:59 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\places.sqlite-wal [78312]
O61 - LFC: 01/04/2013 - 16:27:00 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\thumbnails\bb9569cb9f026050cc52a7382098002e.png [52954]
O61 - LFC: 01/04/2013 - 16:27:01 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\sessionstore.js [1288175]
O61 - LFC: 01/04/2013 - 16:27:01 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\_CACHE_001_ [131487]
O61 - LFC: 01/04/2013 - 16:27:02 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\_CACHE_003_ [528605]
O61 - LFC: 01/04/2013 - 16:27:03 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\Cache\_CACHE_002_ [151522]
O61 - LFC: 01/04/2013 - 16:27:10 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\goog-phish-shavar.cache [12]
O61 - LFC: 01/04/2013 - 16:27:10 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\goog-phish-shavar.pset [684708]
O61 - LFC: 01/04/2013 - 16:27:10 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\safebrowsing\goog-phish-shavar.sbstore [601724]
O61 - LFC: 01/04/2013 - 16:27:13 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\prefs.js [10669]
O61 - LFC: 01/04/2013 - 16:27:26 -SHA- C:\Documents and Settings\NABIL\IETldCache\index.dat [262144]
O61 - LFC: 01/04/2013 - 16:27:43 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\startupCache\startupCache.4.little [896959]
O61 - LFC: 29/03/2013 - 10:46:27 -SHA- C:\Documents and Settings\NABIL\UserData\index.dat [16384]
O61 - LFC: 29/03/2013 - 10:47:03 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\m5e0ofq7.default\places.sqlite [7471104]
O61 - LFC: 29/03/2013 - 10:49:55 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\bookmarkbackups\bookmarks-2013-03-29.json [16720]
O61 - LFC: 29/03/2013 - 19:47:14 -SHA- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [32768]
O61 - LFC: 29/03/2013 - 19:47:14 -SHA- C:\Documents and Settings\NABIL\PrivacIE\index.dat [884736]
O61 - LFC: 29/03/2013 - 19:47:20 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\HYL50MO6\www.google[1].xml [93]
O61 - LFC: 29/03/2013 - 19:48:15 -SHA- C:\Documents and Settings\NABIL\IECompatCache\index.dat [16384]
O61 - LFC: 29/03/2013 - 19:48:15 -SHA- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [16384]
O61 - LFC: 29/03/2013 - 19:54:49 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{362F96C3-98A1-11E2-9800-005056C00008}.dat [7168]
O61 - LFC: 29/03/2013 - 19:54:49 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{21479740-98A2-11E2-9800-005056C00008}.dat [3584]
O61 - LFC: 29/03/2013 - 19:54:49 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{21479741-98A2-11E2-9800-005056C00008}.dat [6656]
O61 - LFC: 29/03/2013 - 19:54:51 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{11044DB0-98A1-11E2-9800-005056C00008}.dat [5120]
O61 - LFC: 29/03/2013 - 20:00:26 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{11044DB1-98A1-11E2-9800-005056C00008}.dat [26624]
O61 - LFC: 29/03/2013 - 21:20:04 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-420dfa87.idx [462]
O61 - LFC: 30/03/2013 - 18:42:01 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\bookmarkbackups\bookmarks-2013-03-30.json [16720]
O61 - LFC: 30/03/2013 - 18:42:01 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\d12dfcf2-696e-4aa2-8d00-a664a4dffe21 [51275]
O61 - LFC: 30/03/2013 - 19:39:34 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\6a59ae6a-c546-4540-bbc1-924ada6220b2 [43953]
O61 - LFC: 30/03/2013 - 19:40:42 ---A- C:\Documents and Settings\NABIL\Bureau\fond-ecran-mimi.jpg [156154]
O61 - LFC: 30/03/2013 - 19:40:43 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\29e3fb52-040e-41b4-80a5-6942256208dd [39575]
O61 - LFC: 30/03/2013 - 19:40:52 ---A- C:\Documents and Settings\NABIL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp [3932214]
O61 - LFC: 30/03/2013 - 19:40:52 -SHA- C:\Documents and Settings\NABIL\Application Data\Microsoft\Internet Explorer\Desktop.htt [3270]
O61 - LFC: 30/03/2013 - 20:12:46 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\53ee0933-a57e-4aab-a8da-ad7570833a47 [50930]
O61 - LFC: 31/03/2013 - 22:25:25 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\addons.sqlite [524288]
O61 - LFC: 31/03/2013 - 22:29:06 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\blocklist.xml [58746]
O61 - LFC: 31/03/2013 - 22:29:07 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\8a41729b-4c69-419a-b91c-dfd702e16f78 [62496]
O61 - LFC: 31/03/2013 - 22:29:09 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\bookmarkbackups\bookmarks-2013-03-31.json [16720]
O61 - LFC: 31/03/2013 - 22:29:10 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\permissions.sqlite [65536]
O61 - LFC: 31/03/2013 - 22:42:44 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\6408fcf3-f31b-48be-9e70-954519db4f52 [58677]
O61 - LFC: 31/03/2013 - 23:09:31 ----- C:\Documents and Settings\NABIL\Application Data\uTorrent\Hansel Et Gretel.2008.FRENCH.DVDRiP.XViD-ARTEFAC.MZISYS.avi.torrent [14121]
O61 - LFC: 31/03/2013 - 23:09:38 -S-A- C:\Documents and Settings\NABIL\Application Data\Microsoft\Crypto\RSA\S-1-5-21-527907513-1244960946-960528300-1007\70aea0735945509a00c4ed5a72cc67c5_3e73c858-31d2-43e5-af73-868b43b82741 [1305]
O61 - LFC: 31/03/2013 - 23:09:39 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\88FC865E091495F0496E33B308E98826C4D723A9 [824]
O61 - LFC: 31/03/2013 - 23:09:40 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\AEC1B72978EF11EA526E633A5D35638510DEF6B7 [0]
O61 - LFC: 31/03/2013 - 23:10:01 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\2F58E39823EE2D0E3D5E5E0B63D5225FA78B5937 [1150]
O61 - LFC: 31/03/2013 - 23:10:02 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\4513862A286B17EA8AEA16751ACEFAEDBA790D5D [19331]
O61 - LFC: 31/03/2013 - 23:10:02 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\7C8945DA1B01DEA87CEA3DEAE371D7FEEFE460C0 [3211]
O61 - LFC: 31/03/2013 - 23:22:30 ---A- C:\Documents and Settings\NABIL\Mes documents\Downloads\Hansel Et Gretel.2008.FRENCH.DVDRiP.XViD-ARTEFAC.MZISYS.avi [727922464]
O61 - LFC: 31/03/2013 - 23:39:39 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\settings.dat.old [79868]
O61 - LFC: 31/03/2013 - 23:44:18 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\mimeTypes.rdf [9194]
O61 - LFC: 31/03/2013 - 23:44:19 -S-A- C:\Documents and Settings\NABIL\Application Data\Microsoft\Crypto\RSA\S-1-5-21-527907513-1244960946-960528300-1007\8b4d6d846a61cc1674cf7bcf9f032476_3e73c858-31d2-43e5-af73-868b43b82741 [1305]
O61 - LFC: 31/03/2013 - 23:44:20 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\86AE5B4C73501390C9E9AB520563C2DB07DDD27B [31485]
O61 - LFC: 31/03/2013 - 23:44:21 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dlimagecache\2BF43E909717F7DD96DC98421F9BA80677295906 [39380]
O61 - LFC: 31/03/2013 - 23:45:04 ----- C:\Documents and Settings\NABIL\Application Data\uTorrent\The.Tourist.FRENCH.DVDRip.XviD-NERD.torrent [29234]
O61 - LFC: 31/03/2013 - 23:45:06 -S-A- C:\Documents and Settings\NABIL\Application Data\Microsoft\Crypto\RSA\S-1-5-21-527907513-1244960946-960528300-1007\e4561e0364f8132cb87ac624647068d2_3e73c858-31d2-43e5-af73-868b43b82741 [1305]
O61 - LFC: 31/03/2013 - 23:46:42 R--A- C:\Documents and Settings\NABIL\Mes documents\Downloads\The.Tourist.FRENCH.DVDRip.XviD-NERD\Subs\nrd-tourist.sub [20627456]
O61 - LFC: 31/03/2013 - 23:48:32 R--A- C:\Documents and Settings\NABIL\Mes documents\Downloads\The.Tourist.FRENCH.DVDRip.XviD-NERD\Subs\nrd-tourist.idx [208699]
O61 - LFC: 31/03/2013 - 23:48:32 R--A- C:\Documents and Settings\NABIL\Mes documents\Downloads\The.Tourist.FRENCH.DVDRip.XviD-NERD\nrd-tourist.nfo [12970]
O61 - LFC: 31/03/2013 - 23:54:55 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dht_feed.dat.old [2]
O61 - LFC: 31/03/2013 - 23:55:46 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\resume.dat.old [68344]
O61 - LFC: 31/03/2013 - 23:56:20 R--A- C:\Documents and Settings\NABIL\Mes documents\Downloads\The.Tourist.FRENCH.DVDRip.XviD-NERD\nrd-tourist.avi [731701248]
O61 - LFC: 31/03/2013 - 23:56:35 ---A- C:\Documents and Settings\NABIL\Application Data\Mozilla\Firefox\Profiles\l6nnrzrs.default-1362762311640\saved-telemetry-pings\5af7497f-c06d-46f2-84da-161708ee0eb4 [66044]
O61 - LFC: 31/03/2013 - 23:56:40 ---A- C:\Documents and Settings\NABIL\Application Data\vlc\ml.xspf [304]
O61 - LFC: 31/03/2013 - 23:56:40 ---A- C:\Documents and Settings\NABIL\Application Data\vlc\vlcrc [80083]
O61 - LFC: 31/03/2013 - 23:56:51 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dht.dat [4274]
O61 - LFC: 31/03/2013 - 23:56:51 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\dht_feed.dat [2]
O61 - LFC: 31/03/2013 - 23:56:51 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\rss.dat [99]
O61 - LFC: 31/03/2013 - 23:56:51 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\settings.dat [82032]
O61 - LFC: 31/03/2013 - 23:57:03 ---A- C:\Documents and Settings\NABIL\Application Data\uTorrent\resume.dat [68103]
~ 4 Fichiers temporaires (Temporary files)
~ 7 Fichiers cookies (Cookies files)
~ Files: 207 Legitimates Scanned in 02mn 21s



---\\ Alternate Data Stream File (O62)
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\a3d.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\Audio3D.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\cmirmdrv.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\cmirmdrv.exe:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\cmuda.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\OEMLOGO.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\udaprop.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\Drivers\cmuda.sys:Zone.Identifier
~ ADS: Scanned in 00mn 01s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 29/05/2010 - C:\WINDOWS\system32\DRIVERS\AegisP.sys (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - ??\??\???? - (DcomLaunch) .(. - .) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - 20/09/2002 - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe (LogWatch) .(.Computer Associates - LogWatNT.) - LEGACY_LOGWATCH
O64 - Services: CurCS - 21/04/2011 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 25/01/2007 - C:\Program Files\Fichiers communs\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(...) - LEGACY_NMSACCESSU
O64 - Services: CurCS - 18/03/2004 - C:\WINDOWS\System32\HPZipm12.exe (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS
O64 - Services: CurCS - 26/03/2006 - C:\WINDOWS\system32\drivers\sfdrv01.sys (sfdrv01) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01
O64 - Services: CurCS - 13/03/2006 - C:\WINDOWS\system32\drivers\sfhlp02.sys (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02
O64 - Services: CurCS - 24/03/2006 - C:\WINDOWS\system32\drivers\sfsync04.sys (sfsync04) .(.Protection Technology (StarForce) - FrontLine Synchronization Driver.) - LEGACY_SFSYNC04
O64 - Services: CurCS - 03/11/2005 - C:\WINDOWS\system32\drivers\sfvfs02.sys (sfvfs02) .(.Protection Technology - StarForce Protection VFS Driver.) - LEGACY_SFVFS02
O64 - Services: CurCS - 18/01/2012 - C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Sony PC Companion) .(.Avanquest Software - Sony PCCompanion Service.) - LEGACY_SONY_PC_COMPANION
O64 - Services: CurCS - 05/12/2012 - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTomHOMEService) .(.TomTom - Windows Service for TomTom HOME.) - LEGACY_TOMTOMHOMESERVICE
O64 - Services: CurCS - 12/11/2001 - C:\Program Files\Common Files\X10\Common\X10nets.exe (x10nets) .(.X10 - X10 Module.) - LEGACY_X10NETS
~ Legacy: 221 Legitimates Scanned in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\WINDOWS\regedit.exe
~ Keys: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] Emjysoft - (Rechercher...) - http://start.emjysoft.com
O69 - SBI: SearchScopes [HKCU] Live Search - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {06C9FEE4-07B6-44C2-B9DE-20AB6EAF0D05} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 38 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.E17F06612A2F907200B806F36C5C6B8A] [SPRF][27/09/2004] (...) -- C:\Documents and Settings\NABIL\Local Settings\Application Data\fusioncache.dat [128]
[MD5.F6DCAB63444F994F6B021CC9EE3DC341] [SPRF][28/02/2008] (...) -- C:\Program Files\ffdsasetts.reg [3310]
[MD5.22AA87EC5A6351FE6DB1CC2BCD9723BD] [SPRF][28/02/2008] (...) -- C:\Program Files\ffdssetts.reg [6132]
[MD5.9ACDCF9FCDCC9EBDA31701F71452B530] [SPRF][28/02/2008] (...) -- C:\Program Files\ffdsvsetts.reg [33454]
[MD5.D18C5F55DEB684113BD30E55578367FB] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc1.reg [596]
[MD5.B9EB849EC191A7E0AE6B463902B1D9B5] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc2.reg [680]
[MD5.9981D5BBF4430D6C836A0BDC758187FE] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc3.reg [3026]
[MD5.2741EC240216BAF0D165A76BCD3944D7] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc4.reg [370]
[MD5.3B8E9EF99B9D6E237A8AAA3AC526D178] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc5.reg [16280]
[MD5.F93A83DA2BE77E7637F1FAE3B346D0ED] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc6.reg [18156]
[MD5.E1BF5664C40AFBF6B0EEC20A56D6A7E9] [SPRF][28/02/2008] (...) -- C:\Program Files\mpc7.reg [3476]
[MD5.77D3A60B2E838E1CC6A682BD9761DA63] [SPRF][24/02/2007] (.RealNetworks, Inc. - RngInterstitial.) -- C:\Program Files\RngInterstitial.dll [774144]
[MD5.DD87A5B067233CA9918B2F1F832F0457] [SPRF][19/01/2001] (.Approach Infinity Media Corportation - AimSp32 Module.) -- C:\WINDOWS\Downloaded Program Files\aimsp32.dll [192512]
[MD5.CB0EBD772D7D003BD11A999FF515A89A] [SPRF][24/08/2006] (.Panda Software - Panda ActiveScan Instalador.) -- C:\WINDOWS\Downloaded Program Files\asinst.dll [141424]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [SPRF][07/12/2004] (...) -- C:\WINDOWS\Downloaded Program Files\bdcore.dll [32]
[MD5.298068536300DA6DC163E394797A7C50] [SPRF][25/05/2006] (...) -- C:\WINDOWS\Downloaded Program Files\bdupd.dll [118784]
[MD5.20C3403D5BC63883D8E2F3EDDC340AFF] [SPRF][23/10/2006] (.Crucial Technology, Inc. - BIOS Scanner.) -- C:\WINDOWS\Downloaded Program Files\cpcScan.dll [241664]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.DD3975246D8928C04549B31B6B49434F] [SPRF][24/03/2008] (.Adobe Systems Incorporated - Adobe� Flash� Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1527056]
[MD5.1CAB87DE6638846FBF51F32B5D95E482] [SPRF][25/05/2006] (...) -- C:\WINDOWS\Downloaded Program Files\ipsupd.dll [53248]
[MD5.3F4413DCD8D3BBABF08F68F25E6D60E1] [SPRF][16/02/2005] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [401408]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [SPRF][07/12/2004] (...) -- C:\WINDOWS\Downloaded Program Files\libfn.dll [32]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.E661E91B5929632665683222D509D271] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Minesweeper Flags for MSN Messenger.) -- C:\WINDOWS\Downloaded Program Files\MineSweeper.dll [130472]
[MD5.D2FB109C3F0DAAAA4A73E5921656DB3E] [SPRF][20/06/2006] (.Microsoft� Corporation - MSN Photo Upload Tool.) -- C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll [379704]
[MD5.E91334130478C43744CB1E5BB096B5A0] [SPRF][17/03/2004] (.PestPatrol, Inc. - PestPatrol version 5 SDK.) -- C:\WINDOWS\Downloaded Program Files\ppctl.dll [578624]
[MD5.F06A42348DAFD569A82DF4A61F57B8E4] [SPRF][20/06/2006] (.Microsoft� Corporation - MSN Photo Upload Tool.) -- C:\WINDOWS\Downloaded Program Files\PURen-us.dll [117560]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft� Corporation - Outil MSN T�l�chargement de photos.) -- C:\WINDOWS\Downloaded Program Files\PURfr-fr.dll [110592]
[MD5.0A7C9B82E668070BB2279D97A4DD2BDE] [SPRF][15/10/2004] (.Microsoft� Corporation - Outil MSN T�l�chargement de photos.) -- C:\WINDOWS\Downloaded Program Files\PURfr-xx.dll [110592]
[MD5.93F7304161C8CB7C335F99D9232BD347] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Solitaire Showdown for MSN Messenger.) -- C:\WINDOWS\Downloaded Program Files\SolitaireShowdown.dll [142248]
[MD5.E2050130C7C0EC056A44237BBB8FEB43] [SPRF][29/05/2002] (.Microsoft Corporation - WinSock2 reorder service providers.) -- C:\WINDOWS\Downloaded Program Files\sporder.dll [9488]
~ Files: Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.11349 - (31/03/2013)
Cl�s trouv�es (Keys found) : 14
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 3
Fichiers trouv�s (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{3794345d-c731-4fbb-8471-73ddc8dffdd2}] =>Spyware.Passwords
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E] =>PUP.SweetIM
[HKCU\Software\Microsoft\handle] =>Malware.Trace
[HKCU\Software\Prodiff] =>Adware.Locator
[HKCU\Software\QZAIB7KITK] =>Trojan.FakeAlert
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
C:\Program Files\DaemonTools_WhenUSave_Installer =>Spyware.WhenU-Save
C:\Program Files\rkfree =>Keylogger.Logixoft
C:\Documents and Settings\NABIL\Application Data\LuckyTender =>Adware.LuckyTender
~ Additionnel: Scanned in 01mn 11s



---\\ Product Upgrade Codes (O90)
~ Update Products: 93 Legitimates Scanned in 00mn 00s



---\\ MyComputer Name Space (O92)
O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
~ MNS: Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/08/2012 86224 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 16/08/2012 110032 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/07/2010 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 20/09/2002 77824 | (CA_LIC_CLNT) . (.Computer Associates.) - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
SS - | Demand 20/09/2002 77824 | (CA_LIC_SRVR) . (.Computer Associates.) - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 10/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 26/03/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 09/09/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 06/03/2013 170912 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SS - | Demand 01/10/2012 295224 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 20/09/2002 53248 | (LogWatch) . (.Computer Associates.) - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
SS - | Demand 08/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 65536 | (NMSAccessU) . (...) - C:\Program Files\Fichiers communs\NMSAccessU.exe
SS - | Demand 18/03/2004 65536 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\System32\HPZipm12.exe
SS - | Demand 18/01/2012 155320 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
SR - | Auto 05/12/2012 92632 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 12/11/2001 20480 | (x10nets) . (.X10.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: Scanned in 00mn 00s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by NABIL at 01/04/2013 17:39:54

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync04.sys atapi.sys sptd.sys viaide.sys
C:\WINDOWS\system32\drivers\sfsync04.sys Protection Technology (StarForce) SF FrontLine
C:\WINDOWS\system32\drivers\sptd.sys Duplex Secure Ltd. SCSI Pass Through Direct
1 nt!IofCallDriver[0x804E13B9] => \Device\Harddisk0\DR0[0x8AA16AB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 15 Legitimates Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by NABIL at 01/04/2013 17:39:56

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



End of the scan (1195 lines in 11mn 44s)(0)