cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2013.9.27.492 - Nicolas Coolman (27/09/2013)
~ Launched by sophie (27/09/2013 18:58:30)
~ Web site address : http://nicolascoolman.webs.com
~ Translated by
~ Version State :
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Not Found


---\\ Internet browsers
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 23.0.1 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ System protection software
avast! Free Antivirus v6.0.1000.0
Malwarebytes Anti-Malware version 1.75.0.1300
Spybot - Search & Destroy v1.6.2

---\\ System optimization software
CCleaner v2.32 =>Piriform Ltd

---\\ Sharing software PeerToPeer
eMule
Vuze =>P2P.Azureus
�Torrent v1.6.1 =>P2P.�Torrent

---\\ Surveillance software
Adobe Flash Player 10 ActiveX
Adobe Reader X

---\\ Information on the system
~ Processor: x86 Family 15 Model 2 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1535 MB (51% free)
System Restore: Activ� (Enable)
System drive C: has 35 GB (31%) free of 112 GB

---\\ Connection to the system mode
~ Computer Name: NOUS
~ User Name: sophie
~ All Users Names: SUPPORT_388945a0, sophie, LogMeInRemoteUser, HelpAssistant, Guest, ASPNET, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\sophie\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\sophie\Application Data\
~ %Desktop% : C:\Documents and Settings\sophie\Desktop\
~ %Favorites% : C:\Documents and Settings\sophie\Favorites\
~ %LocalAppData% : C:\Documents and Settings\sophie\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\sophie\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 35 Go of 112 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 33 Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows Explorer.) (.14/04/2008 - 01:12:19.) -- C:\WINDOWS\Explorer.exe [1033728]
[MD5.8D443F95E14650504AE4DF10D3049DD7] - (.Microsoft Corporation - Internet Extensions for Win32.) (.01/08/2013 - 05:17:51.) -- C:\WINDOWS\system32\wininet.dll [668672]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.14/04/2008 - 01:12:39.) -- C:\WINDOWS\system32\Winlogon.exe [507904]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) (.13/04/2008 - 19:33:28.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) (.13/04/2008 - 20:18:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) (.13/04/2008 - 19:40:10.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/04/2008 - 19:40:27.) -- C:\WINDOWS\system32\Drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.13/04/2008 - 19:41:01.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [52352]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
Mes images (My Pictures) : 2/2 (Modified)
~ Mes musiques (My Musics) : 1/175
~ Mes Favoris (My Favorites) : 1/17
~ Mes Documents (My Documents) : 1/549
~ Mon Bureau (My Desktop) : 1/200
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 03s



---\\ Process running
[MD5.2695E3E9497BF72ABB44B5010EC5DA16] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.1560]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3451496] [PID.1780]
[MD5.2D99607F21FF368C0E335A2D91A052A1] - (.Broadcom Corporation - Modem Messaging Applet.) -- C:\WINDOWS\BCMSMMSG.exe [122880] [PID.1800]
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672] [PID.948]
[MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [238888] [PID.1056]
[MD5.39133291CB607BDD87CFC565A4A1E7A5] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.1372]
[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.1112]
[MD5.D89083C4EB02DACA8F944B0E05E57F9D] - (.Microsoft Corporation - SQL Server VSS Writer.) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [86880] [PID.416]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.1340]
[MD5.E6378B3216716C28DF1BFC97F863EE7F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8022528] [PID.3200]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\prefs.js
M3 - MFPP: Plugins - [sophie] -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [sophie] -- C:\Program Files\Mozilla FireFox\searchplugins\avg_igeared.xml
M3 - MFPP: Plugins - [sophie] -- C:\Program Files\Mozilla FireFox\searchplugins\McSiteAdvisor.xml
M3 - MFPP: Plugins - [sophie] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml =>Toolbar.Yahoo
M2 - MFEP: prefs.js [sophie - mapdk7qj.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (..) =>Toolbar.Google
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\libvlc.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.8.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.2] - (.the VideoLAN Team - Version 1.0.2, copyright 1996-2009 The VideoLAN Team
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.8.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.No owner - Provides additional functionality on Facebook. See
.Facebook
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 02s
~ Nombre de lignes (Lines number): 11532



---\\ Browser Helper Objects (O2)
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:\Program Files\Adobe\\Adobe Contribute CS4\contributeieplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphan key
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
~ BHO: 14 Scanned in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Orphan key
O3 - Toolbar: Adobe PDF - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - [HKLM]{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:\Program Files\Adobe\\Adobe Contribute CS4\contributeieplugin.dll
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Orphan key
O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A057A204-BACC-4D26-9990-79A187E2698E} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Orphan key
~ Toolbar: Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\Desktop [AllUsers]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [AllUsers]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [AllUsers]: OpenOffice.org 3.3.lnk . (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop [AllUsers]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [sophie]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity�, the Free, Cross-Platform Sound E.) -- C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
O4 - GS\Desktop [sophie]: FinalTorrent.lnk . (.Bitberry Software - FinalTorrent - A Torrent download client.) -- C:\Program Files\FinalTorrent\FinalTorrent.exe
O4 - GS\Desktop [sophie]: Media Player Classic.lnk . (.MPC-HC Team - Media Player Classic - Home Cinema.) -- C:\Program Files\Essentials Codec Pack\MPC\mpc-hc.exe
O4 - GS\Desktop [sophie]: Shortcut to Downloads.lnk . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads
O4 - GS\Desktop [sophie]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [sophie]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 11 Scanned in 00mn 04s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [BCMSMMSG] . (.Broadcom Corporation - Modem Messaging Applet.) -- C:\WINDOWS\BCMSMMSG.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [UserFaultCheck] Orphan key
O4 - HKLM\..\Run: [KernelFaultCheck] Orphan key
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKLM\..\Terminal Server\Run: [Scheduler] scheduler.exe
~ Application: Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 4 Scanned in 00mn 00s



---\\ Reset Web Settings' hijack (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Param�tres WEB: Scanned in 00mn 00s



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B1EF85F-E83E-4A18-85F6-1D34AAA2406B}: NameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{77CD1F91-36A7-4AA8-8CE9-5B96B0A3A009}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C92E0682-3387-42EB-A46D-7B1195728687}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B1EF85F-E83E-4A18-85F6-1D34AAA2406B}: NameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{77CD1F91-36A7-4AA8-8CE9-5B96B0A3A009}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C92E0682-3387-42EB-A46D-7B1195728687}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B1EF85F-E83E-4A18-85F6-1D34AAA2406B}: NameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{77CD1F91-36A7-4AA8-8CE9-5B96B0A3A009}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C92E0682-3387-42EB-A46D-7B1195728687}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notification.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\optimi~1\optpro~1.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ SSODL: 5 Scanned in 00mn 00s



---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Browseui preloader - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 169.2.) - C:\WINDOWS\system32\nvsvc32.exe
~ Services: 6 Scanned in 00mn 10s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: My Current Home Page - file:About:Home
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\Bliss.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\FinalTorrent Update Checker.job [370]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Windows Codec Update Service.job [350]
[MD5.3109B16A0939BA11696EEB04F345D099] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592]
[MD5.1525A7963B53A6741B67E075B32CF9B8] [APT] [FinalTorrent Update Checker] (.Bitberry Software.) -- C:\Program Files\FinalTorrent\FTCheckForUpdates.exe [1560792]
[MD5.5C7686EBAA8F27437C6F2C33F08768F5] [APT] [Windows Codec Update Service] (.MediaCodec.Org.) -- C:\Program Files\Essentials Codec Pack\WECPUpdate.exe [258048]
~ Scheduled Task: 9 Scanned in 00mn 00s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utility.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft� VM.) -- C:\WINDOWS\System32\msjava.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\System32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Outlook Express Setup Library.) -- C:\Program Files\Outlook Express\setup50.exe
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp11.inf =>.Microsoft Corporation
O40 - ASIC: Address Book 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Outlook Express Setup Library.) -- C:\Program Files\Outlook Express\setup50.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE 5.0 Per-User Install Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r2.) -- C:\WINDOWS\system32\Macromed\Flash\FlDbg10.ocx
O40 - ASIC: Installed Component - S-1-5-21-606747145-115176313-839522115-1004 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexad�cimal CLSID
~ Active Setup: 18 Scanned in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - C:\WINDOWS\system32\drivers\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (OMCI) . (.Dell Computer Corporation - OMCI Device Driver.) - C:\WINDOWS\sysTEM32\DRIVERS\OMCI.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Processor Device Driver.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Serial Device Driver.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: VGA Display Controller. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: 7-Zip 4.65 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Acrobat 9 Pro - English, Fran�ais, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7760-000000000004}
O42 - Logiciel: Adobe Acrobat 9.5.5 - CPSID_83708 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-1033-F400-7760-000000000004}_955
O42 - Logiciel: Adobe After Effects CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {45EC816C-0771-4C14-AE6D-72D1B578F4C8}
O42 - Logiciel: Adobe After Effects CS4 Presets - (.Adobe Systems Incorporated.) [HKLM] -- {44E240EC-2224-4078-A88B-2CEE0D3016EF}
O42 - Logiciel: Adobe After Effects CS4 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {1618734A-3957-4ADD-8199-F973763109A8}
O42 - Logiciel: Adobe Asset Services CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B9F4561A-924D-4510-A85A-BB0960C338CB}
O42 - Logiciel: Adobe Atmosphere Player for Acrobat and Adobe Reader - (...) [HKLM] -- Adobe Atmosphere Player
O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191}
O42 - Logiciel: Adobe CS4 American English Speech Analysis Models - (.Adobe Systems Incorporated.) [HKLM] -- {297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0F723FC1-7606-4867-866C-CE80AD292DAF}
O42 - Logiciel: Adobe Color - Photoshop Specific CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
O42 - Logiciel: Adobe Color EU Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
O42 - Logiciel: Adobe Color JA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0D6013AB-A0C7-41DC-973C-E93129C9A29F}
O42 - Logiciel: Adobe Color NA Recommended Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
O42 - Logiciel: Adobe Color Video Profiles AE CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B15381DD-FF97-4FCD-A881-ED4DB0975500}
O42 - Logiciel: Adobe Color Video Profiles CS CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {63C24A08-70F3-4C8E-B9FB-9F21A903801D}
O42 - Logiciel: Adobe Contribute CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {A6EC82A0-1414-475D-8AFD-469089F3080D}
O42 - Logiciel: Adobe Creative Suite 4 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_b2d6abde968e6f277ddbfd501383e02
O42 - Logiciel: Adobe Creative Suite 4 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683}
O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {67F0E67A-8E93-4C2C-B29D-47C48262738A} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {30C8AA56-4088-426F-91D1-0EDFD3A25678}
O42 - Logiciel: Adobe Drive CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {16E16F01-2E2D-4248-A42F-76261C147B6C}
O42 - Logiciel: Adobe Dynamiclink Support - (.Adobe Systems Incorporated.) [HKLM] -- {60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
O42 - Logiciel: Adobe Encore CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {5EAD5443-7194-46CC-A055-428E6ABB1BAF}
O42 - Logiciel: Adobe Encore CS4 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {FB2A5FCC-B81B-48C2-A009-7804694D83E9}
O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {054EFA56-2AC1-48F4-A883-0AB89874B972}
O42 - Logiciel: Adobe Fireworks CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
O42 - Logiciel: Adobe Flash CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F6E99614-F042-4459-82B7-8B38B2601356}
O42 - Logiciel: Adobe Flash CS4 Extension - Flash Lite STI en - (.Adobe Systems Incorporated.) [HKLM] -- {793D1D88-6141-43DE-BE58-59BCE31B4090}
O42 - Logiciel: Adobe Flash CS4 STI-en - (.Adobe Systems Incorporated.) [HKLM] -- {2168245A-B5AD-40D8-A641-48E3E070B5B6}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {3A6829EF-0791-4FDD-9382-C690DD0821B9}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
O42 - Logiciel: Adobe Illustrator CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {87532CAB-7932-4F84-8937-823337622807} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {1DCA3EAA-6EB5-4563-A970-EA14D75037BA} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS4 Application Feature Set Files (Roman) - (.Adobe Systems Incorporated.) [HKLM] -- {2BAF2B96-7560-48B4-87D4-10178DDBE217} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS4 Common Base Files - (.Adobe Systems Incorporated.) [HKLM] -- {7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS4 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Linguistics CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {931AB7EA-3656-4BB7-864D-022B09E3DD67}
O42 - Logiciel: Adobe Media Encoder CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
O42 - Logiciel: Adobe Media Encoder CS4 Additional Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
O42 - Logiciel: Adobe Media Encoder CS4 Dolby - (.Adobe Systems Incorporated.) [HKLM] -- {EE353798-E875-42E0-B58D-7E6696182EA8}
O42 - Logiciel: Adobe Media Encoder CS4 Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {561968FD-56A1-49FD-9ED0-F55482C7C5BC}
O42 - Logiciel: Adobe Media Encoder CS4 Importer - (.Adobe Systems Incorporated.) [HKLM] -- {8186FF34-D389-4B7E-9A2F-C197585BCFBD}
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM] -- {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
O42 - Logiciel: Adobe MotionPicture Color Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
O42 - Logiciel: Adobe OnLocation CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {7406DF60-016D-476B-A2C7-55D997592047}
O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A}
O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353}
O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS4 Support - (.Adobe Systems Incorporated.) [HKLM] -- {63E5CDBF-8214-4F03-84F8-CD3CE48639AD} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {D499F8DE-3F31-4900-9157-61061613704B}
O42 - Logiciel: Adobe Premiere Pro CS4 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
O42 - Logiciel: Adobe Premiere Pro CS4 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {C938BE91-3BB5-4B84-9EF6-88F0505D0038}
O42 - Logiciel: Adobe Reader X (10.1.8) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001}
O42 - Logiciel: Adobe SGM CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
O42 - Logiciel: Adobe SING CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {4A52555C-032A-4083-BDD9-6A85ABFB39A8}
O42 - Logiciel: Adobe SVG Viewer - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.) [HKLM] -- {F0E64E2E-3A60-40D8-A55D-92F6831875DA}
O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.) [HKLM] -- {4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
O42 - Logiciel: Adobe Soundbooth CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {14F70205-1940-4000-88C7-BE799A6B2CAD}
O42 - Logiciel: Adobe Soundbooth CS4 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {52232EF4-CC12-4C21-ABCF-ADB79618302D}
O42 - Logiciel: Adobe Type Manager Deluxe 4.1 - (...) [HKLM] -- Adobe Type Manager Deluxe 4.1
O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {05308C4E-7285-4066-BAE3-6B50DA6ED755}
O42 - Logiciel: Adobe Version Cue CS4 Server - (.Adobe Systems Incorporated.) [HKLM] -- {1B7C06E1-4888-47A6-992A-0990B9683486}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
O42 - Logiciel: AdobeColorCommonSetCMYK - (.Adobe Systems Incorporated.) [HKLM] -- {68243FF8-83CA-466B-B2B8-9F99DA5479C4}
O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1
O42 - Logiciel: BCM V.92 56K Modem - (...) [HKLM] -- BCM V.92 56K Modem
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Connect - (.Adobe Systems Incorporated.) [HKLM] -- {B29AD377-CC12-490A-A480-1452337C618D}
O42 - Logiciel: Crystal Reports for .NET Framework 2.0 (x86) - (.Business Objects.) [HKLM] -- {7C05EEDD-E565-4E2B-ADE4-0C784C17311C}
O42 - Logiciel: Dell ResourceCD - (...) [HKLM] -- {D78653C3-A8FF-415F-92E6-D774E634FF2D}
O42 - Logiciel: Dongle Sagem 760A - (...) [HKLM] -- LIVEBOX_SAGEM_760A
O42 - Logiciel: EVEREST Ultimate Edition v4.20 - (.Lavalys, Inc..) [HKLM] -- EVEREST Ultimate Edition_is1
O42 - Logiciel: Easy CD Creator 5 Basic - (.Roxio Inc.) [HKLM] -- {609F7AC8-C510-11D4-A788-009027ABA5D0}
O42 - Logiciel: File Type Assistant - (.Trusted Software.) [HKLM] -- Trusted Software Assistant_is1
O42 - Logiciel: FinalTorrent 2011 - (.Bitberry Software.) [HKLM] -- FinalTorrent_is1
O42 - Logiciel: Freecom Backup Software 1.22 - (.Freecom.) [HKLM] -- Freecom Backup Software_is1
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Intel(R) PRO Network Adapters and Drivers - (...) [HKLM] -- PROSet
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 11 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150110}
O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Java(TM) 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020}
O42 - Logiciel: Java(TM) 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Kit d'installation - (...) [HKLM] -- {9C650676-CDDB-42C0-8D11-3EEB7F791F99}
O42 - Logiciel: Kit de connexion ADSL - (...) [HKLM] -- {B0C5783F-AB91-460B-8238-BD9A8F6346D3}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Works 7.0 - (.Microsoft Corporation.) [HKLM] -- {764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 23.0.1 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: PDF Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
O42 - Logiciel: PDFCreator - (.Frank Heind�rfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8}
O42 - Logiciel: Pixel Bender Toolkit - (.Adobe Systems Incorporated.) [HKLM] -- {43509E18-076E-40FE-AF38-CA5ED400A5A9}
O42 - Logiciel: QSR NVivo 7.0 - (.QSR International Pty Ltd.) [HKLM] -- {4F260CA1-6FEB-4868-BC3D-CA5BBC9A4630}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: SWiSH Max2 - (...) [HKLM] -- SWiSH Max2
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: SoundMAX - (...) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {842B4B72-9E8F-4962-B3C1-1C422A5C4434}
O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 4
O42 - Logiciel: Time Adjuster STANDARD 3.1 - (.IrekSoftware.com.) [HKCU] -- TimeAdjuster
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 =>P2P.Azureus
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Essentials Media Codec Pack 4.0 [32-Bit] - (.Media Codec.) [HKLM] -- Windows Essentials Media Codec Pack
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Player 11 - (...) [HKLM] -- Windows Media Player =>.Microsoft Corporation
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 =>.Microsoft Corporation
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: avast! Free Antivirus v6.0.1000.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: eMule - (...) [HKLM] -- eMule
O42 - Logiciel: kuler - (.Adobe Systems Incorporated.) [HKLM] -- {098727E1-775A-4450-B573-3F441F1CA243}
O42 - Logiciel: pdfforge Toolbar v4.4 - (.Spigot, Inc..) [HKLM] -- {BCB52F35-4C56-49F2-A3D6-FDED54B01847} =>PUP.Dealio
O42 - Logiciel: �Torrent - (...) [HKLM] -- uTorrent =>P2P.�Torrent
~ Logic: 225 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adaptec]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Audacity]
[HKCU\Software\Azureus] =>P2P.Azureus
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Bitberry]
[HKCU\Software\Brother]
[HKCU\Software\CDDB]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dell Computer Corporation]
[HKCU\Software\EPSON]
[HKCU\Software\EasySystems]
[HKCU\Software\FRANCE TELECOM]
[HKCU\Software\FotoWire]
[HKCU\Software\Freecom]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Goto Software]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\IrekZielinskiSoft]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogMeIn]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Quark]
[HKCU\Software\Redfield]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SSPrint]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\TeamViewer]
[HKCU\Software\Terravirtual]
[HKCU\Software\UltraSoft]
[HKCU\Software\Usbfix]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Xobni]
[HKCU\Software\Yahoo] =>Toolbar.Yahoo
[HKCU\Software\YouSendIt]
[HKCU\Software\eMule]
[HKCU\Software\ej-technologies]
[HKCU\Software\settings]
[HKCU\Software\uTorrent] =>P2P.�Torrent
[HKLM\Software\781]
[HKLM\Software\8ec]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adaptec]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Analog Devices]
[HKLM\Software\Andrea Electronics]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Azureus] =>P2P.Azureus
[HKLM\Software\BCMDM]
[HKLM\Software\BCMSM]
[HKLM\Software\BitTorrent] =>P2P.BitTorrent
[HKLM\Software\Brother]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Caere Corp]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Crystal Decisions]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\EPSON]
[HKLM\Software\Environment]
[HKLM\Software\Essentials Codec Pack]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Goto Software]
[HKLM\Software\Goto]
[HKLM\Software\HP]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Imagineer Systems Ltd]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Kodak]
[HKLM\Software\Left Side Software]
[HKLM\Software\Licenses]
[HKLM\Software\Logitech]
[HKLM\Software\MAXSOFT-OCRON]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Magnet]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\Minnetonka Audio Software]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf Telecom]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PDFCreator]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\QSR]
[HKLM\Software\Redfield]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SECURITOO]
[HKLM\Software\SSPrint]
[HKLM\Software\SWiSHzone.com]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sagem]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Synthetic Aperture]
[HKLM\Software\TeamViewer]
[HKLM\Software\TerraVirtual]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\W3i]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo] =>Toolbar.Yahoo
[HKLM\Software\ej-technologies]
[HKLM\Software\mozilla.org]
~ Key Software: 245 Scanned in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 23/10/2009 - 10:43:19 - [2,951] ----D C:\Program Files\7-Zip
O43 - CFD: 05/07/2011 - 11:29:29 - [1237,940] ----D C:\Program Files\Adobe
O43 - CFD: 28/02/2008 - 01:32:27 - [6,724] ----D C:\Program Files\Adobe Album Starter
O43 - CFD: 23/10/2009 - 13:17:00 - [2,891] ----D C:\Program Files\Adobe Media Player
O43 - CFD: 02/05/2010 - 10:33:40 - [1,253] ----D C:\Program Files\Adobe Type Manager
O43 - CFD: 28/05/2010 - 10:38:47 - [355,670] ----D C:\Program Files\Alwil Software
O43 - CFD: 27/06/2006 - 04:56:31 - [1,833] ----D C:\Program Files\Analog Devices
O43 - CFD: 22/10/2009 - 19:02:27 - [2,118] ----D C:\Program Files\Apple Software Update
O43 - CFD: 29/09/2008 - 18:39:49 - [0,001] ----D C:\Program Files\ArcSoft
O43 - CFD: 29/09/2011 - 15:59:51 - [32,784] ----D C:\Program Files\Audacity 1.3 Beta (Unicode)
O43 - CFD: 12/10/2009 - 12:55:50 - [0] ----D C:\Program Files\AVG
O43 - CFD: 22/10/2009 - 19:08:33 - [0,375] ----D C:\Program Files\Bonjour
O43 - CFD: 15/12/2011 - 18:30:05 - [10,396] ----D C:\Program Files\Brother
O43 - CFD: 28/05/2010 - 10:24:07 - [2,733] ----D C:\Program Files\CCleaner =>Piriform Ltd
O43 - CFD: 12/05/2010 - 13:53:08 - [16,355] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 06/10/2011 - 12:57:12 - [1852,877] ----D C:\Program Files\Common Files
O43 - CFD: 27/06/2006 - 03:43:11 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 05/08/2006 - 18:02:53 - [0] ----D C:\Program Files\directx
O43 - CFD: 04/09/2008 - 11:16:47 - [0,356] ----D C:\Program Files\DNA
O43 - CFD: 19/04/2007 - 16:00:27 - [60,969] ----D C:\Program Files\Dreamweaver
O43 - CFD: 07/05/2003 - 06:25:26 - [2,284] ----D C:\Program Files\EasyPHP 2.0b1
O43 - CFD: 02/11/2009 - 13:06:27 - [0,004] ----D C:\Program Files\Electric Rain
O43 - CFD: 28/02/2012 - 21:33:31 - [-841,823] ----D C:\Program Files\eMule
O43 - CFD: 23/05/2003 - 01:46:21 - [0] ----D C:\Program Files\EPSON
O43 - CFD: 17/09/2013 - 15:28:37 - [35,859] ----D C:\Program Files\Essentials Codec Pack
O43 - CFD: 12/01/2012 - 14:05:28 - [1,979] ----D C:\Program Files\File Type Assistant
O43 - CFD: 19/04/2007 - 19:20:51 - [4,285] ----D C:\Program Files\Filezilla
O43 - CFD: 12/01/2012 - 14:04:34 - [9,654] ----D C:\Program Files\FinalTorrent
O43 - CFD: 09/07/2009 - 17:27:42 - [7,739] ----D C:\Program Files\Firefox
O43 - CFD: 12/11/2010 - 13:11:10 - [2,096] ----D C:\Program Files\Freecom Backup Software
O43 - CFD: 11/10/2009 - 14:55:31 - [0] ----D C:\Program Files\Google
O43 - CFD: 23/11/2009 - 10:45:53 - [0] ----D C:\Program Files\Goto software
O43 - CFD: 30/03/2009 - 12:43:54 - [22,554] ----D C:\Program Files\Grisoft
O43 - CFD: 20/05/2003 - 18:23:40 - [5,539] ----D C:\Program Files\HP
O43 - CFD: 15/12/2011 - 18:26:42 - [11,806] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 27/06/2006 - 04:59:16 - [0,038] ----D C:\Program Files\Intel
O43 - CFD: 11/03/2009 - 23:43:49 - [5,653] ----D C:\Program Files\Internet Explorer
O43 - CFD: 08/04/2011 - 00:08:50 - [0] ----D C:\Program Files\iTunes
O43 - CFD: 24/03/2010 - 23:05:05 - [332,689] ----D C:\Program Files\Java
O43 - CFD: 27/06/2006 - 05:40:42 - [9,698] ----D C:\Program Files\Kit ADSL
O43 - CFD: 31/05/2011 - 17:54:08 - [12,678] ----D C:\Program Files\Lavalys
O43 - CFD: 08/05/2003 - 06:44:44 - [0,009] ----D C:\Program Files\Lexico2
O43 - CFD: 01/09/2013 - 13:09:00 - [71,016] ----D C:\Program Files\LimeWire
O43 - CFD: 23/05/2003 - 03:50:08 - [0,599] ----D C:\Program Files\Logitech
O43 - CFD: 28/10/2009 - 14:15:22 - [122,733] ----D C:\Program Files\Macromedia
O43 - CFD: 31/08/2013 - 11:26:50 - [13,293] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 11/03/2009 - 23:48:51 - [2,124] ----D C:\Program Files\Messenger
O43 - CFD: 29/03/2007 - 16:09:14 - [1,285] ----D C:\Program Files\mg2
O43 - CFD: 17/09/2011 - 14:02:27 - [0,216] ----D C:\Program Files\Microsoft
O43 - CFD: 16/09/2007 - 23:44:38 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 11/05/2009 - 09:24:52 - [0,197] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 11/05/2009 - 09:25:11 - [132,533] ----D C:\Program Files\Microsoft Office
O43 - CFD: 10/08/2013 - 22:04:19 - [40,851] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 31/08/2011 - 18:21:54 - [358,513] ----D C:\Program Files\Microsoft SQL Server
O43 - CFD: 11/05/2009 - 09:27:20 - [5,500] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 29/06/2006 - 23:54:48 - [91,912] ----D C:\Program Files\Microsoft Works
O43 - CFD: 31/08/2011 - 10:49:45 - [1,016] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 30/10/2010 - 13:27:52 - [1,180] ----D C:\Program Files\Morphing
O43 - CFD: 03/09/2010 - 18:12:19 - [10,728] ----D C:\Program Files\Movie Maker
O43 - CFD: 27/08/2013 - 10:14:37 - [134,364] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 27/08/2013 - 12:45:30 - [0,215] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 31/08/2011 - 22:59:39 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 27/06/2006 - 03:42:38 - [33,727] ----D C:\Program Files\MSN
O43 - CFD: 27/06/2006 - 03:42:28 - [8,338] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 06/07/2010 - 13:14:42 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 31/08/2011 - 10:43:36 - [0,007] ----D C:\Program Files\MSXML 6.0
O43 - CFD: 11/03/2009 - 23:40:31 - [3,108] ----D C:\Program Files\NetMeeting
O43 - CFD: 10/08/2013 - 15:55:58 - [75,346] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 27/06/2006 - 03:44:42 - [0,003] ----D C:\Program Files\Online Services
O43 - CFD: 23/06/2011 - 13:38:08 - [336,321] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 24/09/2009 - 19:08:18 - [2,924] ----D C:\Program Files\OrangeHSS
O43 - CFD: 15/12/2010 - 19:49:02 - [4,123] ----D C:\Program Files\Outlook Express
O43 - CFD: 06/06/2011 - 14:25:03 - [24,978] ----D C:\Program Files\PDFCreator
O43 - CFD: 31/08/2011 - 10:56:37 - [57,412] ----D C:\Program Files\QSR
O43 - CFD: 07/05/2007 - 10:38:52 - [14,521] ----D C:\Program Files\Quark
O43 - CFD: 07/12/2009 - 16:14:43 - [76,378] ----D C:\Program Files\QuickTime
O43 - CFD: 31/08/2011 - 22:59:24 - [34,730] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 29/06/2006 - 23:37:18 - [7,051] ----D C:\Program Files\Roxio
O43 - CFD: 23/05/2003 - 01:45:09 - [0,028] ----D C:\Program Files\SamsungPrinterLiveUpdate
O43 - CFD: 02/03/2009 - 22:42:11 - [29,577] ----D C:\Program Files\Securitoo
O43 - CFD: 28/05/2010 - 10:25:01 - [66,630] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 23/09/2010 - 14:42:17 - [57,823] ----D C:\Program Files\SWiSH Max2
O43 - CFD: 22/10/2009 - 16:33:14 - [13,365] ----D C:\Program Files\TeamViewer
O43 - CFD: 27/09/2011 - 12:22:48 - [1,951] ----D C:\Program Files\TimeAdjuster
O43 - CFD: 27/06/2006 - 03:54:03 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/09/2013 - 15:32:16 - [0,047] ----D C:\Program Files\Uninstaller
O43 - CFD: 25/08/2011 - 11:45:11 - [0,240] ----D C:\Program Files\uTorrent =>P2P.�Torrent
O43 - CFD: 22/10/2009 - 16:26:41 - [73,579] ----D C:\Program Files\VideoLAN
O43 - CFD: 09/01/2007 - 10:01:04 - [27,583] ----D C:\Program Files\VLCmedia player
O43 - CFD: 02/04/2010 - 11:00:03 - [34,060] ----D C:\Program Files\Vuze =>P2P.Azureus
O43 - CFD: 02/02/2009 - 21:33:29 - [4,553] ----D C:\Program Files\Wanadoo
O43 - CFD: 17/09/2011 - 14:02:21 - [43,572] ----D C:\Program Files\Windows Live
O43 - CFD: 17/09/2011 - 14:02:06 - [0,234] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 28/10/2009 - 14:04:42 - [0,093] ----D C:\Program Files\Windows Live Toolbar
O43 - CFD: 28/12/2006 - 16:03:20 - [3,415] ----D C:\Program Files\Windows Media Connect 2
O43 - CFD: 11/03/2009 - 23:40:26 - [12,372] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/03/2009 - 23:40:21 - [3,740] ----D C:\Program Files\Windows NT
O43 - CFD: 27/06/2006 - 06:18:28 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 20/05/2007 - 13:00:59 - [2,691] ----D C:\Program Files\WinRAR
O43 - CFD: 27/06/2006 - 03:46:06 - [0] ----D C:\Program Files\xerox
O43 - CFD: 24/09/2009 - 19:51:43 - [0] ----D C:\Program Files\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 27/09/2013 - 18:56:40 - [16,933] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 27/09/2013 - 18:53:44 - [6,857] ----D C:\Program Files\ZHPFix =>.Nicolas Coolman
O43 - CFD: 29/06/2006 - 23:37:18 - [16,414] ----D C:\Program Files\Common Files\Adaptec Shared
O43 - CFD: 05/07/2011 - 11:29:29 - [1520,008] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 05/07/2011 - 11:27:15 - [30,057] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 08/04/2011 - 00:08:50 - [69,018] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 31/08/2011 - 10:54:19 - [35,644] ----D C:\Program Files\Common Files\Business Objects
O43 - CFD: 23/05/2003 - 03:48:12 - [0] ----D C:\Program Files\Common Files\Caere
O43 - CFD: 11/05/2009 - 09:27:18 - [0,082] ----D C:\Program Files\Common Files\Designer
O43 - CFD: 29/09/2008 - 18:01:08 - [0] ----D C:\Program Files\Common Files\EPSON
O43 - CFD: 02/03/2009 - 22:44:28 - [1,104] ----D C:\Program Files\Common Files\France Telecom
O43 - CFD: 21/05/2008 - 16:50:50 - [1,725] ----D C:\Program Files\Common Files\HP
O43 - CFD: 03/07/2006 - 22:56:50 - [18,825] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 18/08/2006 - 10:55:54 - [58,626] ----D C:\Program Files\Common Files\Java
O43 - CFD: 06/07/2011 - 13:45:32 - [0,410] ----D C:\Program Files\Common Files\logishrd
O43 - CFD: 23/05/2003 - 01:44:07 - [0] ----D C:\Program Files\Common Files\Logitech
O43 - CFD: 23/10/2009 - 13:00:23 - [0,626] ----D C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 17/09/2011 - 14:02:13 - [80,454] ----D C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 27/06/2006 - 03:43:48 - [0,271] ----D C:\Program Files\Common Files\MSSoap
O43 - CFD: 26/06/2006 - 15:31:31 - [0] ----D C:\Program Files\Common Files\ODBC
O43 - CFD: 27/06/2006 - 03:43:54 - [0,008] ----D C:\Program Files\Common Files\Services
O43 - CFD: 26/06/2006 - 15:31:28 - [3,612] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 22/09/2010 - 10:04:23 - [0,059] ----D C:\Program Files\Common Files\SWiSHzone.com
O43 - CFD: 11/03/2009 - 23:40:17 - [15,934] ----D C:\Program Files\Common Files\System
O43 - CFD: 17/09/2011 - 13:58:26 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 06/09/2006 - 17:57:44 - [1,476] ----D C:\Documents and Settings\All Users\Application Data\4D
O43 - CFD: 07/07/2011 - 15:56:26 - [1191,782] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 23/10/2009 - 14:10:29 - [0] ----D C:\Documents and Settings\All Users\Application Data\ALM
O43 - CFD: 28/05/2010 - 10:38:47 - [13,131] ----D C:\Documents and Settings\All Users\Application Data\Alwil Software
O43 - CFD: 22/10/2009 - 19:01:04 - [40,812] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 22/10/2009 - 19:09:53 - [26,917] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 22/10/2009 - 16:09:25 - [0] ----D C:\Documents and Settings\All Users\Application Data\Azureus =>P2P.Azureus
O43 - CFD: 15/12/2011 - 16:06:57 - [0,076] ----D C:\Documents and Settings\All Users\Application Data\Brother
O43 - CFD: 12/05/2010 - 13:53:40 - [0] ----D C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
O43 - CFD: 29/01/2010 - 17:34:20 - [0,067] ----D C:\Documents and Settings\All Users\Application Data\FLEXnet
O43 - CFD: 08/07/2007 - 11:43:03 - [0,014] ----D C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 21/05/2008 - 16:44:48 - [0,208] ----D C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
O43 - CFD: 05/06/2009 - 17:37:00 - [0,025] ----D C:\Documents and Settings\All Users\Application Data\HP
O43 - CFD: 20/05/2008 - 10:57:01 - [0] ----D C:\Documents and Settings\All Users\Application Data\LogMeIn
O43 - CFD: 19/04/2007 - 16:03:56 - [0,002] ----D C:\Documents and Settings\All Users\Application Data\Macromedia
O43 - CFD: 24/08/2011 - 18:06:16 - [15,896] ----D C:\Documents and Settings\All Users\Application Data\Malwarebytes
O43 - CFD: 25/08/2011 - 10:46:25 - [0,026] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 05/09/2013 - 21:52:12 - [8,698] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 10/08/2013 - 11:08:42 - [0] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 06/05/2008 - 11:23:26 - [0] ----D C:\Documents and Settings\All Users\Application Data\MSN6
O43 - CFD: 07/05/2007 - 10:39:59 - [0,002] ----D C:\Documents and Settings\All Users\Application Data\Quark
O43 - CFD: 31/12/2007 - 11:29:29 - [0] ----D C:\Documents and Settings\All Users\Application Data\Redfield
O43 - CFD: 08/07/2011 - 12:27:10 - [93,342] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 06/07/2011 - 13:30:05 - [6,713] ----D C:\Documents and Settings\All Users\Application Data\Skype Extras
O43 - CFD: 31/10/2011 - 17:58:10 - [37,110] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
O43 - CFD: 17/01/2011 - 22:37:35 - [0] ----D C:\Documents and Settings\All Users\Application Data\SWiSHMax2WorkFolder
O43 - CFD: 17/09/2013 - 15:26:50 - [0] ----D C:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 21/05/2008 - 16:54:55 - [0] ----D C:\Documents and Settings\All Users\Application Data\WEBREG
O43 - CFD: 27/08/2006 - 08:59:42 - [0,003] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 16/09/2007 - 10:36:44 - [0,071] ----D C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
O43 - CFD: 22/10/2009 - 19:11:22 - [0,002] ----D C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
O43 - CFD: 05/07/2011 - 12:01:23 - [145,269] ----D C:\Documents and Settings\sophie\Application Data\Adobe
O43 - CFD: 29/06/2006 - 21:29:10 - [0,001] ----D C:\Documents and Settings\sophie\Application Data\AdobeAUM
O43 - CFD: 13/10/2009 - 15:53:38 - [0] ----D C:\Documents and Settings\sophie\Application Data\AdobeUM
O43 - CFD: 23/10/2009 - 10:30:44 - [0,194] ----D C:\Documents and Settings\sophie\Application Data\Apple Computer
O43 - CFD: 24/10/2011 - 11:05:16 - [0,001] ----D C:\Documents and Settings\sophie\Application Data\Audacity
O43 - CFD: 08/04/2011 - 00:51:40 - [0,735] ----D C:\Documents and Settings\sophie\Application Data\Azureus =>P2P.Azureus
O43 - CFD: 17/12/2007 - 23:56:17 - [0,006] ----D C:\Documents and Settings\sophie\Application Data\BitTorrent =>P2P.BitTorrent
O43 - CFD: 17/06/2008 - 14:17:27 - [0,006] ----D C:\Documents and Settings\sophie\Application Data\BitTorrent DNA =>P2P.BitTorrent
O43 - CFD: 12/05/2010 - 13:53:40 - [0,001] ----D C:\Documents and Settings\sophie\Application Data\Canneverbe Limited
O43 - CFD: 13/10/2010 - 13:33:42 - [6,393] ----D C:\Documents and Settings\sophie\Application Data\Canon
O43 - CFD: 04/09/2008 - 13:38:23 - [0,011] ----D C:\Documents and Settings\sophie\Application Data\DNA
O43 - CFD: 10/08/2013 - 14:03:13 - [38,266] ----D C:\Documents and Settings\sophie\Application Data\Dropbox
O43 - CFD: 27/09/2011 - 18:27:40 - [0] ----D C:\Documents and Settings\sophie\Application Data\dvdcss
O43 - CFD: 17/06/2010 - 01:08:26 - [5,455] ----D C:\Documents and Settings\sophie\Application Data\Facebook
O43 - CFD: 13/01/2012 - 09:25:49 - [0] ----D C:\Documents and Settings\sophie\Application Data\FinalTorrent
O43 - CFD: 06/08/2006 - 20:15:55 - [0,069] ----D C:\Documents and Settings\sophie\Application Data\Google
O43 - CFD: 15/06/2007 - 18:10:33 - [0,028] ----D C:\Documents and Settings\sophie\Application Data\GOTO Software
O43 - CFD: 19/05/2007 - 15:17:29 - [0] ----D C:\Documents and Settings\sophie\Application Data\Help
O43 - CFD: 21/05/2008 - 17:15:42 - [0,044] ----D C:\Documents and Settings\sophie\Application Data\HP
O43 - CFD: 27/06/2006 - 03:54:08 - [0] ----D C:\Documents and Settings\sophie\Application Data\Identities
O43 - CFD: 19/07/2006 - 12:31:12 - [0,001] ----D C:\Documents and Settings\sophie\Application Data\Leadertech
O43 - CFD: 19/04/2007 - 16:07:09 - [4,176] ----D C:\Documents and Settings\sophie\Application Data\Macromedia
O43 - CFD: 24/08/2011 - 18:06:22 - [53,434] ----D C:\Documents and Settings\sophie\Application Data\Malwarebytes
O43 - CFD: 24/09/2013 - 16:35:13 - [0] ----D C:\Documents and Settings\sophie\Application Data\Media Player Classic
O43 - CFD: 17/09/2011 - 17:01:36 - [4,815] -S--D C:\Documents and Settings\sophie\Application Data\Microsoft
O43 - CFD: 19/06/2007 - 18:40:18 - [0] ----D C:\Documents and Settings\sophie\Application Data\Microsoft Web Folders
O43 - CFD: 08/04/2011 - 00:00:36 - [29,617] ----D C:\Documents and Settings\sophie\Application Data\Mozilla
O43 - CFD: 06/05/2008 - 11:23:45 - [0,001] ----D C:\Documents and Settings\sophie\Application Data\MSN6
O43 - CFD: 23/06/2011 - 13:41:35 - [1,710] ----D C:\Documents and Settings\sophie\Application Data\OpenOffice.org
O43 - CFD: 07/05/2007 - 10:48:48 - [0,119] ----D C:\Documents and Settings\sophie\Application Data\Quark
O43 - CFD: 14/10/2006 - 01:32:32 - [0,436] ----D C:\Documents and Settings\sophie\Application Data\Roxio
O43 - CFD: 22/03/2008 - 00:04:24 - [159,863] ----D C:\Documents and Settings\sophie\Application Data\SecondLife
O43 - CFD: 08/07/2011 - 12:27:04 - [17,827] ----D C:\Documents and Settings\sophie\Application Data\Skype
O43 - CFD: 06/07/2011 - 13:20:05 - [0,022] ----D C:\Documents and Settings\sophie\Application Data\skypePM
O43 - CFD: 18/08/2006 - 10:57:34 - [3,413] ----D C:\Documents and Settings\sophie\Application Data\Sun
O43 - CFD: 22/10/2009 - 16:33:20 - [0,417] ----D C:\Documents and Settings\sophie\Application Data\TeamViewer
O43 - CFD: 07/09/2010 - 19:35:24 - [0,026] ----D C:\Documents and Settings\sophie\Application Data\Template
O43 - CFD: 12/11/2010 - 10:18:46 - [166,794] ----D C:\Documents and Settings\sophie\Application Data\Thunderbird
O43 - CFD: 27/06/2011 - 12:18:26 - [3,438] ----D C:\Documents and Settings\sophie\Application Data\U3
O43 - CFD: 26/09/2013 - 20:03:14 - [1,465] ----D C:\Documents and Settings\sophie\Application Data\uTorrent =>P2P.�Torrent
O43 - CFD: 24/09/2013 - 17:07:46 - [1,445] ----D C:\Documents and Settings\sophie\Application Data\vlc
O43 - CFD: 10/07/2010 - 22:27:34 - [0,001] ----D C:\Documents and Settings\sophie\Application Data\YouSendIt
O43 - CFD: 02/11/2009 - 12:26:02 - [0,015] ----D C:\Documents and Settings\sophie\Application Data\Zaxwerks
O43 - CFD: 27/09/2013 - 18:59:06 - [0,339] ----D C:\Documents and Settings\sophie\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 05/07/2011 - 11:26:51 - [152,297] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Adobe
O43 - CFD: 22/10/2009 - 19:02:42 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Apple
O43 - CFD: 03/11/2009 - 23:39:56 - [4,584] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Apple Computer
O43 - CFD: 17/12/2007 - 02:38:29 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\BitTorrent DNA =>P2P.BitTorrent
O43 - CFD: 17/06/2008 - 14:17:33 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\DNA
O43 - CFD: 20/05/2003 - 18:00:49 - [388,530] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Google
O43 - CFD: 19/05/2007 - 15:17:29 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Help
O43 - CFD: 27/08/2008 - 09:47:22 - [0,255] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\HP
O43 - CFD: 26/06/2006 - 20:25:59 - [526,745] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Identities
O43 - CFD: 31/08/2011 - 11:36:08 - [0,899] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\IsolatedStorage
O43 - CFD: 05/08/2006 - 18:06:25 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Logitech-LS
O43 - CFD: 20/05/2008 - 10:57:01 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\LogMeIn
O43 - CFD: 27/09/2011 - 12:10:19 - [164,411] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft
O43 - CFD: 27/06/2006 - 18:31:18 - [33,553] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla
O43 - CFD: 05/07/2011 - 12:01:23 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Temp
O43 - CFD: 12/11/2010 - 10:18:46 - [4,892] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\Thunderbird
O43 - CFD: 07/05/2003 - 03:41:20 - [0] ----D C:\Documents and Settings\sophie\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 27/06/2006 - 03:45:59 - [0,014] R---D C:\WINDOWS\system32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 26/06/2006 - 15:31:04 - [0] R---D C:\WINDOWS\system32\Config\systemprofile\Start Menu\Programs\Startup
O43 - CFD: 27/06/2006 - 03:54:11 - [0,015] R---D C:\Documents and Settings\sophie\Start Menu\Programs\Accessories
O43 - CFD: 15/09/2006 - 11:04:16 - [0] R---D C:\Documents and Settings\sophie\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/09/2009 - 18:41:00 - [0,003] ----D C:\Documents and Settings\sophie\Start Menu\Programs\CCleaner =>Piriform Ltd
O43 - CFD: 17/09/2013 - 15:28:37 - [0,005] ----D C:\Documents and Settings\sophie\Start Menu\Programs\Essentials Codec Pack
O43 - CFD: 27/09/2013 - 18:05:53 - [0] R---D C:\Documents and Settings\sophie\Start Menu\Programs\Startup
O43 - CFD: 27/09/2011 - 12:22:48 - [0,014] ----D C:\Documents and Settings\sophie\Start Menu\Programs\TimeAdjuster
O43 - CFD: 20/05/2007 - 12:49:14 - [0,002] ----D C:\Documents and Settings\sophie\Start Menu\Programs\WinRAR
O43 - CFD: 17/09/2011 - 13:32:27 - [0] ----D C:\Documents and Settings\sophie\Start Menu\Programs\�Torrent =>P2P.�Torrent
~ Program Folder: 228 Scanned in 02mn 28s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.C8CB90E735C0541D7BF2ABCA6076D752] - 27/09/2013 - 17:58:43 ---A- . (...) -- C:\Documents [120]
O44 - LFC:[MD5.3C38B8C999594B80286CAF0C198D57EA] - 27/09/2013 - 17:09:24 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206]
O44 - LFC:[MD5.FD9722CA1FF20034DFC338F25B866A09] - 27/09/2013 - 17:09:16 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1651407]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/09/2013 - 17:08:43 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.AAD96E74D46145B22CAFBFE207223A70] - 27/09/2013 - 17:08:22 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.01977746F92DE3D4B09BC76B1ADF68F6] - 27/09/2013 - 17:08:21 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 27/09/2013 - 17:07:03 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.A730A0F02EF693730ADE3B63B60F0E78] - 27/09/2013 - 17:06:21 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32524]
O44 - LFC:[MD5.0DA82FC640EB9FE3F4DBAE7C19DF468E] - 25/09/2013 - 11:54:20 ---A- . (...) -- C:\WINDOWS\wmsetup.log [403]
O44 - LFC:[MD5.0855A4AC6BC76E554E8E4E730C53A436] - 23/09/2013 - 16:10:53 ---A- . (...) -- C:\WINDOWS\setupapi.log [1660]
~ Files: 10 Scanned in 00mn 25s



---\\ Last files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.4D5C153AD86B056776DA2CED370688A8] - 25/09/2013 - 13:01:18 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf
O45 - LFCP:[MD5.9E1A137BF5B2C0102CEC053B90254EF6] - 25/09/2013 - 18:58:53 ---A- - C:\WINDOWS\Prefetch\WINWORD.EXE-23347E4F.pf
O45 - LFCP:[MD5.47CA1D63132E96928941208985CFC239] - 25/09/2013 - 18:59:02 ---A- - C:\WINDOWS\Prefetch\AGENTSVR.EXE-260B72BD.pf
O45 - LFCP:[MD5.9BC8F3578AA22967F94A656EAD914BB3] - 25/09/2013 - 20:01:53 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf
O45 - LFCP:[MD5.3FA05204766ACC58F901BFFA3A4102C0] - 25/09/2013 - 20:01:54 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf
O45 - LFCP:[MD5.7FE345AAFB685BC894AF44E67F966597] - 25/09/2013 - 20:57:29 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5CC837EC.pf
O45 - LFCP:[MD5.3EAEAA97501C43B1FD9B274D125D66FE] - 26/09/2013 - 18:53:35 ---A- - C:\WINDOWS\Prefetch\UTORRENT.EXE-01137797.pf =>P2P.�Torrent
O45 - LFCP:[MD5.B692BBEA053BF10F954580A95DF5372D] - 26/09/2013 - 19:59:23 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46185BF2.pf
O45 - LFCP:[MD5.A576AD645754EBD884D5BCA03139143D] - 26/09/2013 - 22:13:28 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40E74029.pf
O45 - LFCP:[MD5.B781985334A3BD7205E22F90BA2C97DC] - 27/09/2013 - 08:19:10 ---A- - C:\WINDOWS\Prefetch\RASAUTOU.EXE-10B4F92F.pf
O45 - LFCP:[MD5.841FE4EFE14D5588C6AFE87868534F6B] - 27/09/2013 - 08:35:11 ---A- - C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:[MD5.342AEE65AD9588159BDF69C53735A4E8] - 27/09/2013 - 08:46:16 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf
O45 - LFCP:[MD5.B4FAD8B1A6F46EBC83EF8CF1907D7F5E] - 27/09/2013 - 13:53:04 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf
O45 - LFCP:[MD5.69A4A7A1434E35AF8866B56A5CD0845C] - 27/09/2013 - 13:55:25 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5F001B97.pf
O45 - LFCP:[MD5.9148A926B82C720828B8F042479D7606] - 27/09/2013 - 16:45:18 ---A- - C:\WINDOWS\Prefetch\APPLEMOBILEDEVICESERVICE.EXE-30833E2A.pf
O45 - LFCP:[MD5.E0CDA76558FDFBE2CACFDF9B40ACADAA] - 27/09/2013 - 16:54:33 ---A- - C:\WINDOWS\Prefetch\ACRORD32.EXE-36E8F12E.pf
O45 - LFCP:[MD5.A725101DE3871278E9C0668595B120D1] - 27/09/2013 - 16:55:26 ---A- - C:\WINDOWS\Prefetch\ADWCLEANER0.EXE-06AA7C5E.pf
O45 - LFCP:[MD5.7513C683EBFB4F31C2C957F0E8D7B018] - 27/09/2013 - 16:57:17 ---A- - C:\WINDOWS\Prefetch\ADWCLEANER.EXE-1D72B4A1.pf
O45 - LFCP:[MD5.A4EFB29383D9161DFCE999B0AB1B67B0] - 27/09/2013 - 16:58:02 ---A- - C:\WINDOWS\Prefetch\ADWCLEANER.EXE-2C2BFAC2.pf
O45 - LFCP:[MD5.958D58A478DD1504C0BEAA6B6676CCF6] - 27/09/2013 - 17:04:10 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-07D84788.pf
O45 - LFCP:[MD5.062324698ED74C5D13BF6EB8B1DC0B70] - 27/09/2013 - 17:08:44 ---A- - C:\WINDOWS\Prefetch\FTCHECKFORUPDATES.EXE-24619531.pf
O45 - LFCP:[MD5.E57F67C5419056C97B6E999DCB91A126] - 27/09/2013 - 17:08:44 ---A- - C:\WINDOWS\Prefetch\MDNSRESPONDER.EXE-1E0EA707.pf
O45 - LFCP:[MD5.860F8156CBC792B6EFF0CB92CA75D082] - 27/09/2013 - 17:08:44 ---A- - C:\WINDOWS\Prefetch\MSCORSVW.EXE-2864EEEB.pf
O45 - LFCP:[MD5.9FEB82D30C7947013ADE600AB78BA265] - 27/09/2013 - 17:08:44 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.5C494D07ED87229F55B4F0D8922DAC91] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\AVAST.SETUP-1120D71A.pf
O45 - LFCP:[MD5.B4F449A152670AB96B8B1EA2D17517CE] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\JQS.EXE-31B60334.pf
O45 - LFCP:[MD5.FAFD82841326FCB6A5D5213C50BF5D5D] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\NMSACCESSU.EXE-3A1D9C04.pf
O45 - LFCP:[MD5.61B063BBCB10213F856C06CFA8611528] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\NVSVC32.EXE-0756FC6B.pf
O45 - LFCP:[MD5.BB94AD7EB1EDD724F7A0704AE66D90D4] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\SQLBROWSER.EXE-008F6C94.pf
O45 - LFCP:[MD5.E5C32ACECEFF0B0B797583AAB41D75C7] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\SQLSERVR.EXE-17F269F5.pf
O45 - LFCP:[MD5.7996E1F42249B7D5FB6472CA4C3B63EC] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\SQLWRITER.EXE-066D90AE.pf
O45 - LFCP:[MD5.D58F0D495DFB084978BE527F1C8EDF03] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf
O45 - LFCP:[MD5.3F25BBE05E32D1B6BE6035896AC2EBD4] - 27/09/2013 - 17:08:45 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf
O45 - LFCP:[MD5.B1E753E111BE9BAC3577DB21725CBBFC] - 27/09/2013 - 17:09:01 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf
O45 - LFCP:[MD5.C7F9903422F880B2C4F00971CFCC1605] - 27/09/2013 - 17:09:23 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf
O45 - LFCP:[MD5.BC17897408E35E73859589DCDB3691AE] - 27/09/2013 - 17:09:27 ---A- - C:\WINDOWS\Prefetch\WGATRAY.EXE-350D4455.pf
O45 - LFCP:[MD5.C59E08685AF0F2A965B07E4CB7C2AEF0] - 27/09/2013 - 17:16:43 ---A- - C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-0EB365FC.pf
O45 - LFCP:[MD5.F9865E57CD7F9EEE7081D91675382455] - 27/09/2013 - 17:19:33 ---A- - C:\WINDOWS\Prefetch\FSUTIL.EXE-08C583DC.pf
O45 - LFCP:[MD5.84E58C3219B4D6F27B3DE6EB4CFFB229] - 27/09/2013 - 17:19:34 ---A- - C:\WINDOWS\Prefetch\PING.EXE-30F9CA9D.pf
O45 - LFCP:[MD5.ACEFBF0C1AFF721F16BA1243B83CB0B1] - 27/09/2013 - 17:19:40 ---A- - C:\WINDOWS\Prefetch\JRT.EXE-0D438E75.pf
O45 - LFCP:[MD5.D78A972E20C97A289077D8E353D08041] - 27/09/2013 - 17:19:44 ---A- - C:\WINDOWS\Prefetch\WGET.DAT-326C0EC1.pf
O45 - LFCP:[MD5.A2BDD8F7E58EF7F74E870AC01B55C489] - 27/09/2013 - 17:20:07 ---A- - C:\WINDOWS\Prefetch\ERUNT.EXE-23D2B72E.pf
O45 - LFCP:[MD5.245C4E5DA60031E5F83C6640E4E8DFE2] - 27/09/2013 - 17:22:15 ---A- - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf
O45 - LFCP:[MD5.BAFFBBE6D370F37D6903EABB60A5DD1B] - 27/09/2013 - 17:22:24 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf
O45 - LFCP:[MD5.382722190077CB1CBF276374BD6F040F] - 27/09/2013 - 17:29:55 ---A- - C:\WINDOWS\Prefetch\WECPUPDATE.EXE-1B28B936.pf
O45 - LFCP:[MD5.A8AB19EDAC8B342A49B0C20067107DCB] - 27/09/2013 - 17:32:02 ---A- - C:\WINDOWS\Prefetch\SC.EXE-28F2B663.pf
O45 - LFCP:[MD5.8F84D1777F5106167BAA00679FABD803] - 27/09/2013 - 17:32:16 ---A- - C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf
O45 - LFCP:[MD5.B19C6BF11666AFDEB630223E9918CF98] - 27/09/2013 - 17:34:07 ---A- - C:\WINDOWS\Prefetch\CUT.DAT-38F5190E.pf
O45 - LFCP:[MD5.96E29D23B1262EEDD6E352DCF4518558] - 27/09/2013 - 17:34:07 ---A- - C:\WINDOWS\Prefetch\FC.EXE-077B7FB3.pf
O45 - LFCP:[MD5.03F1041AF80D1FD0015AF30B9F3E48B0] - 27/09/2013 - 17:34:07 ---A- - C:\WINDOWS\Prefetch\FIND.EXE-0EEAD1A7.pf
O45 - LFCP:[MD5.29754920973F5CD519B3B470C6A13275] - 27/09/2013 - 17:34:07 ---A- - C:\WINDOWS\Prefetch\FINDSTR.EXE-1A4FC238.pf
O45 - LFCP:[MD5.083F33672B75498A8F1E1AF561131D1A] - 27/09/2013 - 17:34:10 ---A- - C:\WINDOWS\Prefetch\SHORTCUT.DAT-0AD82A9A.pf
O45 - LFCP:[MD5.9A415441126AD5BE531D4B03A4DF9133] - 27/09/2013 - 17:35:02 ---A- - C:\WINDOWS\Prefetch\NIRCMD.DAT-3AD3104A.pf
O45 - LFCP:[MD5.F1C211076AF6DF4AB5D0F3E90548B3CC] - 27/09/2013 - 17:35:02 ---A- - C:\WINDOWS\Prefetch\SED.DAT-049216F0.pf
O45 - LFCP:[MD5.FA62045B106099EB7B364F7E0CF1F542] - 27/09/2013 - 17:35:12 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf
O45 - LFCP:[MD5.FC7B1AC3CE9B5A224B489076896F7B3D] - 27/09/2013 - 17:48:30 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf
O45 - LFCP:[MD5.DD22D42763A9C23FBE486B9D35C7B18E] - 27/09/2013 - 17:53:43 ---A- - C:\WINDOWS\Prefetch\ZHPFIX.EXE-05C149CE.pf
O45 - LFCP:[MD5.13AD2B532120C469C0048CA7E9C2D539] - 27/09/2013 - 17:53:44 ---A- - C:\WINDOWS\Prefetch\ZHPFIX.TMP-3B2E5391.pf
O45 - LFCP:[MD5.414C1DB4F3CAD16529803D96007FFD32] - 27/09/2013 - 17:56:05 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf
O45 - LFCP:[MD5.C34277D9BC3610046A740B0448F1F0BB] - 27/09/2013 - 17:56:23 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.EXE-30804736.pf
O45 - LFCP:[MD5.A4E983526B320014ECFABB65D8675DF5] - 27/09/2013 - 17:56:23 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-0B668269.pf
O45 - LFCP:[MD5.24DA9DDBBFD4C54F9B23685D2C0A43D2] - 27/09/2013 - 17:57:34 ---A- - C:\WINDOWS\Prefetch\ZHPHEP.EXE-32DE1B7A.pf
O45 - LFCP:[MD5.D2B63C5AD9EBFC213C8355DD25CD940D] - 27/09/2013 - 17:57:44 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25C13877.pf
O45 - LFCP:[MD5.19B5A3AFDDCFC99C5D066625A236A05D] - 27/09/2013 - 17:58:43 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf
O45 - LFCP:[MD5.3A0F338B3F20CA1FF4672EC6A9295BD7] - 27/09/2013 - 17:58:43 ---A- - C:\WINDOWS\Prefetch\PV.EXE-0596A56A.pf
O45 - LFCP:[MD5.92FE953B89A25DE983081813885C293A] - 27/09/2013 - 17:58:59 ---A- - C:\WINDOWS\Prefetch\SUBINACL.EXE-041720E4.pf
O45 - LFCP:[MD5.18E2335446C9DA1E4824A501ECC38C5D] - 27/09/2013 - 17:59:06 ---A- - C:\WINDOWS\Prefetch\SCHTASKS.EXE-362CEDA8.pf
~ Prefetcher: 67 Scanned in 00mn 00s



---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Lime Wire, LLC.) -- C:\Program Files\LimeWire\LimeWire.exe
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\msncall.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.http://www.emule-project.net.) -- C:\Program Files\eMule\emule.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE" [Disabled] .(...) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\VLCmedia player\VLC\vlc.exe" [Enabled] .(...) -- C:\Program Files\VLCmedia player\VLC\vlc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\utorrent.exe" [Enabled] .(.No owner.) -- C:\Program Files\uTorrent\utorrent.exe =>P2P.�Torrent
O47 - AAKE:Key Export SP - "C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe" [Enabled] .(...) -- C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent_DNA\dna.exe" [Enabled] .(...) -- C:\Program Files\BitTorrent_DNA\dna.exe (.not file.) =>P2P.BitTorrent
O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(...) -- C:\Program Files\BitTorrent\bittorrent.exe (.not file.) =>P2P.BitTorrent
O47 - AAKE:Key Export SP - "C:\Program Files\SecondLife\SLVoice.exe" [Enabled] .(...) -- C:\Program Files\SecondLife\SLVoice.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\DNA\btdna.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\DNA\btdna.exe =>P2P.BitTorrent
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG8\avgemc.exe" [Enabled] .(...) -- C:\Program Files\AVG\AVG8\avgemc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG8\avgupd.exe" [Enabled] .(...) -- C:\Program Files\AVG\AVG8\avgupd.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG8\avgnsx.exe" [Enabled] .(...) -- C:\Program Files\AVG\AVG8\avgnsx.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Vuze\Azureus.exe" [Enabled] .(.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O47 - AAKE:Key Export SP - "C:\Program Files\TeamViewer\Version4\TeamViewer.exe" [Enabled] .(.TeamViewer GmbH.) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc..) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\sophie\My Documents\Azureus Downloads\ADOBE CS4 MASTER COLLECTION KEYGEN WORKING\Adobe CS4 Master Collection Keygen.exe" [Enabled] .(...) -- C:\Documents and Settings\sophie\My Documents\Azureus Downloads\ADOBE CS4 MASTER COLLECTION KEYGEN WORKING\Adobe CS4 Master Collection Keygen.exe (.not file.) =>P2P.Azureus
O47 - AAKE:Key Export SP - "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O47 - AAKE:Key Export SP - "F:\driver\usb\����������̀��" [Enabled] Orphan key
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(...) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Electric Rain\Swift 3D\Version 4.50\Program\Swift3D.exe" [Enabled] .(...) -- C:\Program Files\Electric Rain\Swift 3D\Version 4.50\Program\Swift3D.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpvsetup.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\dpvsetup.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rundll32.exe" [Enabled] Orphan key
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\livecall.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\FinalTorrent\FinalTorrent.EXE" [Enabled] .(.Bitberry Software.) -- C:\Program Files\FinalTorrent\FinalTorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\FinalTorrent\FTCheckForUpdates.exe" [Enabled] .(.Bitberry Software.) -- C:\Program Files\FinalTorrent\FTCheckForUpdates.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\msncall.exe (.not file.)
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\livecall.exe (.not file.)
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Keys Export: 40 Scanned in 00mn 01s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - System Restore Filesystem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - System Restore Filesystem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ CSB: 21 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak� Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\WINDOWS\system32\lvcodec2.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo� video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo� Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecx.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codecx.acm
O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo� video Raw YVU9 by Intel" . (...) -- C:\WINDOWS\system32\iyvu9_32.dll
O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\Iac25_32.ax"="Indeo� audio software" . (.Intel Corporation - Indeo� audio software.) -- C:\WINDOWS\System32\Iac25_32.ax
~ TDSD: 14 Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 8.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
O53 - SMSR:HKLM\...\startupreg\AdaptecDirectCD [Key] . (.Roxio - DirectCD Application.) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Acrobat Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\AdobeCS4ServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
O53 - SMSR:HKLM\...\startupreg\Adobe_ID0ENQBO [Key] . (.Adobe Systems Incorporated - Adobe Version Cue CS4.) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (...) -- C:\Program Files\iTunes\iTunesHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\LogitechSoftwareUpdate [Key] . (...) -- C:\Program Files\Logitech\Video\ManifestEngine.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\LogitechVideoRepair [Key] . (...) -- C:\Program Files\Logitech\Video\ISStart.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\LogitechVideoTray [Key] . (...) -- C:\Program Files\Logitech\Video\LogiTray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\OmniPage [Key] . (...) -- C:\Program Files\Caere\OmniPagePro90\opware32.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\Samsung Common SM [Key] . (...) -- C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe =>.Oracle Corporation
~ SMSR Keys: 17 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA Client for 32 bit platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA Client for 32 bit platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 7 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.83631291ADF2887CFFC786D034D3FA15] - 23/02/2011 - 14:54:57 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\Drivers\aavmker4.sys [30680]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 03/09/2002 - 17:27:19 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9029]
~ Drivers: 7 Scanned in 00mn 00s



---\\ Last modified or created user files (O61)
O61 - LFC: 24/09/2013 - 07:36:52 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\History\History.IE5\MSHist012013092420130925\index.dat [32768]
O61 - LFC: 24/09/2013 - 08:13:46 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\bookmarkbackups\bookmarks-2013-09-24.json [14713]
O61 - LFC: 24/09/2013 - 12:04:31 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\8d614c81c453e54453e46055ab02585f.png [32125]
O61 - LFC: 24/09/2013 - 12:05:12 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#a.vimeocdn.com\settings.sol [84]
O61 - LFC: 24/09/2013 - 12:05:23 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\#SharedObjects\FNZNNQRN\a.vimeocdn.com\com.conviva.livePass.sol [220]
O61 - LFC: 24/09/2013 - 15:20:52 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\#SharedObjects\FNZNNQRN\effectivemeasure.net\EM_APP.sol [100]
O61 - LFC: 24/09/2013 - 15:20:52 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#effectivemeasure.net\settings.sol [90]
O61 - LFC: 24/09/2013 - 15:28:16 ---A- . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads\wetransfer-19ed5f.zip [373355012]
O61 - LFC: 24/09/2013 - 15:28:16 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\wetransfer-19ed5f.lnk [596]
O61 - LFC: 24/09/2013 - 15:41:14 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\8-AVANT VSA .lnk [506]
O61 - LFC: 24/09/2013 - 16:07:46 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\vlc\CACHEDIR.TAG [193]
O61 - LFC: 24/09/2013 - 16:07:46 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\vlc\ml.xspf [304]
O61 - LFC: 24/09/2013 - 16:07:46 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\vlc\plugins-04041e.dat [398599]
O61 - LFC: 24/09/2013 - 16:07:46 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\vlc\vlcrc [77669]
O61 - LFC: 24/09/2013 - 16:07:52 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\11-VSA SGI.lnk [496]
O61 - LFC: 24/09/2013 - 16:21:26 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\10-DESERTIFICATION VD.lnk [551]
O61 - LFC: 24/09/2013 - 16:53:36 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Office\Recent\DIDACTIQUE.LNK [432]
O61 - LFC: 24/09/2013 - 17:00:09 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Silverlight\mssl.lck [77]
O61 - LFC: 24/09/2013 - 17:00:14 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Silverlight\is\tf2rxsix.eyt\bldcka3q.bo1\1\s\psld1rq2evnjg2ki2ziatkouhebg2l4klzm3vvurqxwtu41pinaaahda\group.dat [56]
O61 - LFC: 24/09/2013 - 17:15:02 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\Game.of.Thrones.S02E01.HDTV.VOSTFR.Gillop.avi.torrent [16668] =>P2P.�Torrent
O61 - LFC: 24/09/2013 - 17:15:35 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\Game.of.Thrones.S02E02.WEBRip.VOSTFR.Gillop.avi.torrent [15481] =>P2P.�Torrent
O61 - LFC: 24/09/2013 - 17:16:09 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\[www.Cpasbien.com] Game.Of.Thrones.S02E01.FASTSUB.VOSTFR.HDTV.XviD-F4ST.avi.torrent [45089] =>P2P.�Torrent
O61 - LFC: 25/09/2013 - 11:15:51 -S-A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 [109935]
O61 - LFC: 25/09/2013 - 11:15:51 -S-A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 [124]
O61 - LFC: 25/09/2013 - 11:27:09 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\Buldoz Teaser III.lnk [302]
O61 - LFC: 25/09/2013 - 11:35:50 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\68d47d5bd13c9121658fac3e89557c91.png [64685]
O61 - LFC: 25/09/2013 - 11:37:55 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\ANCRAGE VSA.lnk [284]
O61 - LFC: 25/09/2013 - 11:37:55 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\Removable Disk (F).lnk [179]
O61 - LFC: 25/09/2013 - 11:40:37 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Media Player Classic\default.mpcpl [57]
O61 - LFC: 25/09/2013 - 11:41:54 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\Castle.2009.S06E01.HDTV.x264-LOL.mp4.torrent [11355] =>P2P.�Torrent
O61 - LFC: 25/09/2013 - 11:42:40 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\qLQA53uh.torrent.part [15481]
O61 - LFC: 25/09/2013 - 11:44:04 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\[www.Cpasbien.com] Game.Of.Thrones.S02E03.FASTSUB.VOSTFR.HDTV.XviD-MiND.torrent [49408] =>P2P.�Torrent
O61 - LFC: 25/09/2013 - 11:44:25 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\[www.Cpasbien.com] Game.Of.Thrones.S02E04.FASTSUB.VOSTFR.HDTV.XviD-F4ST.avi.torrent [45069] =>P2P.�Torrent
O61 - LFC: 25/09/2013 - 11:52:02 ---A- . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads\Castle.2009.S06E01.HDTV.x264-LOL.mp4 [281851527]
O61 - LFC: 25/09/2013 - 11:52:19 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\2013-09-24_10758.lnk [703]
O61 - LFC: 25/09/2013 - 11:52:19 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\Downloads.lnk [436]
O61 - LFC: 25/09/2013 - 11:53:08 ---A- . (...) -- C:\Documents and Settings\sophie\Cookies\CAO56N81.txt [146]
O61 - LFC: 25/09/2013 - 11:53:16 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML [11247]
O61 - LFC: 25/09/2013 - 11:55:04 ---A- . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads\[www.Cpasbien.com] Game.Of.Thrones.S02E03.FASTSUB.VOSTFR.HDTV.XviD-MiND\Game.Of.Thrones.S02E03.FASTSUB.VOSTFR.HDTV.XviD-MiND.nfo [6167]
O61 - LFC: 25/09/2013 - 11:56:02 ---A- . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads\[www.Cpasbien.com] Game.Of.Thrones.S02E04.FASTSUB.VOSTFR.HDTV.XviD-F4ST.avi [577582550]
O61 - LFC: 25/09/2013 - 11:59:10 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\bookmarkbackups\bookmarks-2013-09-25.json [14713]
O61 - LFC: 25/09/2013 - 11:59:18 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_0.wmdb [583676]
O61 - LFC: 25/09/2013 - 11:59:19 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [3944]
O61 - LFC: 25/09/2013 - 11:59:20 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\wmplog00.sqm [1428]
O61 - LFC: 25/09/2013 - 11:59:23 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb [7974912]
O61 - LFC: 25/09/2013 - 12:00:10 ---A- . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads\[www.Cpasbien.com] Game.Of.Thrones.S02E03.FASTSUB.VOSTFR.HDTV.XviD-MiND\Game.Of.Thrones.S02E03.FASTSUB.VOSTFR.HDTV.XviD-MiND.avi [632312128]
O61 - LFC: 25/09/2013 - 12:10:59 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\settings.dat.old [1429] =>P2P.�Torrent
O61 - LFC: 25/09/2013 - 12:11:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\dht.dat.old [1072] =>P2P.�Torrent
O61 - LFC: 25/09/2013 - 18:31:19 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\History\History.IE5\MSHist012013092520130926\index.dat [32768]
O61 - LFC: 25/09/2013 - 18:58:40 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\DIDACTIQUE.lnk [496]
O61 - LFC: 25/09/2013 - 18:58:47 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Office\Recent\ContributeWordUITemplate.LNK [1244]
O61 - LFC: 25/09/2013 - 18:58:47 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Office\Recent\OfficeTemplates.LNK [1049]
O61 - LFC: 25/09/2013 - 19:10:39 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#adventori.com\settings.sol [83]
O61 - LFC: 25/09/2013 - 19:44:28 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Office\Recent\Desktop.LNK [307]
O61 - LFC: 25/09/2013 - 19:44:28 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Office\Recent\Pennsylvania Coal Town.LNK [492]
O61 - LFC: 25/09/2013 - 20:57:09 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Office\Word.pip [1440]
O61 - LFC: 26/09/2013 - 18:53:19 R--A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\[www.Cpasbien.com] Game.Of.Thrones.S02E05.REPACK.FASTSUB.VOSTFR.HDTV.XviD-F4ST.avi.torrent [45096] =>P2P.�Torrent
O61 - LFC: 26/09/2013 - 18:59:33 ---A- . (...) -- C:\Documents and Settings\sophie\My Documents\Downloads\[www.Cpasbien.com] Game.Of.Thrones.S02E05.REPACK.FASTSUB.VOSTFR.HDTV.XviD-F4ST.avi [577959978]
O61 - LFC: 26/09/2013 - 19:02:49 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\resume.dat.old [2603] =>P2P.�Torrent
O61 - LFC: 26/09/2013 - 19:03:14 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\dht.dat [3854] =>P2P.�Torrent
O61 - LFC: 26/09/2013 - 19:03:14 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\resume.dat [2] =>P2P.�Torrent
O61 - LFC: 26/09/2013 - 19:03:14 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\uTorrent\settings.dat [1429] =>P2P.�Torrent
O61 - LFC: 26/09/2013 - 19:11:09 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\e6904f1286dd05b36726df0100b2fc7a.png [179708]
O61 - LFC: 26/09/2013 - 19:22:44 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#app.mappy.net\settings.sol [83]
O61 - LFC: 26/09/2013 - 19:22:44 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [1517]
O61 - LFC: 26/09/2013 - 19:49:24 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\bookmarkbackups\bookmarks-2013-09-26.json [14713]
O61 - LFC: 26/09/2013 - 19:49:25 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\permissions.sqlite [4096]
O61 - LFC: 27/09/2013 - 07:38:05 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\#SharedObjects\FNZNNQRN\adventori.com\cookie.sol [94]
O61 - LFC: 27/09/2013 - 07:39:51 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\currentmd5.txt [13]
O61 - LFC: 27/09/2013 - 07:40:40 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\get.bat [16063]
O61 - LFC: 27/09/2013 - 07:40:57 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\JRT.bat [10261]
O61 - LFC: 27/09/2013 - 08:22:21 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\misc.bat [146747]
O61 - LFC: 27/09/2013 - 08:22:33 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\runvalues.bat [8679]
O61 - LFC: 27/09/2013 - 08:23:03 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\FFprefs.dat [3619]
O61 - LFC: 27/09/2013 - 08:23:22 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\UNINSTALL.dat [13815]
O61 - LFC: 27/09/2013 - 08:23:39 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\TRACING.dat [6869]
O61 - LFC: 27/09/2013 - 08:23:56 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\WOW6432NODE.dat [477]
O61 - LFC: 27/09/2013 - 08:24:25 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\CLSID_clsid.dat [10958]
O61 - LFC: 27/09/2013 - 08:24:43 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\BHO_name.dat [1211]
O61 - LFC: 27/09/2013 - 08:24:59 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\CHR_extensions.cfg [5880]
O61 - LFC: 27/09/2013 - 08:25:14 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\badFOLDERSstart.cfg [867]
O61 - LFC: 27/09/2013 - 08:25:30 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\FFXPI.dat [955]
O61 - LFC: 27/09/2013 - 08:25:44 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\REGhkcu_software_appdatalow.cfg [2953]
O61 - LFC: 27/09/2013 - 08:26:08 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\ELEVATIONPOLICY_clsid.dat [3398]
O61 - LFC: 27/09/2013 - 08:26:22 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\services.dat [2876]
O61 - LFC: 27/09/2013 - 08:26:39 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\FFextensions.dat [9921]
O61 - LFC: 27/09/2013 - 08:26:58 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\BHO_clsid.dat [28798]
O61 - LFC: 27/09/2013 - 08:27:16 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\badFOLDERS.cfg [16946]
O61 - LFC: 27/09/2013 - 08:27:31 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\REGhkcu_and_hklm_software.cfg [3217]
O61 - LFC: 27/09/2013 - 08:33:30 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\newmd5.txt [13]
O61 - LFC: 27/09/2013 - 08:43:39 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\bookmarkbackups\bookmarks-2013-09-27.json [14713]
O61 - LFC: 27/09/2013 - 13:54:52 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\EMTEC (H).lnk [184]
O61 - LFC: 27/09/2013 - 13:54:52 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\Pennsylvania Coal Town.lnk [322]
O61 - LFC: 27/09/2013 - 14:12:55 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\3887988ad0233cb195cd3d4850b6f6ed.png [42080]
O61 - LFC: 27/09/2013 - 14:13:49 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\b02e0a7827f6294e05a7e583e00672ea.png [121220]
O61 - LFC: 27/09/2013 - 16:47:47 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\8f9f67c3473390ae794f76228aa7bb30.png [30302]
O61 - LFC: 27/09/2013 - 16:54:29 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\Les Pr�sidentes SCHWAB.lnk [556]
O61 - LFC: 27/09/2013 - 16:54:31 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Adobe\Acrobat\10.0\ReaderMessages [64512]
O61 - LFC: 27/09/2013 - 16:55:33 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\6b56e813c14616dc7df1c7a5c151c2ac.png [46096]
O61 - LFC: 27/09/2013 - 16:56:42 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\#SharedObjects\FNZNNQRN\static.anonymousdmp.com\pus.sol [68]
O61 - LFC: 27/09/2013 - 16:56:42 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.anonymousdmp.com\settings.sol [93]
O61 - LFC: 27/09/2013 - 17:00:44 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\038b43f5efa815e754699107fb92ed51.png [88153]
O61 - LFC: 27/09/2013 - 17:00:44 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\19bce44610048c11ce19f650ebc9d35a.png [88153]
O61 - LFC: 27/09/2013 - 17:05:54 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [742]
O61 - LFC: 27/09/2013 - 17:05:54 ---A- . (...) -- C:\Documents and Settings\sophie\Start Menu\Programs\Internet Explorer.lnk [871]
O61 - LFC: 27/09/2013 - 17:07:11 -SHA- . (...) -- C:\Documents and Settings\sophie\Application Data\Microsoft\Credentials\S-1-5-21-606747145-115176313-839522115-1004\Credentials [1148]
O61 - LFC: 27/09/2013 - 17:07:11 -SHA- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-606747145-115176313-839522115-1004\Credentials [378]
O61 - LFC: 27/09/2013 - 17:08:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\FinalTorrent\updcheck.cfg [179]
O61 - LFC: 27/09/2013 - 17:15:27 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\AdwCleaner[S0].lnk [566]
O61 - LFC: 27/09/2013 - 17:17:05 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\AdwCleaner[R0].lnk [516]
O61 - LFC: 27/09/2013 - 17:17:31 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\d93ab7b727eccdd293da7557823f1eda.png [17770]
O61 - LFC: 27/09/2013 - 17:17:45 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\signons.sqlite [22528]
O61 - LFC: 27/09/2013 - 17:21:13 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\content-prefs.sqlite [15360]
O61 - LFC: 27/09/2013 - 17:22:14 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\History\History.IE5\MSHist012013092720130928\index.dat [32768]
O61 - LFC: 27/09/2013 - 17:35:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\JRT.txt [2331]
O61 - LFC: 27/09/2013 - 17:35:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Temp\jrt\temp\null.txt [0]
O61 - LFC: 27/09/2013 - 17:48:21 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\AdwCleaner.lnk [395]
O61 - LFC: 27/09/2013 - 17:48:30 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\mimeTypes.rdf [12472]
O61 - LFC: 27/09/2013 - 17:48:35 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\A\BD\2841Cd01 [87317]
O61 - LFC: 27/09/2013 - 17:48:35 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\57\F067Bd01 [42275]
O61 - LFC: 27/09/2013 - 17:48:35 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\5a08ee3dc5fd64ecadb5cf26b7ea6480.png [42949]
O61 - LFC: 27/09/2013 - 17:48:40 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\9\7E\965B3d01 [84928]
O61 - LFC: 27/09/2013 - 17:48:41 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\7\46\82FA4d01 [38986]
O61 - LFC: 27/09/2013 - 17:48:45 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\4\17\1D4B4d01 [76104]
O61 - LFC: 27/09/2013 - 17:48:45 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\8\3D\CC50Ed01 [63564]
O61 - LFC: 27/09/2013 - 17:48:45 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\C\AC\F7E96d01 [62844]
O61 - LFC: 27/09/2013 - 17:48:46 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\2b0c7888a5d118b75022d3410d05ee0e.png [98601]
O61 - LFC: 27/09/2013 - 17:48:46 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\76f889e261bb425971b189ffb2c65261.png [98601]
O61 - LFC: 27/09/2013 - 17:48:48 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\5\5D\44658d01 [76408]
O61 - LFC: 27/09/2013 - 17:48:48 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\3B\3A95Cd01 [35697]
O61 - LFC: 27/09/2013 - 17:48:50 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\7E\B818Bd01 [65135]
O61 - LFC: 27/09/2013 - 17:48:53 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\sessionstore.bak [2086]
O61 - LFC: 27/09/2013 - 17:48:54 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\cert8.db [327680]
O61 - LFC: 27/09/2013 - 17:48:54 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\key3.db [16384]
O61 - LFC: 27/09/2013 - 17:48:54 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\_CACHE_001_ [4194304]
O61 - LFC: 27/09/2013 - 17:48:54 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\_CACHE_002_ [4194304]
O61 - LFC: 27/09/2013 - 17:48:54 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\_CACHE_003_ [4194304]
O61 - LFC: 27/09/2013 - 17:48:56 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\places.sqlite-shm [32768]
O61 - LFC: 27/09/2013 - 17:48:56 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\webapps\webapps.json [2]
O61 - LFC: 27/09/2013 - 17:49:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\webappsstore.sqlite-shm [32768]
O61 - LFC: 27/09/2013 - 17:49:01 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\adblockplus\elemhide.css [2382785]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\urlclassifierkey3.txt [154]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\test-malware-simple.cache [44]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\test-malware-simple.pset [16]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\test-malware-simple.sbstore [232]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\test-phish-simple.cache [44]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\test-phish-simple.pset [16]
O61 - LFC: 27/09/2013 - 17:49:02 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\test-phish-simple.sbstore [232]
O61 - LFC: 27/09/2013 - 17:49:04 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\cookies.sqlite-shm [32768]
O61 - LFC: 27/09/2013 - 17:49:04 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\_CACHE_MAP_ [8468]
O61 - LFC: 27/09/2013 - 17:49:07 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\3\E7\D6760d01 [33372]
O61 - LFC: 27/09/2013 - 17:49:09 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\4\1D\B9FB1d01 [26784]
O61 - LFC: 27/09/2013 - 17:49:09 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\D\BF\6F678d01 [17174]
O61 - LFC: 27/09/2013 - 17:49:10 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\7\6C\77B16d01 [27983]
O61 - LFC: 27/09/2013 - 17:49:12 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\3a6151fc85343f76194697bf4914b731.png [30758]
O61 - LFC: 27/09/2013 - 17:49:12 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\498ede1cbb3da4be59119d0cd979a50a.png [30758]
O61 - LFC: 27/09/2013 - 17:49:15 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\formhistory.sqlite [196608]
O61 - LFC: 27/09/2013 - 17:49:17 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\1\98\79EEBd01 [17174]
O61 - LFC: 27/09/2013 - 17:49:17 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\02988b7899c2fe6c95114e7ba7cf124f.png [1090]
O61 - LFC: 27/09/2013 - 17:49:18 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\4\1F\8424Ed01 [18307]
O61 - LFC: 27/09/2013 - 17:49:19 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\3\46\D0683d01 [89729]
O61 - LFC: 27/09/2013 - 17:49:20 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\B\D5\BF067d01 [18374]
O61 - LFC: 27/09/2013 - 17:49:22 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\7\5D\B6696d01 [153862]
O61 - LFC: 27/09/2013 - 17:49:22 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\9\04\71C53d01 [125164]
O61 - LFC: 27/09/2013 - 17:49:23 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\cookies.sqlite-wal [24136]
O61 - LFC: 27/09/2013 - 17:49:25 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\A\C7\5ACE2d01 [24836]
O61 - LFC: 27/09/2013 - 17:49:27 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\50\70499d01 [23760]
O61 - LFC: 27/09/2013 - 17:49:28 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\A\B5\25878d01 [37579]
O61 - LFC: 27/09/2013 - 17:49:29 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\3\92\298ACd01 [38604]
O61 - LFC: 27/09/2013 - 17:49:30 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\5\39\DCA65d01 [17368]
O61 - LFC: 27/09/2013 - 17:49:30 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\D\B2\AC6E5d01 [22727]
O61 - LFC: 27/09/2013 - 17:49:32 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\goog-phish-shavar.cache [12]
O61 - LFC: 27/09/2013 - 17:49:32 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\goog-phish-shavar.pset [1005726]
O61 - LFC: 27/09/2013 - 17:49:32 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\goog-phish-shavar.sbstore [735864]
O61 - LFC: 27/09/2013 - 17:49:33 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\8\C9\4750Ed01 [28323]
O61 - LFC: 27/09/2013 - 17:49:35 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\92\A75AAd01 [17407]
O61 - LFC: 27/09/2013 - 17:49:36 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\5\E0\567FCd01 [29771]
O61 - LFC: 27/09/2013 - 17:49:37 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\17\89118d01 [26011]
O61 - LFC: 27/09/2013 - 17:49:38 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\3F\6E7E9d01 [168943]
O61 - LFC: 27/09/2013 - 17:49:38 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\1\5C\12A0Ad01 [58408]
O61 - LFC: 27/09/2013 - 17:49:39 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\10\B0C1Ad01 [35292]
O61 - LFC: 27/09/2013 - 17:49:40 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\9C\3AF83d01 [51085]
O61 - LFC: 27/09/2013 - 17:49:41 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\8\57\1BB9Dd01 [37652]
O61 - LFC: 27/09/2013 - 17:49:41 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\C\E1\737E3d01 [32137]
O61 - LFC: 27/09/2013 - 17:49:42 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\A\30\769F6d01 [151600]
O61 - LFC: 27/09/2013 - 17:49:46 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\36\CEDF3d01 [23126]
O61 - LFC: 27/09/2013 - 17:49:46 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\7\59\4215Ad01 [24561]
O61 - LFC: 27/09/2013 - 17:49:47 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\8\30\71908d01 [42513]
O61 - LFC: 27/09/2013 - 17:49:48 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\B\ED\C1330d01 [39497]
O61 - LFC: 27/09/2013 - 17:49:49 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\2\11\973A7d01 [45028]
O61 - LFC: 27/09/2013 - 17:49:50 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\44\E7D65d01 [57274]
O61 - LFC: 27/09/2013 - 17:49:50 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\A4\C53F4d01 [19480]
O61 - LFC: 27/09/2013 - 17:49:52 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\1\D9\90A8Ed01 [19746]
O61 - LFC: 27/09/2013 - 17:49:55 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\D\A5\CDC54d01 [17788]
O61 - LFC: 27/09/2013 - 17:49:59 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\goog-malware-shavar.sbstore [1590534]
O61 - LFC: 27/09/2013 - 17:50:00 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\goog-malware-shavar.cache [140]
O61 - LFC: 27/09/2013 - 17:50:00 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\safebrowsing\goog-malware-shavar.pset [725260]
O61 - LFC: 27/09/2013 - 17:50:03 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\healthreport.sqlite-shm [32768]
O61 - LFC: 27/09/2013 - 17:50:03 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\C\9A\435F5d01 [25550]
O61 - LFC: 27/09/2013 - 17:50:05 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\7337e1b4b01ffb1aba1a3d34254cd30a.png [32749]
O61 - LFC: 27/09/2013 - 17:50:09 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\1\36\8D6ABd01 [34236]
O61 - LFC: 27/09/2013 - 17:50:09 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\7\3F\616D9d01 [50788]
O61 - LFC: 27/09/2013 - 17:50:10 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\1\83\5F0A3d01 [26573]
O61 - LFC: 27/09/2013 - 17:50:16 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\09\5DC16d01 [67356]
O61 - LFC: 27/09/2013 - 17:50:16 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\9\24\E7450d01 [65456]
O61 - LFC: 27/09/2013 - 17:50:16 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\0E\697A7d01 [35085]
O61 - LFC: 27/09/2013 - 17:50:17 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\5\90\164FFd01 [27738]
O61 - LFC: 27/09/2013 - 17:50:17 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\6\63\AE4B1d01 [334580]
O61 - LFC: 27/09/2013 - 17:50:17 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\7\5F\580F5d01 [21399]
O61 - LFC: 27/09/2013 - 17:50:18 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\2\A5\B56D1d01 [58026]
O61 - LFC: 27/09/2013 - 17:50:19 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\4\E4\92E3Bd01 [23177]
O61 - LFC: 27/09/2013 - 17:50:20 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\A\38\2E13Ad01 [23343]
O61 - LFC: 27/09/2013 - 17:50:20 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\F\C0\53FABd01 [45874]
O61 - LFC: 27/09/2013 - 17:50:21 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\2\9E\80BE0d01 [22604]
O61 - LFC: 27/09/2013 - 17:50:21 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\E\93\9C47Ad01 [24992]
O61 - LFC: 27/09/2013 - 17:50:23 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\6\91\D5C3Ad01 [45823]
O61 - LFC: 27/09/2013 - 17:50:29 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\20d5a4de614c2d0d28a5b69fc3f6a448.png [16507]
O61 - LFC: 27/09/2013 - 17:50:39 ---A- . (...) -- C:\Documents and Settings\sophie\Recent\JRT.lnk [455]
O61 - LFC: 27/09/2013 - 17:50:47 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\3\FC\421E4d01 [45749]
O61 - LFC: 27/09/2013 - 17:50:48 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\62679a4f4f0a45e9aac577df6a042534.png [12025]
O61 - LFC: 27/09/2013 - 17:50:48 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\a43589d46c0731fe0ab3cf69de01b1b3.png [12025]
O61 - LFC: 27/09/2013 - 17:50:53 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\2\57\2B5D9d01 [45749]
O61 - LFC: 27/09/2013 - 17:51:00 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\828493204ef4dcf50cfbe085a8a034c0.png [29246]
O61 - LFC: 27/09/2013 - 17:51:04 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\40c086ad196c917f29f18c2d1b14fc19.png [25147]
O61 - LFC: 27/09/2013 - 17:51:33 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\315ac2149dc42dde3473acf124e63d89.png [22120]
O61 - LFC: 27/09/2013 - 17:52:15 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\0\D4\05195d01 [34879]
O61 - LFC: 27/09/2013 - 17:52:16 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\C\EE\F1936d01 [57995]
O61 - LFC: 27/09/2013 - 17:52:19 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\3\07\DB44Ed01 [18316]
O61 - LFC: 27/09/2013 - 17:52:23 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\3\A2\FFF8Dd01 [23794]
O61 - LFC: 27/09/2013 - 17:52:42 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\5\5F\84503d01 [37958]
O61 - LFC: 27/09/2013 - 17:52:46 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\9\66\3A768d01 [27800]
O61 - LFC: 27/09/2013 - 17:52:48 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\places.sqlite [10485760]
O61 - LFC: 27/09/2013 - 17:54:14 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\5bba678ac7bc6517ab7d7d82a6feb863.png [37322]
O61 - LFC: 27/09/2013 - 17:54:18 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\bae59cc113ebe1d48fdcb561899f8561.png [56403]
O61 - LFC: 27/09/2013 - 17:54:28 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\downloads.sqlite [98304]
O61 - LFC: 27/09/2013 - 17:54:30 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\00fe636fbf1bc5db2b35579671a7e54e.png [37518]
O61 - LFC: 27/09/2013 - 17:54:58 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\E\E0\53543d01 [16918]
O61 - LFC: 27/09/2013 - 17:55:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\addons.sqlite [524288]
O61 - LFC: 27/09/2013 - 17:55:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\addons.sqlite-journal [295496]
O61 - LFC: 27/09/2013 - 17:55:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\extensions.sqlite [524288]
O61 - LFC: 27/09/2013 - 17:55:00 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\prefs.js [5816]
O61 - LFC: 27/09/2013 - 17:55:01 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\extensions.sqlite-journal [262720]
O61 - LFC: 27/09/2013 - 17:55:01 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\healthreport.sqlite [1146880]
O61 - LFC: 27/09/2013 - 17:55:01 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\healthreport.sqlite-wal [557496]
O61 - LFC: 27/09/2013 - 17:55:15 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\localstore.rdf [19850]
O61 - LFC: 27/09/2013 - 17:56:58 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\blocklist.xml [79439]
O61 - LFC: 27/09/2013 - 17:56:58 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\Cache\E\DC\5EAAFd01 [79439]
O61 - LFC: 27/09/2013 - 17:57:01 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\_CACHE_CLEAN_ [1]
O61 - LFC: 27/09/2013 - 17:57:21 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\thumbnails\a6eba657d74f8b686be7c088f1bc7ec2.png [29240]
O61 - LFC: 27/09/2013 - 17:57:22 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\sessionstore.js [61659]
O61 - LFC: 27/09/2013 - 17:57:34 ---A- . (...) -- C:\Documents and Settings\sophie\Cookies\index.dat [32768]
O61 - LFC: 27/09/2013 - 17:57:34 ---A- . (...) -- C:\Documents and Settings\sophie\Local Settings\History\History.IE5\index.dat [32768]
O61 - LFC: 27/09/2013 - 17:57:49 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\ZHP\TestsZHPDiag.txt [3110] =>.Nicolas Coolman
O61 - LFC: 27/09/2013 - 17:58:06 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\places.sqlite-wal [247232]
O61 - LFC: 27/09/2013 - 17:58:14 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\webappsstore.sqlite [965632]
O61 - LFC: 27/09/2013 - 17:58:24 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\webappsstore.sqlite-wal [542896]
O61 - LFC: 27/09/2013 - 18:01:41 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\cookies.sqlite [524288]
O61 - LFC: 27/09/2013 - 18:02:08 ---A- . (...) -- C:\Documents and Settings\sophie\Application Data\ZHP\Log.txt [21890] =>.Nicolas Coolman
~ 26 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 258 Scanned in 01mn 45s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: ZHPFix 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\Aavmker4.sys (Aavmker4) .(.AVAST Software - avast! Base Kernel-Mode Device Driver for W.) - LEGACY_AAVMKER4
O64 - Services: CurCS - 10/09/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe� Flash� Player Update Service 11.8 r8.) - LEGACY_ADOBEFLASHPLAYERUPDATESVC
O64 - Services: CurCS - 17/08/2011 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - 28/08/2009 - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\aswMon2.sys (aswMon2) .(.AVAST Software - avast! File System Filter Driver for Window.) - LEGACY_ASWMON2
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 23/02/2011 - C:\WINDOWS\system32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - 23/02/2011 - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (avast! Antivirus) .(.AVAST Software - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
O64 - Services: CurCS - 12/12/2008 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - 25/07/2008 - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32
O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V4.0.30319_32
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dllhost.exe (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - 17/05/2004 - C:\WINDOWS\system32\Drivers\DgiVecp.sys (DgiVecp) .(.DeviceGuys, Inc. - Windows NT 4.0 IEEE-1284 parallel class dri.) - LEGACY_DGIVECP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\dmadmin.exe (dmadmin) .(.Microsoft Corp., Veritas Software - Logical Disk Manager service process.) - LEGACY_DMADMIN
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys (dmboot) .(.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) - LEGACY_DMBOOT
O64 - Services: CurCS - 03/09/2002 - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\svchost.exe (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - 23/10/2009 - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) .(.Acresso Software Inc. - Activation Licensing Service.) - LEGACY_FLEXNET_LICENSING_SERVICE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - 29/07/2008 - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - 20/10/2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER
O64 - Services: CurCS - 14/11/2005 - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\imapi.exe (ImapiService) .(.Microsoft Corporation - Image Mastering API.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - 11/10/2009 - C:\Program Files\Java\jre6\bin\jqs.exe (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Messenger) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_MESSENGER
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Mount Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 15/07/2011 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\msdtc.exe (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\msiexec.exe (MSIServer) .(.Microsoft Corporation - Windows� installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - 10/12/2010 - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (MSSQL$QSRNVIVO) .(.Microsoft Corporation - SQL Server Windows NT.) - LEGACY_MSSQL$QSRNVIVO
O64 - Services: CurCS - 21/04/2011 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\NDIS.sys (NDIS) .(.Microsoft Corporation - NDIS 5.1 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 08/07/2011 - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
O64 - Services: CurCS - 04/03/2010 - No owner (NMSAccess) .(...) - LEGACY_NMSACCESS
O64 - Services: CurCS - 05/12/2007 - C:\WINDOWS\system32\nvsvc32.exe (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 169.2.) - LEGACY_NVSVC
O64 - Services: CurCS - 22/08/2001 - C:\WINDOWS\sysTEM32\DRIVERS\OMCI.sys (OMCI) .(.Dell Computer Corporation - OMCI Device Driver.) - LEGACY_OMCI
O64 - Services: CurCS - 28/07/2003 - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.exe (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\PartMgr.sys (PartMgr) .(.Microsoft Corporation - Partition Manager.) - LEGACY_PARTMGR
O64 - Services: CurCS - 23/09/2003 - C:\WINDOWS\system32\PCAMPR5.sys (PCAMPR5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMPR5
O64 - Services: CurCS - 01/03/2006 - C:\WINDOWS\system32\PCANDIS5.sys (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - 03/09/2002 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 03/09/2002 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE
O64 - Services: CurCS - 13/11/2007 - C:\WINDOWS\system32\DRIVERS\secdrv.sys (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - 17/08/2010 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - 10/12/2010 - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (SQLBrowser) .(.Microsoft Corporation - SQL Browser Service EXE.) - LEGACY_SQLBROWSER
O64 - Services: CurCS - 10/12/2010 - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (SQLWriter) .(.Microsoft Corporation - SQL Server VSS Writer.) - LEGACY_SQLWRITER
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - System Restore Filesystem Filter Driver.) - LEGACY_SR
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - 17/02/2011 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\smlogsvc.exe (SysmonLog) .(.Microsoft Corporation - Performance Logs and Alerts Service.) - LEGACY_SYSMONLOG
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV
O64 - Services: CurCS - 20/06/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\wbem\wmiapsrv.exe (WmiApSrv) .(.Microsoft Corporation - WMI Performance Adapter Service.) - LEGACY_WMIAPSRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV
O64 - Services: CurCS - 28/09/2006 - C:\WINDOWS\system32\DRIVERS\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC
~ Legacy: 149 Scanned in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe
~ FASS Keys: 16 Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" http://www.qvo6.com =>Hijacker.Qvo6
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (Yahoo! Search) - http://us.yhs.search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (Yahoo! Search) - http://us.yhs.search.yahoo.com =>Toolbar.Yahoo
~ Keys: Scanned in 00mn 00s



---\\ Crack & Keygen Files (CKF) (O82)
C:\Program Files\Macromedia\-{mininova.org}- Macromedia Dreamweaver 8 FR + Keygen.rar.torrent
C:\Program Files\Macromedia\Macromedia Dreamweaver 8 FR + Keygen.rar
~ Files: Scanned in 02mn 09s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (...) -- C:\WINDOWS\system32\appmgmts.dll [0]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\WINDOWS\system32\dmserver.dll [23552]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - No Comment.) -- C:\WINDOWS\System32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\WINDOWS\system32\mswsock.dll [245248]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\WINDOWS\system32\ntmssvc.dll [435200]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\WINDOWS\system32\schedsvc.dll [192512]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\system32\ipnathlp.dll [331264]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\WINDOWS\System32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft� Windows(TM) Telephony Server.) -- C:\WINDOWS\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\System32\w32time.dll [175104]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\WINDOWS\system32\wzcsvc.dll [483840]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [144896]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Terminal Server Service.) -- C:\WINDOWS\system32\termsrv.dll [295424]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\system32\qmgr.dll [409088]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\WINDOWS\system32\qagentrt.dll [291328]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\system32\kmsvc.dll [61440]
~ Services: 40 Scanned in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.9665FCE7B0CBDE89069132291FB26C91] [SPRF][28/02/2008] (...) -- C:\Documents and Settings\All Users\Application Data\ezsid.dat [32]
[MD5.17C8BF490CA207D06EF2A0EC84F47191] [SPRF][27/09/2013] (...) -- C:\Documents and Settings\sophie\Desktop\adwcleaner.exe [1042066]
[MD5.E091C7D56F09DEF72DE2F32CA914F204] [SPRF][06/10/2011] (...) -- C:\Documents and Settings\sophie\Desktop\adwcleaner0.exe [526586]
[MD5.C08E905F710AF6CEB20ED4BEFCA2B1CE] [SPRF][27/09/2013] (.Thisisu - Junkware Removal Tool.) -- C:\Documents and Settings\sophie\Desktop\JRT.exe [1030305]
[MD5.E943AD50E9D25F9635F82890ADFCF80A] [SPRF][27/09/2013] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\sophie\Desktop\ZHPDiag2.exe [6825609]
[MD5.116986E39612CF7870DB6687A96CEB78] [SPRF][27/09/2013] (.Nicolas Coolman - ZHPFix.) -- C:\Documents and Settings\sophie\Desktop\ZHPFix.exe [3515882]
[MD5.A286826BAF8F2BB17D1630DE1AFD2376] [SPRF][30/03/2009] (.AVG Technologies - AVG Setup Self-Extractor based on 7-Zip.) -- C:\Program Files\avg_free_stf_eu_85_285a1462.exe [65238392]
[MD5.4F6644BD5510182875CF3305BFA10062] [SPRF][29/07/2008] (.No owner - EasyPHP Setup.) -- C:\Program Files\EasyPHP-2.0b1-setup.exe [13496303]
[MD5.D388CDC4DDA65263F7DB385989AF7160] [SPRF][22/09/2006] (...) -- C:\Program Files\eMule0.47c-Installer.exe [3534076]
[MD5.0C0E1CB3EB714128382A6FBA87F3BBEC] [SPRF][22/12/2007] (.Lavalys, Inc. - EVEREST Ultimate Edition.) -- C:\Program Files\everest-ultimate_everest_ultimate_4.20_francais_12281.exe [8184160]
[MD5.23F79C77D74F25E70D1F4C6BE335B0FE] [SPRF][27/06/2006] (...) -- C:\Program Files\FirefoxGoogleToolbarSetup.exe [5588688] =>Toolbar.Google
[MD5.0D880EC3AF8FBED4FB79DEEB0B2CC779] [SPRF][28/06/2006] (.Microsoft Corporation - Windows Live Messenger Installer.) -- C:\Program Files\Install_Messenger_nous.exe [15272744]
[MD5.2EA917C448B0B4723FA817FA1EFAC935] [SPRF][28/06/2006] (.Microsoft Corporation - Self Extracting Messenger 4.7.) -- C:\Program Files\mmssetup.exe [1001536]
[MD5.DC12A9B64C8EAC7C7635B8DB1413DDF4] [SPRF][31/12/2007] (...) -- C:\Program Files\SetupSketchMaster.exe [1397248]
[MD5.696635EF5CF84D7F87C67EFC9CE1FCF0] [SPRF][28/06/2006] (.Skype Technologies S.A. - No Comment.) -- C:\Program Files\SkypeSetup.exe [10641672]
[MD5.39E6AAAA15571DB17540F49631B482DA] [SPRF][20/05/2007] (.No owner - �Torrent 1.6.1 Installer.) -- C:\Program Files\uTorrent-1.6.1-install.exe [697492] =>P2P.�Torrent
~ Files: 16 Scanned in 00mn 10s



---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "1AC062F4BEF68684CBD3ACB5CBA96403" . (.QSR NVivo 7.0.) -- C:\WINDOWS\Installer\{4F260CA1-6FEB-4868-BC3D-CA5BBC9A4630}\ARPPRODUCTICON.exe
O90 - PUC: "2A0160E7633E3B046B584C09E579CEA9" . (.OpenOffice.org 3.3.) -- C:\WINDOWS\Installer\{7E0610A2-E336-40B3-B685-C4905E97EC9A}\soffice.ico
O90 - PUC: "2FFAE75BEE6DC6C41957DEF971FB1CCB" . (.Windows Live Messenger.) -- C:\WINDOWS\Installer\{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}\MsblIco.Exe
O90 - PUC: "32178270CA8BEC143864D37727543CB5" . (.Bonjour.) -- C:\WINDOWS\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\Installer.ico
O90 - PUC: "53F25BCB65C42F943A6DDFDE450B8174" . (.pdfforge Toolbar v4.4.) -- C:\WINDOWS\Installer\{BCB52F35-4C56-49F2-A3D6-FDED54B01847}\ARPPRODUCTICON.exe =>PUP.Dealio
O90 - PUC: "5A6FB34A0F5DAAA4FB1456990536CE44" . (.MSXML 6.0 Parser.) -- C:\WINDOWS\Installer\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}\ARPIco
O90 - PUC: "68AB67CA3301004F7706000000000040" . (.Adobe Acrobat 9 Pro - English, Fran�ais, Deutsch.) -- C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
O90 - PUC: "68AB67CA7DA73301B744AA0100000010" . (.Adobe Reader X (10.1.8).) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "70B83354632A0724A977BE4B1155715B" . (.Windows Live Sign-in Assistant.) -- C:\WINDOWS\Installer\{45338B07-A236-4270-9A77-EBB4115517B5}\prodicon.ico
O90 - PUC: "7DDFFFA258DE09A4C825D59ABECDB9F8" . (.Microsoft SQL Server 2005 Express Edition (QSRNVIVO).) -- C:\WINDOWS\Installer\{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}\ARPIcon.ico
O90 - PUC: "8D60D467ED8DE1141A8C9D9E83F0A848" . (.Microsoft Works 7.0.) -- C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\Win2Kico.exe
O90 - PUC: "9040480900063D11C8EF10054038389C" . (.Microsoft Office Excel Viewer 2003.) -- C:\WINDOWS\Installer\{90840409-6000-11D3-8CFE-0150048383C9}\xlvicon.exe,1
O90 - PUC: "983B05722D2A359499AC721C2F8A6EDF" . (.Microsoft SQL Server 2005 Tools Express Edition.) -- C:\WINDOWS\Installer\{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}\ARPIcon.ico
O90 - PUC: "98B4807E0E963B641A81F8990D9688DC" . (.Microsoft SQL Server VSS Writer.) -- C:\WINDOWS\Installer\{E7084B89-69E0-46B3-A118-8F99D06988CD}\ARPIco
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\WINDOWS\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "B6ED15411EBA26F4EBA93B361A57882A" . (.QuickTime.) -- C:\WINDOWS\Installer\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}\Installer.ico
O90 - PUC: "C040FA0900063D11C8EF10054038389C" . (.Microsoft Office PowerPoint Viewer 2003.) -- C:\WINDOWS\Installer\{90AF040C-6000-11D3-8CFE-0150048383C9}\ppvwicon.exe,0 =>.Microsoft Corporation
O90 - PUC: "D55AEDAA438CBCB4893AB4D8C1814FEE" . (.Apple Mobile Device Support.) -- C:\WINDOWS\Installer\{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}\Installer.ico
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Windows Live Upload Tool.) -- C:\WINDOWS\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico
O90 - PUC: "EE3C5F35DE50038499B4052B0F5DF0EC" . (.Microsoft SQL Server Setup Support Files (English).) -- C:\WINDOWS\Installer\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}\ARPIcon.ico
O90 - PUC: "F23D07676EAD94E4C8B83B0FB8B56168" . (.Microsoft SQL Server Native Client.) -- C:\WINDOWS\Installer\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}\ARPIco
O90 - PUC: "F65865963B6B0EB4ABB0F894B53E0233" . (.Apple Software Update.) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\Installer.ico
O90 - PUC: "FD563AF386D2DE54F838C8A8336E1534" . (.Apple Application Support.) -- C:\WINDOWS\Installer\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}\WinInstall.ico
O90 - PUC: "FE9286A31970DDF439286C09DD80129B" . (.Adobe Flash Player 10 ActiveX.) -- C:\WINDOWS\Installer\{3A6829EF-0791-4FDD-9382-C690DD0821B9}\ARPPRODUCTICON.exe
~ Update Products: 128 Scanned in 00mn 00s



---\\ Windows Installer Scan (WIS) (O93) (NTFS)
[MD5.8A4A74A8099425E466AC266CB80CF0E7] [WIS][31/08/2011] (.QSR International Pty Ltd - QSR NVivo 7.0.) -- C:\Windows\Installer\16777a.msi [1881600]
[MD5.67D1EB98CBF199466A4B6FFE6EF82997] [WIS][06/06/2011] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\348de0.msi [1027584] =>PUP.Dealio
~ WIS: 130 Scanned in 00mn 21s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/02/2010 288112 | (Adobe Version Cue CS4) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
SS - | Demand 10/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/08/2009 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SS - | Disabled 24/05/2000 15360 | (ATMsrvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\ATMsrvc.exe
SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 224768 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Demand 23/10/2009 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SR - | Auto 11/10/2009 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SS - | Demand 27/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 04/03/2010 71096 | (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SS - | Auto 05/12/2007 155716 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
~ Services: Scanned in 00mn 22s



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12930 - (27/09/2013)
Cl�s trouv�es (Keys found) : 13
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 2
Fichiers trouv�s (Files found) : 6

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BCB52F35-4C56-49F2-A3D6-FDED54B01847}] =>PUP.Dealio^
[HKLM\Software\Classes\Installer\Features\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO
[HKLM\Software\Classes\Installer\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio
C:\Documents and Settings\sophie\Application Data\Mozilla\Firefox\Profiles\mapdk7qj.default\{3112ca9c-de6d-4884-a869-9855de68056c} =>Toolbar.Google^
C:\Program Files\Yahoo! =>Toolbar.Yahoo^
C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml =>Toolbar.Yahoo^
[HKCU\Software\Yahoo] =>Toolbar.Yahoo^
[HKLM\Software\Yahoo] =>Toolbar.Yahoo^
C:\Program Files\FirefoxGoogleToolbarSetup.exe =>Toolbar.Google^
C:\WINDOWS\Installer\{BCB52F35-4C56-49F2-A3D6-FDED54B01847}\ARPPRODUCTICON.exe =>PUP.Dealio^
C:\Windows\Installer\348de0.msi =>PUP.Dealio^
~ Additionnel Scan: 456292 Items scanned in 01mn 04s



---\\ Summary of the detections found on your workstation
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6
~ MSI: 4 link(s) detected in 01mn 05s



End of the scan (1863 lines in 09mn 27s)(2)