OTL logfile created on: 31/03/2013 10:43:43 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\mimi\Desktop\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
6,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 47,69% Memory free
12,18 Gb Paging File | 8,35 Gb Available in Paging File | 68,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 9,23 Gb Free Space | 9,45% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 9,03 Gb Free Space | 92,43% Space Free | Partition Type: NTFS
 
Computer Name: PC-DE-MIMI | User Name: mimi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/03/30 18:15:45 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013/03/29 19:13:10 | 000,450,560 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\cacaoweb\cacaoweb.exe
PRC - [2013/03/26 12:00:47 | 002,569,168 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2013/03/26 07:54:28 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/03/26 07:54:28 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/03/25 17:34:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mimi\Desktop\Downloads\OTL.exe
PRC - [2013/02/18 13:57:25 | 000,667,416 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013/02/16 10:43:02 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/02/08 11:35:54 | 003,873,640 | ---- | M] () -- C:\Program Files (x86)\tuto4pc_fr_25\tuto4pc_fr_25.exe
PRC - [2013/02/08 11:35:54 | 002,132,840 | ---- | M] () -- C:\Users\mimi\AppData\Local\tuto4pc_fr_25\upt4pc_fr_25.exe
PRC - [2012/12/26 19:17:14 | 000,087,552 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2012/12/26 19:17:00 | 002,213,272 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
PRC - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/15 21:20:54 | 000,178,136 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files (x86)\OfferBox\OfferBoxHTTPProxy.exe
PRC - [2012/12/15 21:20:52 | 008,624,088 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
PRC - [2012/10/02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/19 09:33:42 | 000,651,360 | ---- | M] () -- C:\ProgramData\InstallBrainService\ibsvc.exe
PRC - [2012/05/30 11:38:40 | 000,195,256 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\DRPSu\DrvUpdater.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/03/29 19:13:10 | 000,450,560 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\cacaoweb\cacaoweb.exe
MOD - [2013/03/27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/03/26 12:00:47 | 002,569,168 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2013/03/26 11:58:33 | 002,232,272 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2013/03/26 07:54:28 | 000,990,120 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/03/26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/03/13 16:06:38 | 012,501,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5ef636c4b41605f125d7482fc132659f\System.Windows.Forms.ni.dll
MOD - [2013/03/13 16:06:31 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/03/13 16:06:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/03/13 15:34:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/03/13 13:40:16 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/03/13 13:38:07 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013/02/08 11:35:54 | 003,873,640 | ---- | M] () -- C:\Program Files (x86)\tuto4pc_fr_25\tuto4pc_fr_25.exe
MOD - [2013/02/08 11:35:54 | 002,132,840 | ---- | M] () -- C:\Users\mimi\AppData\Local\tuto4pc_fr_25\upt4pc_fr_25.exe
MOD - [2013/01/24 22:54:52 | 000,220,160 | ---- | M] () -- C:\Program Files (x86)\GinyasBrowserCompanions\jsloader.dll
MOD - [2012/12/11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/11/04 18:10:44 | 008,013,664 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2012/08/08 19:41:02 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\SpecialSavings\SpecialSavings.dll
MOD - [2012/05/30 11:38:40 | 000,195,256 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\DRPSu\DrvUpdater.exe
MOD - [2009/03/24 15:30:40 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\SpecialSavings\SpicIE.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/11/21 15:31:40 | 001,957,912 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV)
SRV:[b]64bit:[/b] - [2012/05/28 16:55:54 | 000,067,904 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV:[b]64bit:[/b] - [2012/04/02 15:16:40 | 000,075,384 | ---- | M] (Bitdefender) [On_Demand | Running] -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe -- (SafeBox)
SRV:[b]64bit:[/b] - [2011/10/14 23:57:26 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:[b]64bit:[/b] - [2008/01/21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/03/30 18:15:46 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/26 12:00:47 | 002,569,168 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/03/26 07:54:28 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/18 13:57:25 | 000,667,416 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013/02/07 14:54:40 | 000,161,384 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/26 19:17:14 | 000,087,552 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/15 21:21:04 | 000,336,856 | ---- | M] (Aedge Performance BCN SL) [Auto | Stopped] -- C:\Program Files (x86)\OfferBox\OfferBoxUpdateService.exe -- (OfferBox update service)
SRV - [2012/10/10 22:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/19 09:33:42 | 000,651,360 | ---- | M] () [Auto | Running] -- C:\ProgramData\InstallBrainService\ibsvc.exe -- (InstallBrainService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/02/19 12:02:38 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avchv.sys -- (avchv)
DRV:[b]64bit:[/b] - [2013/02/18 19:06:23 | 000,442,088 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV:[b]64bit:[/b] - [2013/02/18 10:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/01/20 08:16:48 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2012/10/10 15:00:50 | 000,587,024 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avckf.sys -- (avckf)
DRV:[b]64bit:[/b] - [2012/10/10 15:00:48 | 000,705,552 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avc3.sys -- (avc3)
DRV:[b]64bit:[/b] - [2012/08/29 18:24:10 | 000,145,696 | ---- | M] (BitDefender LLC) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\gzflt.sys -- (gzflt)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/06 15:21:56 | 000,093,160 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:[b]64bit:[/b] - [2012/07/04 08:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2012/07/04 08:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012/07/04 07:10:56 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012/02/29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/11/17 17:38:34 | 000,079,952 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox)
DRV:[b]64bit:[/b] - [2011/11/14 20:16:36 | 000,119,888 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV:[b]64bit:[/b] - [2011/11/10 19:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2011/10/27 15:07:05 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\trufos.sys -- (trufos)
DRV:[b]64bit:[/b] - [2011/09/08 17:40:24 | 000,508,520 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:[b]64bit:[/b] - [2011/09/02 04:03:42 | 000,104,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdLH6.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010/08/19 20:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\bdvedisk.sys -- (BDVEDISK)
DRV:[b]64bit:[/b] - [2009/10/01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009/05/20 16:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{422692C9-2981-64D3-BCEF-3828AB7759EA}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.searchya.com/?q={searchTerms}&f=4&a=dnldyho&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCyC0EyBzyyEyB0E0DyEtN0D0Tzu0CyEtByEtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F&cr=1666482865&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3243065090314811&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {8e5025c2-8ea3-430d-80b8-a14151068a6d} - SOFTWARE\Classes\CLSID\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=Download2&dpid=Download2&co=FR&userid=6a6b0e27-89a2-43df-bd5f-4156c1ecb295&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{611FC0BA-45AE-B803-1B1F-6BC6A4D8ED51}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.searchya.com/?q={searchTerms}&f=4&a=dnldyho&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCyC0EyBzyyEyB0E0DyEtN0D0Tzu0CyEtByEtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F&cr=1666482865&ir=
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3243065090314811&q={searchTerms}
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYfr&ptnrS=XPxdm049YYfr&si=7309&ptb=ABD9C400-D754-44DE-B8C5-B4BC2C8FC7FB&psa=&ind=2012040714&st=sb&n=77ed4e0a&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10020&barid={6E2C43F0-6AF6-11E2-9F7C-0026183E09CA}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=Download&dpid=Download&co=FR&userid=6a6b0e27-89a2-43df-bd5f-4156c1ecb295&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=Download&dpid=Download&co=FR&userid=6a6b0e27-89a2-43df-bd5f-4156c1ecb295&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\URLSearchHook: {8e5025c2-8ea3-430d-80b8-a14151068a6d} - SOFTWARE\Classes\CLSID\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\InprocServer32 File not found
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=Download&dpid=Download&co=FR&userid=6a6b0e27-89a2-43df-bd5f-4156c1ecb295&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{02403227-240E-47BC-A1FA-367EF2476A4E}: "URL" = http://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=a42f7ed40000000000000026183e09ca&q={searchTerms}&r=702
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119290&tt=190313_wo2&babsrc=SP_ss&mntrId=A42F0026183E09CA
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{1DF950CE-7183-44FD-9CC8-B5E6B233810D}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3128284
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{2891EA93-96EC-484C-8707-A072077625B3}: "URL" = http://search.softonic.com/MOY00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=943
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{422692C9-2981-64D3-BCEF-3828AB7759EA}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_frFR523
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{611FC0BA-45AE-B803-1B1F-6BC6A4D8ED51}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_frFR523
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_frFR523
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3243065090314811&q={searchTerms}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MKTIE9
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYfr&ptnrS=XPxdm049YYfr&si=7309&ptb=ABD9C400-D754-44DE-B8C5-B4BC2C8FC7FB&psa=&ind=2012040714&st=sb&n=77ed4e0a&searchfor={searchTerms}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{C681D7DF-A96F-493D-A172-B3798E11C2E4}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=fr_FR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^FR&apn_uid=63398A3E-3693-4859-9366-DE892BB1D5D4&apn_sauid=69120AD9-E858-4BFC-8268-A7738F4AEC2B
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6R8wgoqOJT&i=26
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10020&barid={6E2C43F0-6AF6-11E2-9F7C-0026183E09CA}
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.offerbox.com
IE - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56847
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files (x86)\Software\Update\1.2.201.0\npSoftwareOneClick8.dll (Boxore OU.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2013/02/26 10:20:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2013/02/26 10:20:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@vshsolutions.com: C:\Users\mimi\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Users\mimi\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com [2013/02/18 14:03:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/03/28 22:11:52 | 000,000,000 | ---D | M]
 
[2013/02/18 14:03:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mimi\AppData\Roaming\mozilla\Extensions
[2013/02/18 14:03:20 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\mimi\AppData\Roaming\mozilla\Extensions\SpecialSavings@SpecialSavings.com
[2013/03/29 19:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mimi\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2013/02/27 15:03:35 | 000,000,000 | ---D | M] ("新しいタブ") -- C:\Users\mimi\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
[2013/02/28 18:56:02 | 000,000,000 | ---D | M] (Ginyas Browser Companions) -- C:\Users\mimi\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\bbrs_003@blabbers.com
[2013/03/29 19:14:55 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\mimi\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\cacaoweb@cacaoweb.org
[2013/02/27 15:03:34 | 000,000,000 | ---D | M] (searchya.com) -- C:\Users\mimi\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\ffxtlbr@searchya.com
[2013/02/25 21:25:57 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\mimi\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi
[2013/02/27 15:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.delta-search.com/?affID=119290&tt=190313_wo2&babsrc=HP_ss&mntrId=A42F0026183E09CA
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.delta-search.com/?affID=119290&tt=190313_wo2&babsrc=HP_ss&mntrId=A42F0026183E09CA
CHR - Extension: No name found = C:\Users\mimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\mimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pillplnpmfjckedkedpaoembffbpklnf\2_0\
CHR - Extension: No name found = C:\Users\mimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\mimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pillplnpmfjckedkedpaoembffbpklnf\2_0\
 
O1 HOSTS File: ([2012/12/10 22:02:34 | 000,000,814 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (SearchYa Helper Object) - {25927741-5E5B-4D27-8D8B-9188FE64373F} - C:\Program Files (x86)\SearchYa!\1.8.8.0\bh\searchya.dll (Montera Technologeis LTD)
O2 - BHO: (Ginyas Browser Companion) - {2d8c4843-765f-4827-bafa-8c318284e4d8} - C:\Program Files (x86)\GinyasBrowserCompanions\jsloader.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (01NET.com Toolbar) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} - Reg Error: Value error. File not found
O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\GinyasBrowserCompanions\updatebhoWin32.dll (Blabbers Communications Ltd)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {bb184e6d-26d1-461a-9226-b93ca8da2af9} - No CLSID value found.
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - Reg Error: Value error. File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{CB14350D-B064-4283-9145-B63F96772108} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{CB14350D-B064-4283-9145-B63F96772108} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SearchYa Toolbar) - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\Program Files (x86)\SearchYa!\1.8.8.0\searchyaTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (01NET.com Toolbar) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..\Toolbar\WebBrowser: (01NET.com Toolbar) - {8E5025C2-8EA3-430D-80B8-A14151068A6D} - Reg Error: Value error. File not found
O4:[b]64bit:[/b] - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [offerbox] C:\Program Files (x86)\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tuto4pc_fr_25] C:\Program Files (x86)\tuto4pc_fr_25\tuto4pc_fr_25.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000..\Run: [cacaoweb] C:\Users\mimi\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O4 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000..\Run: [DrvUpdater] C:\Users\mimi\AppData\Roaming\DRPSu\DrvUpdater.exe ()
O4 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [upt4pc_fr_25.exe] C:\Users\mimi\AppData\Local\tuto4pc_fr_25\upt4pc_fr_25.exe ()
O4 - Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:[b]64bit:[/b] - Extra context menu item: Rechercher sur le Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Rechercher sur le Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..Trusted Domains: clonewarsadventures.com ([]* in Sites de confiance)
O15 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..Trusted Domains: freerealms.com ([]* in Sites de confiance)
O15 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..Trusted Domains: soe.com ([]* in Sites de confiance)
O15 - HKU\S-1-5-21-59344856-3943544164-1868653660-1000\..Trusted Domains: sony.com ([]* in Sites de confiance)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C430894-A82C-400F-A3D6-3EA3D30FB15A}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\base64 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\chrome - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\prox - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~2\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\mimi\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\mimi\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2e609361-61e8-11e2-a99e-0026183e09ca}\Shell - "" = AutoRun
O33 - MountPoints2\{2e609361-61e8-11e2-a99e-0026183e09ca}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{85aecdef-6de5-11e2-a1c6-0026183e09ca}\Shell - "" = AutoRun
O33 - MountPoints2\{85aecdef-6de5-11e2-a1c6-0026183e09ca}\Shell\AutoRun\command - "" = M:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
 
SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:[b]64bit:[/b] {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:[b]64bit:[/b] vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:[b]64bit:[/b] vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/03/29 19:13:10 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\cacaoweb
[2013/03/28 22:30:42 | 000,000,000 | ---D | C] -- C:\Games
[2013/03/28 22:11:55 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013/03/28 22:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013/03/28 22:11:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013/03/28 22:11:17 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\BabSolution
[2013/03/28 22:11:15 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Delta
[2013/03/27 22:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/03/27 21:19:47 | 000,000,000 | ---D | C] -- C:\Users\mimi\Documents\VirtualDJ
[2013/03/27 21:05:25 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Audacity
[2013/03/26 19:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2013/03/26 19:18:58 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/26 19:18:42 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/21 20:06:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/20 17:24:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013/03/20 17:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2013/03/17 21:30:46 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013/03/15 23:04:00 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/03/14 10:40:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/14 10:40:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/14 10:40:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/14 10:40:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/14 10:40:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/14 10:40:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/14 10:40:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/14 10:40:19 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/14 10:40:19 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/14 10:40:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/14 10:40:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/14 10:40:18 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/14 10:40:18 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/14 10:40:18 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/14 10:40:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/14 10:38:16 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Local\tuto4pc_fr_5
[2013/03/13 19:22:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013/03/12 15:54:18 | 000,000,000 | ---D | C] -- C:\70eba702954fede5be
[2013/03/11 11:04:58 | 000,000,000 | ---D | C] -- C:\50cbe7836dd585f020
[2013/03/10 21:36:08 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\player
[2013/03/07 19:44:54 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Local\{2F88897B-C5B0-4AFB-A1C6-02A42AF63318}
[2013/03/07 14:34:26 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2013/03/07 14:34:26 | 000,000,000 | ---D | C] -- C:\Fraps
[2013/03/07 14:33:34 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/07 14:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/07 13:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fraps
[2013/03/05 23:58:34 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Local\{CC54597C-8439-44AB-9BB4-DB9936C6E8DA}
[2013/03/04 20:34:32 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Skype
[2013/03/04 20:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/04 20:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/04 20:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/03/02 23:06:57 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2013/03/02 22:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/03/02 22:07:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/02 09:59:04 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/02 09:59:04 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/01 17:01:02 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2013/03/01 17:00:31 | 000,000,000 | ---D | C] -- C:\Users\mimi\AppData\Roaming\OfferBox
[2013/03/01 17:00:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OfferBox
[2013/03/01 16:28:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2013/03/01 16:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2013/03/01 16:27:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2012/12/29 21:26:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Users\mimi\nosxs_mfc90chs.dll
[7 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/03/31 10:45:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/03/31 10:26:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Stats Report.job
[2013/03/31 10:23:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013/03/31 10:23:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013/03/31 10:19:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/31 10:08:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/31 09:45:32 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/31 09:45:32 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/31 08:05:35 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Update Checker.job
[2013/03/31 07:52:05 | 001,608,886 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/31 07:52:05 | 000,719,862 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/03/31 07:52:05 | 000,632,170 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/31 07:52:05 | 000,144,690 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/03/31 07:52:05 | 000,118,796 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/31 07:45:56 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions FireFox Watcher.job
[2013/03/31 07:45:33 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/31 07:45:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/30 18:15:45 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/30 18:15:45 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/29 08:15:29 | 000,008,592 | ---- | M] () -- C:\Users\mimi\AppData\Local\d3d9caps.dat
[2013/03/28 08:05:53 | 000,260,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/26 19:18:32 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/26 19:18:31 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/03/26 19:18:31 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/26 19:18:31 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/26 19:18:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/26 19:18:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/25 17:36:12 | 000,000,500 | ---- | M] () -- C:\Users\mimi\Desktop\OTL.exe - Raccourci.lnk
[2013/03/20 17:31:27 | 000,068,300 | ---- | M] () -- C:\Users\mimi\Documents\LOGRES.odt
[2013/03/20 17:25:40 | 000,001,070 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/03/17 22:31:44 | 000,129,278 | ---- | M] () -- C:\Users\mimi\Documents\cc_20130317_212913.reg
[2013/03/13 17:46:12 | 000,352,749 | ---- | M] () -- C:\Users\mimi\Documents\digitick58923304.pdf
[2013/03/13 13:44:36 | 001,588,574 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/11 22:23:51 | 000,043,520 | ---- | M] () -- C:\Users\mimi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/07 14:34:27 | 000,000,524 | ---- | M] () -- C:\Users\mimi\Desktop\Fraps.lnk
[2013/03/07 14:22:40 | 070,583,539 | ---- | M] () -- C:\Users\mimi\Documents\JENALUC.MOV
[2013/03/06 11:49:23 | 000,000,325 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml
[2013/03/04 20:34:18 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[7 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/03/31 10:45:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/03/27 22:52:19 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/03/25 17:36:12 | 000,000,500 | ---- | C] () -- C:\Users\mimi\Desktop\OTL.exe - Raccourci.lnk
[2013/03/20 17:31:25 | 000,068,300 | ---- | C] () -- C:\Users\mimi\Documents\LOGRES.odt
[2013/03/20 17:25:40 | 000,001,070 | ---- | C] () -- C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/03/17 22:29:16 | 000,129,278 | ---- | C] () -- C:\Users\mimi\Documents\cc_20130317_212913.reg
[2013/03/13 17:46:12 | 000,352,749 | ---- | C] () -- C:\Users\mimi\Documents\digitick58923304.pdf
[2013/03/07 14:34:27 | 000,000,524 | ---- | C] () -- C:\Users\mimi\Desktop\Fraps.lnk
[2013/03/07 14:27:51 | 070,583,539 | ---- | C] () -- C:\Users\mimi\Documents\JENALUC.MOV
[2013/03/04 20:34:18 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/02 22:48:30 | 000,001,212 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2013/03/02 22:34:25 | 000,001,281 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013/03/01 17:00:27 | 000,000,872 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OfferBox.lnk
[2013/02/26 10:21:17 | 000,225,986 | ---- | C] () -- C:\ProgramData\1361866542.bdinstall.bin
[2013/02/25 21:27:19 | 000,348,990 | ---- | C] () -- C:\Users\mimi\AppData\Local\funmoods-speeddial_sf.crx
[2013/02/19 02:06:07 | 000,202,295 | ---- | C] () -- C:\ProgramData\1361232059.bdinstall.bin
[2013/02/19 01:31:12 | 000,020,753 | ---- | C] () -- C:\ProgramData\1361230261.6416.bin
[2013/02/19 01:31:06 | 000,006,692 | ---- | C] () -- C:\ProgramData\1361230261.4780.bin
[2013/02/19 01:31:06 | 000,005,679 | ---- | C] () -- C:\ProgramData\1361230261.4488.bin
[2013/02/19 01:31:01 | 000,046,913 | ---- | C] () -- C:\ProgramData\1361230261.4656.bin
[2013/02/18 22:49:53 | 000,166,462 | ---- | C] () -- C:\ProgramData\1361220411.bdinstall.bin
[2013/02/18 19:10:13 | 000,238,237 | ---- | C] () -- C:\ProgramData\1361206577.bdinstall.bin
[2013/02/18 18:02:41 | 000,666,961 | ---- | C] () -- C:\ProgramData\1361202958.bdinstall.bin
[2013/02/18 17:53:12 | 000,000,502 | ---- | C] () -- C:\ProgramData\1361202790.bdinstall.bin
[2013/02/10 11:52:57 | 000,232,496 | ---- | C] () -- C:\ProgramData\1360489584.bdinstall.bin
[2013/02/09 21:30:26 | 000,232,268 | ---- | C] () -- C:\ProgramData\1360436364.bdinstall.bin
[2013/01/24 17:26:13 | 000,228,564 | ---- | C] () -- C:\ProgramData\1359040586.bdinstall.bin
[2013/01/13 21:56:07 | 000,261,747 | ---- | C] () -- C:\ProgramData\1358106494.bdinstall.bin
[2012/12/22 17:10:44 | 000,235,466 | ---- | C] () -- C:\ProgramData\1356188647.bdinstall.bin
[2012/11/05 14:39:07 | 000,008,592 | ---- | C] () -- C:\Users\mimi\AppData\Local\d3d9caps.dat
[2012/11/04 21:01:37 | 000,232,543 | ---- | C] () -- C:\ProgramData\1352055327.bdinstall.bin
[2012/11/03 13:18:09 | 000,232,551 | ---- | C] () -- C:\ProgramData\1351941054.bdinstall.bin
[2012/10/31 16:32:30 | 000,001,776 | ---- | C] () -- C:\ProgramData\1351693876.1936.bin
[2012/10/31 16:31:19 | 000,098,633 | ---- | C] () -- C:\ProgramData\1351693876.4312.bin
[2012/10/31 16:31:16 | 000,039,448 | ---- | C] () -- C:\ProgramData\1351693876.2348.bin
[2012/10/31 16:31:16 | 000,016,293 | ---- | C] () -- C:\ProgramData\1351693876.4352.bin
[2012/10/31 16:31:16 | 000,011,130 | ---- | C] () -- C:\ProgramData\1351693876.4856.bin
[2012/10/31 16:03:35 | 000,184,624 | ---- | C] () -- C:\ProgramData\1351692009.bdinstall.bin
[2012/10/31 15:55:31 | 000,001,460 | ---- | C] () -- C:\Users\mimi\AppData\Local\d3d9caps64.dat
[2012/10/31 15:33:05 | 000,007,020 | ---- | C] () -- C:\ProgramData\1351690380.5392.bin
[2012/10/31 15:33:01 | 000,049,894 | ---- | C] () -- C:\ProgramData\1351690380.6836.bin
[2012/10/31 15:33:00 | 000,035,806 | ---- | C] () -- C:\ProgramData\1351690380.952.bin
[2012/10/31 15:33:00 | 000,006,651 | ---- | C] () -- C:\ProgramData\1351690380.4332.bin
[2012/10/20 11:56:34 | 000,227,338 | ---- | C] () -- C:\ProgramData\1350726684.bdinstall.bin
[2012/07/27 21:34:21 | 000,000,008 | ---- | C] () -- C:\Users\mimi\AppData\Roaming\DofusAppId0_1
[2012/07/27 10:48:26 | 000,000,169 | ---- | C] () -- C:\Users\mimi\AppData\Roaming\D2Info0
[2012/07/27 10:48:26 | 000,000,008 | ---- | C] () -- C:\Users\mimi\AppData\Roaming\DofusAppId0_2
[2012/06/17 13:09:19 | 000,043,520 | ---- | C] () -- C:\Users\mimi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/31 19:02:32 | 000,221,907 | ---- | C] () -- C:\ProgramData\1338483449.bdinstall.bin
[2012/04/22 15:31:52 | 000,000,030 | ---- | C] () -- C:\Windows\mscpt.dat
[2012/03/28 18:55:01 | 000,335,064 | ---- | C] () -- C:\ProgramData\1332952882.bdinstall.bin
[2012/03/28 18:36:28 | 000,036,864 | ---- | C] () -- C:\Windows\EP_UNINSTALL.EXE
[2012/03/25 12:07:57 | 001,588,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/25 10:21:48 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2012/03/25 10:21:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2012/03/25 10:21:20 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/03/25 05:19:02 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2012/03/25 01:28:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006/11/02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 08:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/28 04:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 08:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 07:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/21 04:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/21 04:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2008/01/21 04:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/21 04:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/21 04:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/21 04:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008/01/21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2008/01/21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe
[2008/01/21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2008/01/21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe
[2008/01/21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009/04/11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
[color=#A23BEC]< SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2013/03/31 00:45:23 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\.minecraft
[2012/07/25 18:24:44 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Adobe
[2012/07/27 10:48:30 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\app
[2012/10/31 15:16:18 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Apple Computer
[2012/03/25 02:42:12 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\ATI
[2013/03/27 23:07:15 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Audacity
[2013/02/19 01:01:15 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\AVG2013
[2013/03/28 22:11:18 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\BabSolution
[2012/07/15 19:42:18 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Babylon
[2013/02/26 10:26:48 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Bitdefender
[2013/02/11 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\BrowserCompanion
[2013/03/31 10:47:51 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\cacaoweb
[2012/12/29 18:08:38 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/01/29 18:23:05 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\DAEMON Tools Lite
[2013/03/28 22:11:15 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Delta
[2012/07/27 10:48:26 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012/07/27 21:34:21 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012/08/04 22:34:52 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Dofus2
[2012/11/07 11:40:25 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\DRPSu
[2012/10/19 19:06:34 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\DVDVideoSoft
[2012/03/28 17:14:45 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Epson
[2013/01/19 13:44:07 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\eType
[2013/02/28 11:17:53 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\File Scout
[2013/01/06 15:53:36 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\FreeScreenToVideo
[2013/02/25 21:27:41 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Funmoods
[2013/02/02 13:51:48 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\GoforFiles
[2012/03/25 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Google
[2013/01/30 15:17:59 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Identities
[2012/03/28 16:42:41 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\InstallShield
[2012/03/25 02:43:00 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Macromedia
[2012/11/07 11:49:04 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Malwarebytes
[2013/01/24 16:37:06 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\MAXON
[2006/11/02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Media Center Programs
[2013/01/30 15:20:22 | 000,000,000 | --SD | M] -- C:\Users\mimi\AppData\Roaming\Microsoft
[2012/09/15 08:15:53 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Mozilla
[2012/11/21 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\NCH Software
[2013/01/30 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Nosibay
[2012/12/01 22:47:32 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\NVIDIA
[2013/03/01 17:01:02 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\OfferBox
[2012/10/19 18:57:36 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\OpenCandy
[2012/04/26 21:28:47 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\OpenOffice.org
[2013/03/03 09:02:51 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\PerformerSoft
[2012/06/10 16:52:44 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\PhotoFiltre
[2013/01/20 19:56:44 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\PhotoFiltre 7
[2013/03/11 22:27:11 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\player
[2012/12/01 22:47:49 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Publish Providers
[2012/03/28 18:43:11 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\QuickScan
[2012/12/10 22:00:54 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\redsn0w
[2012/07/27 10:48:30 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012/12/31 13:03:35 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\SearchProtect
[2013/02/27 15:04:19 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Searchya
[2012/06/29 16:15:08 | 000,000,000 | RH-D | M] -- C:\Users\mimi\AppData\Roaming\SecuROM
[2012/08/21 18:17:13 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\SFR
[2013/03/28 23:31:46 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Skype
[2013/02/25 21:57:28 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Sony
[2013/02/18 14:03:20 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\SpecialSavings
[2013/02/19 11:08:58 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Systweak
[2013/02/16 11:29:08 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\TechSmith
[2013/02/09 18:16:49 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\TS3Client
[2013/02/18 23:06:21 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\TuneUp Software
[2013/03/30 19:34:06 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\uTorrent
[2012/11/05 15:05:23 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\WinBatch
[2012/08/17 17:43:39 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\Windows Live Writer
[2012/11/22 14:57:35 | 000,000,000 | ---D | M] -- C:\Users\mimi\AppData\Roaming\WinRAR
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2013/02/25 16:37:02 | 000,009,808 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\BabSolution\Shared\BabMaint.exe
[2013/02/25 16:37:03 | 000,011,344 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\BabSolution\Shared\BUSUninstall.exe
[2013/03/21 12:48:04 | 000,394,736 | ---- | M] (Babylon Ltd.) -- C:\Users\mimi\AppData\Roaming\BabSolution\Shared\GUninstaller.exe
[2012/07/24 15:28:04 | 000,698,048 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\BrowserCompanion\tbhcn.exe
[2013/03/29 19:13:10 | 000,450,560 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\cacaoweb\cacaoweb.exe
[2012/05/30 11:38:40 | 000,195,256 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\DRPSu\DrvUpdater.exe
[2012/07/25 16:14:24 | 000,300,440 | ---- | M] (DMI) -- C:\Users\mimi\AppData\Roaming\eType\eTypeUninstall.exe
[2013/02/27 16:32:38 | 000,259,584 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\File Scout\filescout.exe
[2013/03/02 22:22:14 | 000,062,902 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\File Scout\uninst.exe
[2013/01/26 08:54:32 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Users\mimi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/11/07 14:53:04 | 000,010,134 | R--- | M] () -- C:\Users\mimi\AppData\Roaming\Microsoft\Installer\{AFA196FB-2500-C411-3C85-51BF31949684}\ARPPRODUCTICON.exe
[2013/01/26 22:06:50 | 000,010,134 | R--- | M] () -- C:\Users\mimi\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2007/11/27 09:41:32 | 000,405,504 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe
[2012/10/02 20:27:42 | 027,844,512 | ---- | M] (TuneUp Software) -- C:\Users\mimi\AppData\Roaming\OpenCandy\051EF1F4F75143C4B723050BDE3DF735\TuneUpUtilities2013_2200324_fr-FR.exe
[2012/12/26 19:17:00 | 002,213,272 | ---- | M] (Conduit) -- C:\Users\mimi\AppData\Roaming\SearchProtect\bin\cltmng.exe
[2012/12/26 19:17:14 | 000,087,552 | ---- | M] (Conduit) -- C:\Users\mimi\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe
[2012/12/31 13:03:29 | 002,700,088 | ---- | M] (Conduit) -- C:\Users\mimi\AppData\Roaming\SearchProtect\Res\SPSetup.exe
[2013/02/27 15:03:22 | 000,194,512 | ---- | M] () -- C:\Users\mimi\AppData\Roaming\Searchya\UpdateProc\UpdateTask.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/04/11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\advapi32.dll
[2009/04/11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\apphelp.dll
[2008/01/21 04:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\clbcatq.dll
[2009/04/11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\comdlg32.dll
[2008/01/21 04:48:31 | 000,798,208 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dbghelp.dll
[2009/04/11 08:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dhcpcsvc.dll
[2009/04/11 08:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dhcpcsvc6.dll
[2011/03/02 17:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dnsapi.dll
[2008/01/21 04:48:55 | 000,039,936 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dwmapi.dll
[2012/03/25 15:49:21 | 000,353,792 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2012/03/25 15:49:21 | 000,223,232 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll
[2009/04/11 08:26:43 | 000,303,616 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\gdi32.dll
[2013/02/02 05:42:27 | 009,738,240 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll
[2012/03/25 15:49:20 | 000,118,784 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\iepeers.dll
[2013/02/02 05:23:51 | 001,796,096 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\iertutil.dll
[2012/02/29 17:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\imagehlp.dll
[2009/04/11 08:26:43 | 000,116,224 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\imm32.dll
[2009/04/11 08:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\IPHLPAPI.DLL
[2012/09/28 18:13:29 | 000,860,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\kernel32.dll
[2009/04/11 08:26:44 | 000,023,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\lpk.dll
[2009/04/11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\msctf.dll
[2006/11/02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\msimg32.dll
[2011/12/14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\msvcrt.dll
[2012/11/02 12:19:33 | 001,248,768 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\msxml3.dll
[2006/11/02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\normaliz.dll
[2008/01/21 04:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\nsi.dll
[2011/11/18 22:55:05 | 001,167,984 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ntdll.dll
[2010/06/28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ole32.dll
[2011/08/25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\oleacc.dll
[2011/08/25 18:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\oleaut32.dll
[2008/01/21 04:50:09 | 000,101,888 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\oledlg.dll
[2006/11/02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\psapi.dll
[2009/04/23 14:15:39 | 000,677,376 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\rpcrt4.dll
[2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\rsaenh.dll
[2012/06/02 02:05:11 | 000,077,312 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\secur32.dll
[2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\shell32.dll
[2012/11/22 05:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\shlwapi.dll
[2013/02/02 05:31:03 | 001,103,872 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\urlmon.dll
[2009/04/11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\user32.dll
[2010/04/16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\usp10.dll
[2008/01/21 04:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\uxtheme.dll
[2009/04/11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\version.dll
[2013/02/02 05:30:21 | 001,129,472 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\wininet.dll
[2011/10/14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\winmm.dll
[2008/01/21 04:50:15 | 000,014,848 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\winnsi.dll
[2010/09/13 17:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\wmp.dll
[2008/01/21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ws2_32.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/12/05 03:15:17 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/12/05 03:15:17 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/12/05 03:15:17 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/12/05 03:15:17 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2012/03/25 15:49:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2012/03/25 15:49:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2012/03/25 15:49:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2013/02/02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013/02/02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
 
[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/03/25 15:49:17 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/03/25 15:49:17 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/03/25 15:49:17 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/02/02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2013/02/02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
 
[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
Serveur :  neufbox
Address:  192.168.1.1
 
[color=#A23BEC]<  >[/color]

< End of report >