Se connecter / S'enregistrer
Votre question

virus virtumonde.dll et virtumonde

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Juin 2008 02:04:30

Bonjour,

Je suis désespérée, j'ai suivi les deux premières étapes pour me débarasser du virtumonde.dll mais je n'arrive pas à appliquer la dernière étape : la suppression des virus.

Je ne trouve pas Download_mbam-setup.exe dans le logiciel MalwareByle's Anti-Madware.

Je lance un SOS

Merci de me répondre

Autres pages sur : virus virtumonde dll virtumonde

11 Juin 2008 11:42:45

:hello:  Bonjour,

1) Téléchargez ATF Cleaner sur votre Bureau.

  • Faites un double clic sur ATF-Cleaner.exe pour lancer le programme.
  • Cliquez sur Select All situé en bas de la liste.
  • Cliquez sur le bouton Empty Selected.

    Si vous utilisez le navigateur Firefox, faites aussi ceci :
  • Cliquez sur Firefox en haut et choisissez Select All dans la liste.
  • Cliquez sur le bouton Empty Selected.
  • NOTE : Si vous désirez conserver vos mots de passe enregistrés, cliquez sur No dans le message d'avertissement.

    Si vous utilisez le navigateur Opera, faites aussi ceci :
  • Cliquez sur Opera en haut et choisissez Select All dans la liste.
  • Fermez TOUS les navigateurs Internet (très important).
  • Cliquez sur le bouton Empty Selected.
  • NOTE : Si vous désirez conserver vos mots de passe enregistrés, cliquez sur No dans le message d'avertissement.
    Cliquez sur Exit dans le menu principal pour fermer le programme.

    2) Ensuite, téléchargez OTScanIt.exe sur votre Bureau, et faites un double clic dessus pour extraire les fichiers. Ceci va créer un dossier nommé OTScanIt sur votre Bureau.

    N.B : Si pendant le téléchargement et/ou l’installation tu reçois une alerte de ton antivirus, ignore-là. Certains composants de OTscanIT peuvent être détectés comme un virus par certains antivirus. Pense aussi à désactiver tes protections résidentes durant la procédure.

    Note : Vous devez avoir ouvert une session avec un compte ayant les droits Administrateur pour exécuter ce programme.

  • Fermez TOUS LES AUTRES PROGRAMMES.
  • Ouvrez le dossier OTScanIt et faites un double clic sur OTScanIt.exe pour lancer le programme (si vous êtes sous Windows Vista, faites un clic droit sur le programme et choisissez Exécuter en tant qu'Administrateur).
  • Dans la section Drivers cliquez sur Non-Microsoft.
  • Sous Additional Scans cochez la case située devant les éléments suivants afin de les sélectionner :

    Reg - BotCheck
    File - Additional Folder Scans


  • Ne modifiez aucun autre paramètre.
  • Ensuite, cliquez sur le bouton Run Scan dans la barre d'outils.
  • Laissez le programme tourner sans intervenir.
  • Lorsque l'analyse est terminée le Bloc-notes va s'ouvrir pour afficher le fichier rapport.
  • Cliquez sur le menu Format et vérifiez que Retour automatique à la ligne n'est pas coché. S'il l'est, cliquez dessus afin de le décocher.
    Utilisez le bouton Répondre et faites un copier/coller de ces informations ici. Je les examinerai dès leur arrivée. Vérifiez que la première ligne est code entouré de crochets [] et que la dernière ligne est /code entouré de crochets [].

    Si, après avoir envoyé votre message, la dernière ligne n'est pas <End of Report> cela signifie que le rapport est trop long pour tenir dans un seul message, et vous devez dans ce cas le découper en plusieurs messages, ou le mettre sur Mediafire : http://www.mediafire.com

    ;) 
    20 Juin 2008 20:11:44

    [code]
    OTScanIt logfile created on: 20/06/2008 19:57:01
    OTScanIt by OldTimer - Version 1.0.15.15 Folder = C:\Documents and Settings\Fab-Admin\Bureau\OTScanIt
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1023,36 Mb Total Physical Memory | 518,25 Mb Available Physical Memory | 50,64% Memory free
    2,40 Gb Paging File | 2,00 Gb Available in Paging File | 83,34% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 78,11 Gb Total Space | 59,50 Gb Free Space | 76,17% Space Free | Partition Type: FAT32
    Drive D: | 151,82 Gb Total Space | 86,80 Gb Free Space | 57,17% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive J: | 7,49 Gb Total Space | 4,97 Gb Free Space | 66,39% Space Free | Partition Type: FAT32

    Computer Name: ACER-E500-FAB
    Current User Name: Fab-Admin
    Logged in as Administrator.
    Current Boot Mode: Normal
    Scan Mode: Current user

    [Processes - Non-Microsoft Only]
    aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 17272 bytes | Modified Date = 16/05/2008 01:06:58 | Attr = ]
    ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 144760 bytes | Modified Date = 16/05/2008 01:19:24 | Attr = ]
    nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7801 | Size = 127043 bytes | Modified Date = 02/08/2005 16:35:00 | Attr = ]
    ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 247160 bytes | Modified Date = 16/05/2008 01:19:00 | Attr = ]
    ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 349560 bytes | Modified Date = 16/05/2008 01:17:00 | Attr = ]
    jusched.exe -> %ProgramFiles%\Java\jre1.5.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 36975 bytes | Modified Date = 04/03/2005 03:36:46 | Attr = ]
    airpluscfg.exe -> %ProgramFiles%\D-Link\AirPlus XtremeG\AirPlusCFG.exe -> D-Link [Ver = 3, 3, 1, 50804 | Size = 1294336 bytes | Modified Date = 04/08/2005 21:13:10 | Attr = ]
    wzcsldr2.exe -> %ProgramFiles%\ANI\ANIWZCS2 Service\WZCSLDR2.exe -> Alpha Networks Inc. [Ver = 1, 0, 6, 41216 | Size = 49152 bytes | Modified Date = 16/12/2004 17:49:14 | Attr = ]
    ashdisp.exe -> %SystemDrive%\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 79224 bytes | Modified Date = 16/05/2008 01:19:32 | Attr = ]
    flockbox.exe -> %ProgramFiles%\My Lockbox\flockbox.exe -> FSPro Labs [Ver = 1.2.1.61 | Size = 1071472 bytes | Modified Date = 14/12/2007 16:59:20 | Attr = ]
    e_s4i0k2.exe -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 12/09/2003 05:00:00 | Attr = ]
    nmbgmonitor.exe -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 2,0,5,0 | Size = 153136 bytes | Modified Date = 12/03/2007 13:49:26 | Attr = ]
    teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 28/01/2008 11:43:40 | Attr = RHS]
    googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 19/06/2008 16:01:56 | Attr = ]
    nmindexingservice.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,5,0 | Size = 271920 bytes | Modified Date = 12/03/2007 13:49:46 | Attr = ]
    nmindexstoresvr.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexStoreSvr.exe -> Nero AG [Ver = 2,0,5,0 | Size = 1209904 bytes | Modified Date = 12/03/2007 13:49:46 | Attr = ]
    otscanit.exe -> %UserProfile%\Bureau\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.15.15 | Size = 397312 bytes | Modified Date = 12/06/2008 00:29:06 | Attr = ]

    [Win32 Services - Non-Microsoft Only]
    (ANIWZCSdService) ANIWZCSd Service [Win32_Shared | Auto | Stopped] -> %ProgramFiles%\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -> Alpha Networks Inc. [Ver = 1, 0, 1, 30507 | Size = 49152 bytes | Modified Date = 22/10/2004 13:42:44 | Attr = ]
    (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 17272 bytes | Modified Date = 16/05/2008 01:06:58 | Attr = ]
    (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\Ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 364544 bytes | Modified Date = 14/04/2005 22:09:32 | Attr = ]
    (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 144760 bytes | Modified Date = 16/05/2008 01:19:24 | Attr = ]
    (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 247160 bytes | Modified Date = 16/05/2008 01:19:00 | Attr = ]
    (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 349560 bytes | Modified Date = 16/05/2008 01:17:00 | Attr = ]
    (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = ]
    (NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 3, 2 | Size = 779824 bytes | Modified Date = 14/03/2007 19:19:10 | Attr = ]
    (NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,5,0 | Size = 271920 bytes | Modified Date = 12/03/2007 13:49:46 | Attr = ]
    (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7801 | Size = 127043 bytes | Modified Date = 02/08/2005 16:35:00 | Attr = ]
    (BlueSoleil Hid Service) BlueSoleil Hid Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\IVT Corporation\BlueSoleil\BTNtService.exe -> [Ver = | Size = 110592 bytes | Modified Date = 06/04/2005 16:03:28 | Attr = ]

    [Driver Services - Non-Microsoft Only]
    (A5AGU) D-Link USB Wireless Network Adapter Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\A5AGU.sys -> D-Link Corporation [Ver = 1.5.200.27 | Size = 348352 bytes | Modified Date = 26/07/2005 14:32:14 | Attr = ]
    (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 26944 bytes | Modified Date = 16/05/2008 01:13:26 | Attr = ]
    (Afc) PPdus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Afc.sys -> Arcsoft, Inc. [Ver = 1, 0, 0, 2 | Size = 11776 bytes | Modified Date = 23/02/2005 14:58:56 | Attr = ]
    (AliIde) AliIde [Kernel | Boot | Running] -> %SystemRoot%\system32\DRIVERS\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (ANIO) ANIO Service [Kernel | Auto | Running] -> %SystemRoot%\system32\ANIO.SYS -> Alpha Networks Inc. [Ver = 2.0.0.30505 | Size = 28205 bytes | Modified Date = 27/07/2004 11:20:46 | Attr = ]
    (AnyDVD) AnyDVD [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.4.5.0 | Size = 99648 bytes | Modified Date = 17/06/2008 15:59:16 | Attr = ]
    (APL531) Hercules Dualpix HD Webcam [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\HDvid.sys -> Guillemont Corporation [Ver = 5.2.2603.20 | Size = 275072 bytes | Modified Date = 08/12/2006 14:02:50 | Attr = ]
    (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\DRIVERS\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 20560 bytes | Modified Date = 16/05/2008 01:16:06 | Attr = ]
    (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 94416 bytes | Modified Date = 16/05/2008 01:18:34 | Attr = ]
    (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 23152 bytes | Modified Date = 16/05/2008 01:15:30 | Attr = ]
    (aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 78416 bytes | Modified Date = 16/05/2008 01:20:32 | Attr = ]
    (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 42912 bytes | Modified Date = 16/05/2008 01:14:12 | Attr = ]
    (ATHFMWDL) D-Link predator Bootloader driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\ATHFMWDL.sys -> Windows (R) 2000 DDK provider [Ver = 5.1.2600.0 | Size = 43392 bytes | Modified Date = 26/07/2005 14:35:36 | Attr = ]
    (ati2mtag) ati2mtag [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6534 | Size = 1130496 bytes | Modified Date = 14/04/2005 22:14:58 | Attr = ]
    (camfilt) camfilt [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\camfilt.sys -> Guillemot Corporation [Ver = 1.1.0.0 | Size = 24192 bytes | Modified Date = 16/11/2006 16:01:42 | Attr = ]
    (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154496 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> %SystemRoot%\System32\Drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 1, 0 | Size = 25160 bytes | Modified Date = 07/08/2007 21:48:34 | Attr = ]
    (ElbyDelay) ElbyDelay [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\ElbyDelay.sys -> Elaborate Bytes AG [Ver = 5, 1, 0, 1 | Size = 11984 bytes | Modified Date = 16/02/2007 02:56:50 | Attr = ]
    (HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HdAudio.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
    (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 17:07:18 | Attr = ]
    (HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFBS2S2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFDPSP2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (int15.sys) int15.sys [Kernel | Auto | Running] -> %ProgramFiles%\Acer\eRecovery\int15.sys -> [Ver = | Size = 69632 bytes | Modified Date = 13/01/2005 14:46:16 | Attr = ]
    (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5127 built by: WinDDK | Size = 3134976 bytes | Modified Date = 14/06/2005 08:48:00 | Attr = ]
    (m5287) m5287 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\m5287.sys -> ULi Electronics Inc. [Ver = 6.203 | Size = 85888 bytes | Modified Date = 05/02/2005 07:00:12 | Attr = ]
    (Maplom) Maplom [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\maplom.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 37312 bytes | Modified Date = 20/05/2008 11:43:58 | Attr = ]
    (MaplomL) MaplomL [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\maploml.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 36288 bytes | Modified Date = 20/05/2008 11:43:10 | Attr = ]
    (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (MPRIFL) MPRIFL [Kernel | Boot | Running] -> %SystemRoot%\SYSTEM32\DRIVERS\MPRIFL.SYS -> FSPro Labs [Ver = 2.9.0.193 built by: WinDDK | Size = 17264 bytes | Modified Date = 13/12/2007 20:13:02 | Attr = ]
    (NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\NTIDrvr.sys -> NewTech Infosystems, Inc. [Ver = 1, 0, 0, 6 | Size = 6144 bytes | Modified Date = 25/06/2005 07:48:22 | Attr = ]
    (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.7801 | Size = 3198560 bytes | Modified Date = 02/08/2005 16:35:00 | Attr = ]
    (PQNTDrv) PQNTDrv [Kernel | System | Running] -> %SystemRoot%\System32\drivers\PQNTDRV.sys -> PowerQuest Corporation [Ver = 8.00.000 | Size = 4228 bytes | Modified Date = 05/05/2004 21:48:40 | Attr = ]
    (Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 12:25:54 | Attr = ]
    (SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Stopped] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20080617.001\symidsco.sys -> File not found
    (UBHelper) UBHelper [Kernel | System | Running] -> %SystemRoot%\System32\drivers\UBHelper.sys -> [Ver = | Size = 13952 bytes | Modified Date = 17/12/2004 17:14:44 | Attr = ]
    (winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFCXTS2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\yk51x86.sys -> Marvell [Ver = 8.24.3.3 built by: WinDDK | Size = 230400 bytes | Modified Date = 30/03/2005 17:18:40 | Attr = ]
    (BlueletAudio) Bluetooth Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\blueletaudio.sys -> IVT Corporation [Ver = 1.2 | Size = 20480 bytes | Modified Date = 31/08/2005 10:34:10 | Attr = ]
    (BlueletSCOAudio) Bluetooth SCO Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\BlueletSCOAudio.sys -> IVT Corporation [Ver = 1.2 | Size = 20480 bytes | Modified Date = 31/08/2005 10:34:52 | Attr = ]
    (BT) Bluetooth PAN Network Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\btnetdrv.sys -> IVT Corporation [Ver = 1.2.0 | Size = 9696 bytes | Modified Date = 29/09/2005 16:20:48 | Attr = ]
    (BTHidMgr) Bluetooth HID Manager Service [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\BTHidMgr.sys -> IVT Corporation [Ver = 1.2.2.0 | Size = 28271 bytes | Modified Date = 30/04/2005 14:50:10 | Attr = ]
    (BTHidEnum) Bluetooth HID Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\vbtenum.sys -> [Ver = | Size = 11988 bytes | Modified Date = 29/07/2005 16:21:32 | Attr = ]
    (VcommMgr) Bluetooth VComm Manager Service [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\VcommMgr.sys -> IVT Corporation [Ver = 2.20 | Size = 82148 bytes | Modified Date = 25/03/2005 17:18:48 | Attr = ]
    (VComm) Virtual Serial port driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\VComm.sys -> IVT Corporation [Ver = 2.20 | Size = 61312 bytes | Modified Date = 19/10/2004 13:37:38 | Attr = ]

    [Registry - Non-Microsoft Only]
    < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    -> [] -> File not found
    ANIWZCS2Service -> %ProgramFiles%\ANI\ANIWZCS2 Service\WZCSLDR2.exe [C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe] -> Alpha Networks Inc. [Ver = 1, 0, 6, 41216 | Size = 49152 bytes | Modified Date = 16/12/2004 17:49:14 | Attr = ]
    avast! -> %SystemDrive%\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 79224 bytes | Modified Date = 16/05/2008 01:19:32 | Attr = ]
    D-Link AirPlus XtremeG -> %ProgramFiles%\D-Link\AirPlus XtremeG\AirPlusCFG.exe [C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe] -> D-Link [Ver = 3, 3, 1, 50804 | Size = 1294336 bytes | Modified Date = 04/08/2005 21:13:10 | Attr = ]
    EPSON Stylus Photo RX500 -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /O6 "USB001" /M "Stylus Photo RX500"] -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 12/09/2003 05:00:00 | Attr = ]
    flockbox -> %ProgramFiles%\My Lockbox\flockbox.exe [C:\Program Files\My Lockbox\flockbox.exe /a] -> FSPro Labs [Ver = 1.2.1.61 | Size = 1071472 bytes | Modified Date = 14/12/2007 16:59:20 | Attr = ]
    High Definition Audio Property Page Shortcut -> %SystemRoot%\system32\HDAShCut.exe [HDAShCut.exe] -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
    SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_02\bin\jusched.exe [C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe] -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 36975 bytes | Modified Date = 04/03/2005 03:36:46 | Attr = ]
    < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"] -> Nero AG [Ver = 2,0,5,0 | Size = 153136 bytes | Modified Date = 12/03/2007 13:49:26 | Attr = ]
    ccleaner -> %ProgramFiles%\CCleaner\CCleaner.exe ["C:\Program Files\CCleaner\CCleaner.exe" /AUTO] -> Piriform Ltd [Ver = 2, 8, 0, 588 | Size = 1197296 bytes | Modified Date = 28/05/2008 16:40:18 | Attr = ]
    EPSON Stylus Photo RX500 -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /M "Stylus Photo RX500" /EF "HKCU"] -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 12/09/2003 05:00:00 | Attr = ]
    SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 28/01/2008 11:43:40 | Attr = RHS]
    swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 19/06/2008 16:01:56 | Attr = ]
    < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
    %AllUsersProfile%\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 14/12/2004 04:44:06 | Attr = ]
    -> %AllUsersProfile%\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk -> File not found
    < Fab-Admin Startup Folder > -> C:\Documents and Settings\Fab-Admin\Menu Démarrer\Programmes\Démarrage ->
    < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
    < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
    AtiExtEvent -> %SystemRoot%\system32\Ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 46080 bytes | Modified Date = 14/04/2005 22:10:36 | Attr = ]
    < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
    < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> FF FF FF FF [binary data] ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
    < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
    *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
    SCSI miniport -> -> File not found
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> Pilote de CD-ROM ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
    *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable ->
    NEC MBR-7 -> -> File not found
    NEC MBR-7.4 -> -> File not found
    PIONEER CHANGR DRM-1804X -> -> File not found
    PIONEER CD-ROM DRM-6324X -> -> File not found
    PIONEER CD-ROM DRM-624X -> -> File not found
    TORiSAN CD-ROM CDR_C36 -> -> File not found
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomHL-DT-ST_DVDRRW_GWA-4164B_______________1.02____\5&ed87538&0&0.0.0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 1 ->
    < Drives - Autoruns > -> ->
    AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625 | ] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [Ver = | Size = 50 bytes | Modified Date = 25/06/2005 07:48:40 | Attr = ]
    autorun.inf [] -> %SystemDrive%\autorun.inf [ FAT32 ] -> [Folder | Modified Date = 20/06/2008 10:48:02 | Attr = RHS]
    autorun.inf [] -> D:\autorun.inf [ NTFS ] -> [Folder | Modified Date = 19/06/2008 14:38:45 | Attr = RHS]
    autorun.inf [] -> J:\autorun.inf [ FAT32 ] -> [Folder | Modified Date = 19/06/2008 14:38:46 | Attr = RHS]
    < HOSTS File > (250491 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
    < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
    HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
    HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
    HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie ->
    HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie ->
    < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
    HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
    HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/ie ->
    HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com ->
    HKEY_CURRENT_USER\: Main\\Start Page -> http://www.aliceadsl.fr/ ->
    HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie ->
    HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/search?q=%s[Reg Error: Value provider does not exist or could not be read.] ->
    HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
    < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4603 domain(s) found. ->
    41 domain(s) and sub-domain(s) not assigned to a zone.
    < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
    < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4602 domain(s) found. ->
    40 domain(s) and sub-domain(s) not assigned to a zone.
    < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 14/12/2004 01:56:50 | Attr = ]
    {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\SPYBOT~1\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 28/01/2008 11:43:28 | Attr = ]
    {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = R ]
    < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = R ]
    < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
    ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
    WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = R ]
    < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\SPYBOT~1\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 28/01/2008 11:43:28 | Attr = ]
    < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
    PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
    PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&m... ->
    < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
    {30D1234A-A083-4ACF-BCDA-D35BCFB35EB1} -> (Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller) ->
    {3CE57B0D-45A6-4F0C-B29C-C7382C36BB25} -> (D-Link AirPlus Xtreme G DWL-G132 Wireless USB Adapter(rev.A)) ->
    {7B440BF9-BB73-482D-A351-596EB2001AEC} -> () ->
    {D4969C19-515B-47C8-9A01-520FDC483361} -> () ->
    {E7394D88-D6B4-4EF7-B886-218166E7B8A7} -> (Carte réseau 1394) ->
    < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
    ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
    msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
    {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-wind...[Java Plug-in 1.5.0_02] ->
    {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-wind...[Java Plug-in 1.5.0_02] ->
    {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/fla...[Shockwave Flash Object] ->
    < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\.Owner -> {D27CDB6E-AE6D-11CF-96B8-444553540000} ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\{D27CDB6E-AE6D-11CF-96B8-444553540000} -> ->


    [Registry - Additional Scans - Non-Microsoft Only]
    < BotCheck > -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->
    *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
    msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] ->
    *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
    kerberos -> %SystemRoot%\System32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 19:50:32 | Attr = ]
    msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    schannel -> %SystemRoot%\System32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 16:22:36 | Attr = ]
    wdigest -> %SystemRoot%\System32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 24/03/2006 06:37:52 | Attr = ]
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 908 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 ->
    *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages ->
    scecli -> %SystemRoot%\System32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 186368 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> ->
    *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder ->
    Windows NT Access Provider -> -> File not found
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 119808 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 17 4D C7 FC D9 4C 92 D9 91 20 E6 8A A9 D5 10 FC 32 35 39 37 63 65 38 36 00 00 00 00 B0 86 00 00 18 CA 06 00 99 D0 B5 71 04 CA 06 00 10 00 00 00 00 00 00 00 6E 0F 08 8F C7 29 97 BB 3F 06 51 25 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> CA 8E 48 CA BC 45 AF 33 74 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> FA 35 B5 EC F9 6B [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 1A 0C 19 A6 A1 1B D6 A8 AA D8 A0 14 32 8C 06 0E [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 36 E1 E5 3B 16 D2 C8 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 60 A7 AD A0 7A C4 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 F8 E2 4B 98 7A C4 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 60 A7 AD A0 7A C4 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 156 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 332800 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:04 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acer\Acer eConsole\MediaSync.exe -> %ProgramFiles%\Acer\Acer eConsole\MediaSync.exe [C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acer\Acer eConsole\eConsole.exe -> %ProgramFiles%\Acer\Acer eConsole\eConsole.exe [C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acer\Acer eConsole\MediaServerService.exe -> %ProgramFiles%\Acer\Acer eConsole\MediaServerService.exe [C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe -> %CommonProgramFiles%\Ahead\Nero Web\SetupX.exe [C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup] -> Nero AG [Ver = 1, 6, 28, 0 | Size = 1775152 bytes | Modified Date = 09/03/2007 18:53:44 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> %ProgramFiles%\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> Microsoft Corporation [Ver = 12.0.6300.5000 | Size = 12829216 bytes | Modified Date = 12/12/2007 23:56:18 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:04 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe -> %ProgramFiles%\Hercules\Hercules DualPix HD Webcam\Station2.exe [C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe:*:Enabled:Hercules Webcam Station Evolution] -> Hercules [Ver = 2.6.0.0 | Size = 9887744 bytes | Modified Date = 02/03/2007 12:50:44 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\Temp\NavBrowser.exe -> %SystemRoot%\Temp\NavBrowser.exe [C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser] -> Naviant, Inc. [Ver = 1.0.1.2 | Size = 212992 bytes | Modified Date = 12/09/2001 14:42:58 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe -> %ProgramFiles%\IVT Corporation\BlueSoleil\BlueSoleil.exe [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil] -> IVT Corporation [Ver = 1, 6, 4, 0 | Size = 1200128 bytes | Modified Date = 20/09/2005 10:28:16 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 ->


    [Files/Folders - Created Within 30 days]
    FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Created Date = 19/06/2008 16:09:06 | Attr = HS]
    FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Created Date = 19/06/2008 16:10:24 | Attr = HS]
    hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073139712 bytes | Created Date = 19/06/2008 16:34:50 | Attr = HS]
    TempDVD -> %SystemDrive%\TempDVD -> [Folder | Created Date = 20/06/2008 09:26:20 | Attr = ]
    MSOCache -> %SystemDrive%\MSOCache -> [Folder | Created Date = 20/06/2008 09:30:58 | Attr = RH ]
    autorun.inf -> %SystemDrive%\autorun.inf -> [Folder | Created Date = 20/06/2008 10:48:00 | Attr = RHS]
    _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 20/06/2008 19:46:22 | Attr = ]
    HSFCXTS2.sys -> %SystemRoot%\System32\drivers\HSFCXTS2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    HSFBS2S2.sys -> %SystemRoot%\System32\drivers\HSFBS2S2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    HSFDPSP2.sys -> %SystemRoot%\System32\drivers\HSFDPSP2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    mdmxsdk.sys -> %SystemRoot%\System32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    cxthsfS2.cty -> %SystemRoot%\System32\drivers\cxthsfS2.cty -> [Ver = | Size = 129045 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 19/06/2008 17:27:40 | Attr = ]
    MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 19/06/2008 17:27:43 | Attr = H ]
    aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 94416 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 78416 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 20560 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 26944 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 42912 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 23152 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    mprifl.sys -> %SystemRoot%\System32\drivers\mprifl.sys -> FSPro Labs [Ver = 2.9.0.193 built by: WinDDK | Size = 17264 bytes | Created Date = 20/06/2008 08:49:02 | Attr = ]
    AnyDVD.sys -> %SystemRoot%\System32\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.4.5.0 | Size = 99648 bytes | Created Date = 17/06/2008 15:59:14 | Attr = ]
    maplom.sys -> %SystemRoot%\System32\drivers\maplom.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 37312 bytes | Created Date = 20/06/2008 09:09:12 | Attr = ]
    maploml.sys -> %SystemRoot%\System32\drivers\maploml.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 36288 bytes | Created Date = 20/06/2008 09:25:54 | Attr = ]
    HDvid.sys -> %SystemRoot%\System32\drivers\HDvid.sys -> Guillemont Corporation [Ver = 5.2.2603.20 | Size = 275072 bytes | Created Date = 20/06/2008 11:39:12 | Attr = ]
    camfilt.sys -> %SystemRoot%\System32\drivers\camfilt.sys -> Guillemot Corporation [Ver = 1.1.0.0 | Size = 24192 bytes | Created Date = 20/06/2008 11:39:12 | Attr = ]
    StarOpen.sys -> %SystemRoot%\System32\drivers\StarOpen.sys -> [Ver = | Size = 5632 bytes | Created Date = 20/06/2008 19:13:28 | Attr = ]
    mcheck.mhf -> %SystemRoot%\System32\mcheck.mhf -> [Ver = | Size = 28 bytes | Created Date = 20/06/2008 09:09:11 | Attr = ]
    escimgd.dll -> %SystemRoot%\System32\escimgd.dll -> SEIKO EPSON CORP. [Ver = 1.05 | Size = 46080 bytes | Created Date = 20/06/2008 18:51:37 | Attr = ]
    actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 20/06/2008 08:32:52 | Attr = ]
    aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 1152888 bytes | Created Date = 20/06/2008 08:32:52 | Attr = ]
    AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 95608 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    FraPlus1.ocx -> %SystemRoot%\System32\FraPlus1.ocx -> Innovasys [Ver = 1.01.0026 | Size = 471040 bytes | Created Date = 20/06/2008 08:39:04 | Attr = ]
    lame_enc.dll -> %SystemRoot%\System32\lame_enc.dll -> [Ver = | Size = 237568 bytes | Created Date = 20/06/2008 08:55:48 | Attr = ]
    OfficeMenu2003.ocx -> %SystemRoot%\System32\OfficeMenu2003.ocx -> ZNsoft Corporation [Ver = 1.04 | Size = 225280 bytes | Created Date = 20/06/2008 08:39:04 | Attr = ]
    BtnPlus1.ocx -> %SystemRoot%\System32\BtnPlus1.ocx -> Innovasys [Ver = 1.01.0033 | Size = 606208 bytes | Created Date = 20/06/2008 08:39:04 | Attr = ]
    AudDesign.dll -> %SystemRoot%\System32\AudDesign.dll -> NCT Company Ltd. [Ver = 2,6,1,107 | Size = 2084864 bytes | Created Date = 20/06/2008 08:55:48 | Attr = ]
    AudFile.dll -> %SystemRoot%\System32\AudFile.dll -> NCT Company Ltd. [Ver = 2,6,2,570 | Size = 1986560 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    AudDisplay.dll -> %SystemRoot%\System32\AudDisplay.dll -> NCT Company Ltd. [Ver = 2,6,1,107 | Size = 417792 bytes | Created Date = 20/06/2008 08:55:48 | Attr = ]
    AudPlayer.dll -> %SystemRoot%\System32\AudPlayer.dll -> NCT Company Ltd. [Ver = 2,6,1,260 | Size = 458752 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    AudioVisu.dll -> %SystemRoot%\System32\AudioVisu.dll -> NCT Company Ltd. [Ver = 2,6,1,108 | Size = 479232 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    WMAFile.dll -> %SystemRoot%\System32\WMAFile.dll -> NCT Company Ltd. [Ver = 2,4,1,113 | Size = 348160 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    esccmd.dll -> %SystemRoot%\System32\esccmd.dll -> SEIKO EPSON CORP. [Ver = 1.05 | Size = 22528 bytes | Created Date = 20/06/2008 18:51:37 | Attr = ]
    Audi
    Contenus similaires
    20 Juin 2008 20:23:13

    [code]
    OTScanIt logfile created on: 20/06/2008 20:19:26
    OTScanIt by OldTimer - Version 1.0.15.15 Folder = C:\Documents and Settings\Fab-Admin\Bureau\OTScanIt
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1023,36 Mb Total Physical Memory | 526,83 Mb Available Physical Memory | 51,48% Memory free
    2,40 Gb Paging File | 1,99 Gb Available in Paging File | 82,71% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 78,11 Gb Total Space | 60,13 Gb Free Space | 76,98% Space Free | Partition Type: FAT32
    Drive D: | 151,82 Gb Total Space | 86,80 Gb Free Space | 57,17% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive J: | 7,49 Gb Total Space | 4,97 Gb Free Space | 66,39% Space Free | Partition Type: FAT32

    Computer Name: ACER-E500-FAB
    Current User Name: Fab-Admin
    Logged in as Administrator.
    Current Boot Mode: Normal
    Scan Mode: Current user

    [Processes - Non-Microsoft Only]
    aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 17272 bytes | Modified Date = 16/05/2008 01:06:58 | Attr = ]
    ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 144760 bytes | Modified Date = 16/05/2008 01:19:24 | Attr = ]
    nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7801 | Size = 127043 bytes | Modified Date = 02/08/2005 16:35:00 | Attr = ]
    ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 247160 bytes | Modified Date = 16/05/2008 01:19:00 | Attr = ]
    ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 349560 bytes | Modified Date = 16/05/2008 01:17:00 | Attr = ]
    jusched.exe -> %ProgramFiles%\Java\jre1.5.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 36975 bytes | Modified Date = 04/03/2005 03:36:46 | Attr = ]
    airpluscfg.exe -> %ProgramFiles%\D-Link\AirPlus XtremeG\AirPlusCFG.exe -> D-Link [Ver = 3, 3, 1, 50804 | Size = 1294336 bytes | Modified Date = 04/08/2005 21:13:10 | Attr = ]
    wzcsldr2.exe -> %ProgramFiles%\ANI\ANIWZCS2 Service\WZCSLDR2.exe -> Alpha Networks Inc. [Ver = 1, 0, 6, 41216 | Size = 49152 bytes | Modified Date = 16/12/2004 17:49:14 | Attr = ]
    ashdisp.exe -> %SystemDrive%\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 79224 bytes | Modified Date = 16/05/2008 01:19:32 | Attr = ]
    flockbox.exe -> %ProgramFiles%\My Lockbox\flockbox.exe -> FSPro Labs [Ver = 1.2.1.61 | Size = 1071472 bytes | Modified Date = 14/12/2007 16:59:20 | Attr = ]
    e_s4i0k2.exe -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 12/09/2003 05:00:00 | Attr = ]
    nmbgmonitor.exe -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 2,0,5,0 | Size = 153136 bytes | Modified Date = 12/03/2007 13:49:26 | Attr = ]
    teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 28/01/2008 11:43:40 | Attr = RHS]
    googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 19/06/2008 16:01:56 | Attr = ]
    nmindexingservice.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,5,0 | Size = 271920 bytes | Modified Date = 12/03/2007 13:49:46 | Attr = ]
    nmindexstoresvr.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexStoreSvr.exe -> Nero AG [Ver = 2,0,5,0 | Size = 1209904 bytes | Modified Date = 12/03/2007 13:49:46 | Attr = ]
    otscanit.exe -> %UserProfile%\Bureau\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.15.15 | Size = 397312 bytes | Modified Date = 12/06/2008 00:29:06 | Attr = ]

    [Win32 Services - Non-Microsoft Only]
    (ANIWZCSdService) ANIWZCSd Service [Win32_Shared | Auto | Stopped] -> %ProgramFiles%\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -> Alpha Networks Inc. [Ver = 1, 0, 1, 30507 | Size = 49152 bytes | Modified Date = 22/10/2004 13:42:44 | Attr = ]
    (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 17272 bytes | Modified Date = 16/05/2008 01:06:58 | Attr = ]
    (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\Ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 364544 bytes | Modified Date = 14/04/2005 22:09:32 | Attr = ]
    (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 144760 bytes | Modified Date = 16/05/2008 01:19:24 | Attr = ]
    (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 247160 bytes | Modified Date = 16/05/2008 01:19:00 | Attr = ]
    (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 349560 bytes | Modified Date = 16/05/2008 01:17:00 | Attr = ]
    (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = ]
    (NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 3, 2 | Size = 779824 bytes | Modified Date = 14/03/2007 19:19:10 | Attr = ]
    (NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,5,0 | Size = 271920 bytes | Modified Date = 12/03/2007 13:49:46 | Attr = ]
    (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7801 | Size = 127043 bytes | Modified Date = 02/08/2005 16:35:00 | Attr = ]
    (BlueSoleil Hid Service) BlueSoleil Hid Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\IVT Corporation\BlueSoleil\BTNtService.exe -> [Ver = | Size = 110592 bytes | Modified Date = 06/04/2005 16:03:28 | Attr = ]

    [Driver Services - Non-Microsoft Only]
    (A5AGU) D-Link USB Wireless Network Adapter Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\A5AGU.sys -> D-Link Corporation [Ver = 1.5.200.27 | Size = 348352 bytes | Modified Date = 26/07/2005 14:32:14 | Attr = ]
    (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 26944 bytes | Modified Date = 16/05/2008 01:13:26 | Attr = ]
    (Afc) PPdus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Afc.sys -> Arcsoft, Inc. [Ver = 1, 0, 0, 2 | Size = 11776 bytes | Modified Date = 23/02/2005 14:58:56 | Attr = ]
    (AliIde) AliIde [Kernel | Boot | Running] -> %SystemRoot%\system32\DRIVERS\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (ANIO) ANIO Service [Kernel | Auto | Running] -> %SystemRoot%\system32\ANIO.SYS -> Alpha Networks Inc. [Ver = 2.0.0.30505 | Size = 28205 bytes | Modified Date = 27/07/2004 11:20:46 | Attr = ]
    (AnyDVD) AnyDVD [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.4.5.0 | Size = 99648 bytes | Modified Date = 17/06/2008 15:59:16 | Attr = ]
    (APL531) Hercules Dualpix HD Webcam [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\HDvid.sys -> Guillemont Corporation [Ver = 5.2.2603.20 | Size = 275072 bytes | Modified Date = 08/12/2006 14:02:50 | Attr = ]
    (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\DRIVERS\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 20560 bytes | Modified Date = 16/05/2008 01:16:06 | Attr = ]
    (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 94416 bytes | Modified Date = 16/05/2008 01:18:34 | Attr = ]
    (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 23152 bytes | Modified Date = 16/05/2008 01:15:30 | Attr = ]
    (aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 78416 bytes | Modified Date = 16/05/2008 01:20:32 | Attr = ]
    (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 42912 bytes | Modified Date = 16/05/2008 01:14:12 | Attr = ]
    (ATHFMWDL) D-Link predator Bootloader driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\ATHFMWDL.sys -> Windows (R) 2000 DDK provider [Ver = 5.1.2600.0 | Size = 43392 bytes | Modified Date = 26/07/2005 14:35:36 | Attr = ]
    (ati2mtag) ati2mtag [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6534 | Size = 1130496 bytes | Modified Date = 14/04/2005 22:14:58 | Attr = ]
    (camfilt) camfilt [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\camfilt.sys -> Guillemot Corporation [Ver = 1.1.0.0 | Size = 24192 bytes | Modified Date = 16/11/2006 16:01:42 | Attr = ]
    (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154496 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> %SystemRoot%\System32\Drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 1, 0 | Size = 25160 bytes | Modified Date = 07/08/2007 21:48:34 | Attr = ]
    (ElbyDelay) ElbyDelay [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\ElbyDelay.sys -> Elaborate Bytes AG [Ver = 5, 1, 0, 1 | Size = 11984 bytes | Modified Date = 16/02/2007 02:56:50 | Attr = ]
    (HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HdAudio.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
    (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 17:07:18 | Attr = ]
    (HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFBS2S2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFDPSP2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (int15.sys) int15.sys [Kernel | Auto | Running] -> %ProgramFiles%\Acer\eRecovery\int15.sys -> [Ver = | Size = 69632 bytes | Modified Date = 13/01/2005 14:46:16 | Attr = ]
    (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5127 built by: WinDDK | Size = 3134976 bytes | Modified Date = 14/06/2005 08:48:00 | Attr = ]
    (m5287) m5287 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\m5287.sys -> ULi Electronics Inc. [Ver = 6.203 | Size = 85888 bytes | Modified Date = 05/02/2005 07:00:12 | Attr = ]
    (Maplom) Maplom [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\maplom.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 37312 bytes | Modified Date = 20/05/2008 11:43:58 | Attr = ]
    (MaplomL) MaplomL [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\maploml.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 36288 bytes | Modified Date = 20/05/2008 11:43:10 | Attr = ]
    (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (MPRIFL) MPRIFL [Kernel | Boot | Running] -> %SystemRoot%\SYSTEM32\DRIVERS\MPRIFL.SYS -> FSPro Labs [Ver = 2.9.0.193 built by: WinDDK | Size = 17264 bytes | Modified Date = 13/12/2007 20:13:02 | Attr = ]
    (NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\NTIDrvr.sys -> NewTech Infosystems, Inc. [Ver = 1, 0, 0, 6 | Size = 6144 bytes | Modified Date = 25/06/2005 07:48:22 | Attr = ]
    (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.7801 | Size = 3198560 bytes | Modified Date = 02/08/2005 16:35:00 | Attr = ]
    (PQNTDrv) PQNTDrv [Kernel | System | Running] -> %SystemRoot%\System32\drivers\PQNTDRV.sys -> PowerQuest Corporation [Ver = 8.00.000 | Size = 4228 bytes | Modified Date = 05/05/2004 21:48:40 | Attr = ]
    (Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 12:25:54 | Attr = ]
    (SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Stopped] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20080617.001\symidsco.sys -> File not found
    (UBHelper) UBHelper [Kernel | System | Running] -> %SystemRoot%\System32\drivers\UBHelper.sys -> [Ver = | Size = 13952 bytes | Modified Date = 17/12/2004 17:14:44 | Attr = ]
    (winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFCXTS2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    (yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\yk51x86.sys -> Marvell [Ver = 8.24.3.3 built by: WinDDK | Size = 230400 bytes | Modified Date = 30/03/2005 17:18:40 | Attr = ]
    (BlueletAudio) Bluetooth Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\blueletaudio.sys -> IVT Corporation [Ver = 1.2 | Size = 20480 bytes | Modified Date = 31/08/2005 10:34:10 | Attr = ]
    (BlueletSCOAudio) Bluetooth SCO Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\BlueletSCOAudio.sys -> IVT Corporation [Ver = 1.2 | Size = 20480 bytes | Modified Date = 31/08/2005 10:34:52 | Attr = ]
    (BT) Bluetooth PAN Network Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\btnetdrv.sys -> IVT Corporation [Ver = 1.2.0 | Size = 9696 bytes | Modified Date = 29/09/2005 16:20:48 | Attr = ]
    (BTHidMgr) Bluetooth HID Manager Service [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\BTHidMgr.sys -> IVT Corporation [Ver = 1.2.2.0 | Size = 28271 bytes | Modified Date = 30/04/2005 14:50:10 | Attr = ]
    (BTHidEnum) Bluetooth HID Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\vbtenum.sys -> [Ver = | Size = 11988 bytes | Modified Date = 29/07/2005 16:21:32 | Attr = ]
    (VcommMgr) Bluetooth VComm Manager Service [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\VcommMgr.sys -> IVT Corporation [Ver = 2.20 | Size = 82148 bytes | Modified Date = 25/03/2005 17:18:48 | Attr = ]
    (VComm) Virtual Serial port driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\VComm.sys -> IVT Corporation [Ver = 2.20 | Size = 61312 bytes | Modified Date = 19/10/2004 13:37:38 | Attr = ]

    [Registry - Non-Microsoft Only]
    < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    -> [] -> File not found
    ANIWZCS2Service -> %ProgramFiles%\ANI\ANIWZCS2 Service\WZCSLDR2.exe [C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe] -> Alpha Networks Inc. [Ver = 1, 0, 6, 41216 | Size = 49152 bytes | Modified Date = 16/12/2004 17:49:14 | Attr = ]
    avast! -> %SystemDrive%\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 79224 bytes | Modified Date = 16/05/2008 01:19:32 | Attr = ]
    D-Link AirPlus XtremeG -> %ProgramFiles%\D-Link\AirPlus XtremeG\AirPlusCFG.exe [C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe] -> D-Link [Ver = 3, 3, 1, 50804 | Size = 1294336 bytes | Modified Date = 04/08/2005 21:13:10 | Attr = ]
    EPSON Stylus Photo RX500 -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /O6 "USB001" /M "Stylus Photo RX500"] -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 12/09/2003 05:00:00 | Attr = ]
    flockbox -> %ProgramFiles%\My Lockbox\flockbox.exe [C:\Program Files\My Lockbox\flockbox.exe /a] -> FSPro Labs [Ver = 1.2.1.61 | Size = 1071472 bytes | Modified Date = 14/12/2007 16:59:20 | Attr = ]
    High Definition Audio Property Page Shortcut -> %SystemRoot%\system32\HDAShCut.exe [HDAShCut.exe] -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
    SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_02\bin\jusched.exe [C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe] -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 36975 bytes | Modified Date = 04/03/2005 03:36:46 | Attr = ]
    < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"] -> Nero AG [Ver = 2,0,5,0 | Size = 153136 bytes | Modified Date = 12/03/2007 13:49:26 | Attr = ]
    ccleaner -> %ProgramFiles%\CCleaner\CCleaner.exe ["C:\Program Files\CCleaner\CCleaner.exe" /AUTO] -> Piriform Ltd [Ver = 2, 8, 0, 588 | Size = 1197296 bytes | Modified Date = 28/05/2008 16:40:18 | Attr = ]
    EPSON Stylus Photo RX500 -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /M "Stylus Photo RX500" /EF "HKCU"] -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 12/09/2003 05:00:00 | Attr = ]
    SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 28/01/2008 11:43:40 | Attr = RHS]
    swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 19/06/2008 16:01:56 | Attr = ]
    < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
    %AllUsersProfile%\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 14/12/2004 04:44:06 | Attr = ]
    -> %AllUsersProfile%\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk -> File not found
    < Fab-Admin Startup Folder > -> C:\Documents and Settings\Fab-Admin\Menu Démarrer\Programmes\Démarrage ->
    < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
    < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
    AtiExtEvent -> %SystemRoot%\system32\Ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4115 | Size = 46080 bytes | Modified Date = 14/04/2005 22:10:36 | Attr = ]
    < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
    < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> FF FF FF FF [binary data] ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
    < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
    *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
    SCSI miniport -> -> File not found
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> Pilote de CD-ROM ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
    *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable ->
    NEC MBR-7 -> -> File not found
    NEC MBR-7.4 -> -> File not found
    PIONEER CHANGR DRM-1804X -> -> File not found
    PIONEER CD-ROM DRM-6324X -> -> File not found
    PIONEER CD-ROM DRM-624X -> -> File not found
    TORiSAN CD-ROM CDR_C36 -> -> File not found
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomHL-DT-ST_DVDRRW_GWA-4164B_______________1.02____\5&ed87538&0&0.0.0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 1 ->
    < Drives - Autoruns > -> ->
    AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625 | ] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [Ver = | Size = 50 bytes | Modified Date = 25/06/2005 07:48:40 | Attr = ]
    autorun.inf [] -> %SystemDrive%\autorun.inf [ FAT32 ] -> [Folder | Modified Date = 20/06/2008 10:48:02 | Attr = RHS]
    autorun.inf [] -> D:\autorun.inf [ NTFS ] -> [Folder | Modified Date = 19/06/2008 14:38:45 | Attr = RHS]
    autorun.inf [] -> J:\autorun.inf [ FAT32 ] -> [Folder | Modified Date = 19/06/2008 14:38:46 | Attr = RHS]
    < HOSTS File > (250491 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
    < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
    HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
    HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
    HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie ->
    HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie ->
    < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
    HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
    HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/ie ->
    HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com ->
    HKEY_CURRENT_USER\: Main\\Start Page -> http://www.aliceadsl.fr/ ->
    HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie ->
    HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/search?q=%s[Reg Error: Value provider does not exist or could not be read.] ->
    HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
    < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4603 domain(s) found. ->
    41 domain(s) and sub-domain(s) not assigned to a zone.
    < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
    < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4602 domain(s) found. ->
    40 domain(s) and sub-domain(s) not assigned to a zone.
    < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 14/12/2004 01:56:50 | Attr = ]
    {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\SPYBOT~1\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 28/01/2008 11:43:28 | Attr = ]
    {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = R ]
    < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = R ]
    < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
    ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
    WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/06/2008 16:01:54 | Attr = R ]
    < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\SPYBOT~1\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 28/01/2008 11:43:28 | Attr = ]
    < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
    PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
    PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&m... ->
    < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
    {30D1234A-A083-4ACF-BCDA-D35BCFB35EB1} -> (Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller) ->
    {3CE57B0D-45A6-4F0C-B29C-C7382C36BB25} -> (D-Link AirPlus Xtreme G DWL-G132 Wireless USB Adapter(rev.A)) ->
    {7B440BF9-BB73-482D-A351-596EB2001AEC} -> () ->
    {D4969C19-515B-47C8-9A01-520FDC483361} -> () ->
    {E7394D88-D6B4-4EF7-B886-218166E7B8A7} -> (Carte réseau 1394) ->
    < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
    ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
    msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
    {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-wind...[Java Plug-in 1.5.0_02] ->
    {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-wind...[Java Plug-in 1.5.0_02] ->
    {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/fla...[Shockwave Flash Object] ->
    < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\.Owner -> {D27CDB6E-AE6D-11CF-96B8-444553540000} ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\{D27CDB6E-AE6D-11CF-96B8-444553540000} -> ->


    [Registry - Additional Scans - Non-Microsoft Only]
    < BotCheck > -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->
    *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
    msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] ->
    *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
    kerberos -> %SystemRoot%\System32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 19:50:32 | Attr = ]
    msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    schannel -> %SystemRoot%\System32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 16:22:36 | Attr = ]
    wdigest -> %SystemRoot%\System32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 24/03/2006 06:37:52 | Attr = ]
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 908 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 ->
    *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages ->
    scecli -> %SystemRoot%\System32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 186368 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> ->
    *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder ->
    Windows NT Access Provider -> -> File not found
    *MultiFile Done* -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 119808 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 17 4D C7 FC D9 4C 92 D9 91 20 E6 8A A9 D5 10 FC 32 35 39 37 63 65 38 36 00 00 00 00 B0 86 00 00 18 CA 06 00 99 D0 B5 71 04 CA 06 00 10 00 00 00 00 00 00 00 6E 0F 08 8F C7 29 97 BB 3F 06 51 25 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> CA 8E 48 CA BC 45 AF 33 74 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> FA 35 B5 EC F9 6B [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 1A 0C 19 A6 A1 1B D6 A8 AA D8 A0 14 32 8C 06 0E [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 36 E1 E5 3B 16 D2 C8 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 60 A7 AD A0 7A C4 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 F8 E2 4B 98 7A C4 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 60 A7 AD A0 7A C4 01 [binary data] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 156 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 332800 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:04 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 142336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acer\Acer eConsole\MediaSync.exe -> %ProgramFiles%\Acer\Acer eConsole\MediaSync.exe [C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acer\Acer eConsole\eConsole.exe -> %ProgramFiles%\Acer\Acer eConsole\eConsole.exe [C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acer\Acer eConsole\MediaServerService.exe -> %ProgramFiles%\Acer\Acer eConsole\MediaServerService.exe [C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe -> %CommonProgramFiles%\Ahead\Nero Web\SetupX.exe [C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup] -> Nero AG [Ver = 1, 6, 28, 0 | Size = 1775152 bytes | Modified Date = 09/03/2007 18:53:44 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> %ProgramFiles%\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> Microsoft Corporation [Ver = 12.0.6300.5000 | Size = 12829216 bytes | Modified Date = 12/12/2007 23:56:18 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:04 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe -> %ProgramFiles%\Hercules\Hercules DualPix HD Webcam\Station2.exe [C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe:*:Enabled:Hercules Webcam Station Evolution] -> Hercules [Ver = 2.6.0.0 | Size = 9887744 bytes | Modified Date = 02/03/2007 12:50:44 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\Temp\NavBrowser.exe -> %SystemRoot%\Temp\NavBrowser.exe [C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser] -> Naviant, Inc. [Ver = 1.0.1.2 | Size = 212992 bytes | Modified Date = 12/09/2001 14:42:58 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe -> %ProgramFiles%\IVT Corporation\BlueSoleil\BlueSoleil.exe [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil] -> IVT Corporation [Ver = 1, 6, 4, 0 | Size = 1200128 bytes | Modified Date = 20/09/2005 10:28:16 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 05/08/2004 05:00:00 | Attr = ]
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> ->
    Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 ->


    [Files/Folders - Created Within 30 days]
    FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Created Date = 19/06/2008 16:09:06 | Attr = HS]
    FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Created Date = 19/06/2008 16:10:24 | Attr = HS]
    hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073139712 bytes | Created Date = 19/06/2008 16:34:50 | Attr = HS]
    TempDVD -> %SystemDrive%\TempDVD -> [Folder | Created Date = 20/06/2008 09:26:20 | Attr = ]
    MSOCache -> %SystemDrive%\MSOCache -> [Folder | Created Date = 20/06/2008 09:30:58 | Attr = RH ]
    autorun.inf -> %SystemDrive%\autorun.inf -> [Folder | Created Date = 20/06/2008 10:48:00 | Attr = RHS]
    _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 20/06/2008 19:46:22 | Attr = ]
    HSFCXTS2.sys -> %SystemRoot%\System32\drivers\HSFCXTS2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    HSFBS2S2.sys -> %SystemRoot%\System32\drivers\HSFBS2S2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    HSFDPSP2.sys -> %SystemRoot%\System32\drivers\HSFDPSP2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    mdmxsdk.sys -> %SystemRoot%\System32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    cxthsfS2.cty -> %SystemRoot%\System32\drivers\cxthsfS2.cty -> [Ver = | Size = 129045 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 19/06/2008 17:27:40 | Attr = ]
    MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 19/06/2008 17:27:43 | Attr = H ]
    aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 94416 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 78416 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 20560 bytes | Created Date = 20/06/2008 08:33:01 | Attr = ]
    aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 26944 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 42912 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 23152 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    mprifl.sys -> %SystemRoot%\System32\drivers\mprifl.sys -> FSPro Labs [Ver = 2.9.0.193 built by: WinDDK | Size = 17264 bytes | Created Date = 20/06/2008 08:49:02 | Attr = ]
    AnyDVD.sys -> %SystemRoot%\System32\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.4.5.0 | Size = 99648 bytes | Created Date = 17/06/2008 15:59:14 | Attr = ]
    maplom.sys -> %SystemRoot%\System32\drivers\maplom.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 37312 bytes | Created Date = 20/06/2008 09:09:12 | Attr = ]
    maploml.sys -> %SystemRoot%\System32\drivers\maploml.sys -> SlySoft Inc. [Ver = 3, 0, 1, 6 | Size = 36288 bytes | Created Date = 20/06/2008 09:25:54 | Attr = ]
    HDvid.sys -> %SystemRoot%\System32\drivers\HDvid.sys -> Guillemont Corporation [Ver = 5.2.2603.20 | Size = 275072 bytes | Created Date = 20/06/2008 11:39:12 | Attr = ]
    camfilt.sys -> %SystemRoot%\System32\drivers\camfilt.sys -> Guillemot Corporation [Ver = 1.1.0.0 | Size = 24192 bytes | Created Date = 20/06/2008 11:39:12 | Attr = ]
    StarOpen.sys -> %SystemRoot%\System32\drivers\StarOpen.sys -> [Ver = | Size = 5632 bytes | Created Date = 20/06/2008 19:13:28 | Attr = ]
    mcheck.mhf -> %SystemRoot%\System32\mcheck.mhf -> [Ver = | Size = 28 bytes | Created Date = 20/06/2008 09:09:11 | Attr = ]
    escimgd.dll -> %SystemRoot%\System32\escimgd.dll -> SEIKO EPSON CORP. [Ver = 1.05 | Size = 46080 bytes | Created Date = 20/06/2008 18:51:37 | Attr = ]
    actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 20/06/2008 08:32:52 | Attr = ]
    aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 1152888 bytes | Created Date = 20/06/2008 08:32:52 | Attr = ]
    AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 95608 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    FraPlus1.ocx -> %SystemRoot%\System32\FraPlus1.ocx -> Innovasys [Ver = 1.01.0026 | Size = 471040 bytes | Created Date = 20/06/2008 08:39:04 | Attr = ]
    lame_enc.dll -> %SystemRoot%\System32\lame_enc.dll -> [Ver = | Size = 237568 bytes | Created Date = 20/06/2008 08:55:48 | Attr = ]
    OfficeMenu2003.ocx -> %SystemRoot%\System32\OfficeMenu2003.ocx -> ZNsoft Corporation [Ver = 1.04 | Size = 225280 bytes | Created Date = 20/06/2008 08:39:04 | Attr = ]
    BtnPlus1.ocx -> %SystemRoot%\System32\BtnPlus1.ocx -> Innovasys [Ver = 1.01.0033 | Size = 606208 bytes | Created Date = 20/06/2008 08:39:04 | Attr = ]
    AudDesign.dll -> %SystemRoot%\System32\AudDesign.dll -> NCT Company Ltd. [Ver = 2,6,1,107 | Size = 2084864 bytes | Created Date = 20/06/2008 08:55:48 | Attr = ]
    AudFile.dll -> %SystemRoot%\System32\AudFile.dll -> NCT Company Ltd. [Ver = 2,6,2,570 | Size = 1986560 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    AudDisplay.dll -> %SystemRoot%\System32\AudDisplay.dll -> NCT Company Ltd. [Ver = 2,6,1,107 | Size = 417792 bytes | Created Date = 20/06/2008 08:55:48 | Attr = ]
    AudPlayer.dll -> %SystemRoot%\System32\AudPlayer.dll -> NCT Company Ltd. [Ver = 2,6,1,260 | Size = 458752 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    AudioVisu.dll -> %SystemRoot%\System32\AudioVisu.dll -> NCT Company Ltd. [Ver = 2,6,1,108 | Size = 479232 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    WMAFile.dll -> %SystemRoot%\System32\WMAFile.dll -> NCT Company Ltd. [Ver = 2,4,1,113 | Size = 348160 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    esccmd.dll -> %SystemRoot%\System32\esccmd.dll -> SEIKO EPSON CORP. [Ver = 1.05 | Size = 22528 bytes | Created Date = 20/06/2008 18:51:37 | Attr = ]
    20 Juin 2008 20:27:30

    Ne pas tenir compte du 1er rapport je n'avais exécuté ATF cleaner.
    Merci par avance si tu arrive a me décoincer de cette situation.
    Je reste dispo pour tous rensignement complémentaire.
    20 Juin 2008 20:39:00

    Et pardon je viens de voir qu'il n'y a pas la fin alors je la place dans un nouveau message.
    Vraiment dsl et encore merci.
    20 Juin 2008 20:51:40

    AudioInfos.dll -> %SystemRoot%\System32\AudioInfos.dll -> NCT Company Ltd. [Ver = 2,6,1,254 | Size = 1212416 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    AudioRecord.dll -> %SystemRoot%\System32\AudioRecord.dll -> NCT Company Ltd. [Ver = 2,6,1,217 | Size = 454656 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    NCTWMAProfiles.prx -> %SystemRoot%\System32\NCTWMAProfiles.prx -> [Ver = | Size = 116296 bytes | Created Date = 20/06/2008 08:55:49 | Attr = ]
    ControlSubX.ocx -> %SystemRoot%\System32\ControlSubX.ocx -> [Ver = 1.00.0007 | Size = 24576 bytes | Created Date = 20/06/2008 09:03:33 | Attr = ]
    PropertyGrid.ocx -> %SystemRoot%\System32\PropertyGrid.ocx -> [Ver = 1.00 | Size = 364544 bytes | Created Date = 20/06/2008 09:03:34 | Attr = ]
    ReyXpBasics.tlb -> %SystemRoot%\System32\ReyXpBasics.tlb -> [Ver = | Size = 208500 bytes | Created Date = 20/06/2008 09:03:34 | Attr = ]
    TubeFinder.exe -> %SystemRoot%\System32\TubeFinder.exe -> Koyote Soft [Ver = 1.00 | Size = 225280 bytes | Created Date = 20/06/2008 09:03:36 | Attr = ]
    en-us -> %SystemRoot%\System32\en-us -> [Folder | Created Date = 20/06/2008 10:16:21 | Attr = ]
    3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
    XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Created Date = 20/06/2008 10:16:26 | Attr = ]
    DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Created Date = 20/06/2008 11:04:45 | Attr = ]
    ISUSPM.cpl -> %SystemRoot%\System32\ISUSPM.cpl -> Macrovision Corporation [Ver = 5, 01, 100, 47363 | Size = 73728 bytes | Created Date = 20/06/2008 11:38:54 | Attr = ]
    HDEXT.DLL -> %SystemRoot%\System32\HDEXT.DLL -> OmniVision Technologies Inc. [Ver = 2, 2, 11, 28 | Size = 53248 bytes | Created Date = 20/06/2008 11:39:12 | Attr = ]
    HWC HD -> %SystemRoot%\System32\HWC HD -> [Folder | Created Date = 20/06/2008 11:38:54 | Attr = ]
    HDExt.ax -> %SystemRoot%\System32\HDExt.ax -> OmniVision Technologies Inc. [Ver = 06.12.22 | Size = 19456 bytes | Created Date = 20/06/2008 11:39:12 | Attr = ]
    escwiad.dll -> %SystemRoot%\System32\escwiad.dll -> SEIKO EPSON CORP. [Ver = 1.05 | Size = 29696 bytes | Created Date = 20/06/2008 18:51:38 | Attr = ]
    EBPMON24.DLL -> %SystemRoot%\System32\EBPMON24.DLL -> SEIKO EPSON CORPORATION [Ver = 1, 9, 0, 0 | Size = 75501 bytes | Created Date = 20/06/2008 18:51:57 | Attr = ]
    EBPPORT4.DAT -> %SystemRoot%\System32\EBPPORT4.DAT -> [Ver = | Size = 182 bytes | Created Date = 20/06/2008 18:51:57 | Attr = ]
    ECBTEG.DLL -> %SystemRoot%\System32\ECBTEG.DLL -> SEIKO EPSON CORPORATION [Ver = 2, 0, 0, 27 | Size = 64000 bytes | Created Date = 20/06/2008 18:51:57 | Attr = ]
    mdmxsdk.dll -> %SystemRoot%\System32\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    EBPCHP.DLL -> %SystemRoot%\System32\EBPCHP.DLL -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 0 | Size = 34304 bytes | Created Date = 20/06/2008 18:51:57 | Attr = ]
    HSFCISP2.dll -> %SystemRoot%\System32\HSFCISP2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 19/06/2008 16:27:04 | Attr = ]
    E_DCINST.DLL -> %SystemRoot%\System32\E_DCINST.DLL -> SEIKO EPSON CORP. [Ver = 1, 0, 0, 2 | Size = 31744 bytes | Created Date = 20/06/2008 18:51:57 | Attr = ]
    ANIO.VXD -> %SystemRoot%\System32\ANIO.VXD -> [Ver = | Size = 16997 bytes | Created Date = 19/06/2008 16:32:27 | Attr = ]
    ANIOApi.dll -> %SystemRoot%\System32\ANIOApi.dll -> Alpha Networks Inc. [Ver = 2, 0, 0, 40127 | Size = 36864 bytes | Created Date = 19/06/2008 16:32:27 | Attr = ]
    anio4.sys -> %SystemRoot%\System32\anio4.sys -> ANI [Ver = 1.1.0.30505 | Size = 11904 bytes | Created Date = 19/06/2008 16:32:27 | Attr = ]
    ANIO.sys -> %SystemRoot%\System32\ANIO.sys -> Alpha Networks Inc. [Ver = 2.0.0.30505 | Size = 28205 bytes | Created Date = 19/06/2008 16:32:27 | Attr = ]
    ANICtl.dll -> %SystemRoot%\System32\ANICtl.dll -> Alpha Networks Inc. [Ver = 1, 0, 3, 31217 | Size = 57407 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    aIPH.dll -> %SystemRoot%\System32\aIPH.dll -> Alpha Networks Inc. [Ver = 1, 1, 0, 50630 | Size = 208896 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    ANIWZCS2.dll -> %SystemRoot%\System32\ANIWZCS2.dll -> Alpha Networks Inc. [Ver = 2, 4, 26, 50722 | Size = 372736 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    AQCKGen.dll -> %SystemRoot%\System32\AQCKGen.dll -> Alpha Networks Inc. [Ver = 1, 0, 0, 30603 | Size = 49152 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    odSupp_M.dll -> %SystemRoot%\System32\odSupp_M.dll -> Funk Software, Inc. [Ver = 3.00.00.006 | Size = 1323095 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    wlanapi.dll -> %SystemRoot%\System32\wlanapi.dll -> Alpha Networks Inc. [Ver = 1, 3, 28, 50722 | Size = 233472 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    WlanApp.dll -> %SystemRoot%\System32\WlanApp.dll -> Alpha Networks Inc. [Ver = 1, 0, 10, 50602 | Size = 143360 bytes | Created Date = 19/06/2008 16:32:37 | Attr = ]
    Epcmlib.dll -> %SystemRoot%\System32\Epcmlib.dll -> SEIKO EPSON CORPORATION [Ver = 1.2.0.6 | Size = 131072 bytes | Created Date = 20/06/2008 18:58:46 | Attr = ]
    epDPE.ini -> %SystemRoot%\System32\epDPE.ini -> [Ver = | Size = 72 bytes | Created Date = 20/06/2008 18:55:30 | Attr = ]
    Samsung_USB_Drivers -> %SystemRoot%\System32\Samsung_USB_Drivers -> [Folder | Created Date = 20/06/2008 19:12:38 | Attr = ]
    Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 766 bytes | Created Date = 20/06/2008 19:12:38 | Attr = ]
    SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Created Date = 19/06/2008 15:38:00 | Attr = ]
    PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 19/06/2008 17:09:08 | Attr = ]
    LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 19/06/2008 17:27:40 | Attr = ]
    fr-fr -> %SystemRoot%\System32\fr-fr -> [Folder | Created Date = 19/06/2008 17:42:13 | Attr = ]
    SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Created Date = 20/06/2008 09:31:27 | Attr = ]
    1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
    LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 20/06/2008 19:12:39 | Attr = ]
    ADE.DLL -> %SystemRoot%\ADE.DLL -> SEIKO EPSON CORPORATION [Ver = 2, 0, 0, 2 | Size = 73216 bytes | Created Date = 20/06/2008 18:55:30 | Attr = ]
    CDE RX500F.ini -> %SystemRoot%\CDE RX500F.ini -> [Ver = | Size = 25 bytes | Created Date = 20/06/2008 18:48:35 | Attr = ]
    Ade001.bin -> %SystemRoot%\Ade001.bin -> [Ver = | Size = 3136 bytes | Created Date = 20/06/2008 18:55:30 | Attr = ]
    SlantAdj.dll -> %SystemRoot%\SlantAdj.dll -> [Ver = | Size = 96768 bytes | Created Date = 20/06/2008 18:55:30 | Attr = ]
    PI_setup.ini -> %SystemRoot%\PI_setup.ini -> [Ver = | Size = 21 bytes | Created Date = 20/06/2008 18:57:01 | Attr = ]
    ffmpeg.exe -> %SystemRoot%\ffmpeg.exe -> [Ver = | Size = 3600384 bytes | Created Date = 20/06/2008 11:39:04 | Attr = ]
    ovtcam -> %SystemRoot%\ovtcam -> [Folder | Created Date = 20/06/2008 11:39:12 | Attr = ]
    ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 20/06/2008 12:01:19 | Attr = ]
    EPSON PhotoStarter Essential -> %SystemRoot%\EPSON PhotoStarter Essential -> [Folder | Created Date = 20/06/2008 19:00:49 | Attr = ]
    RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Created Date = 19/06/2008 15:53:45 | Attr = ]
    NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 47 bytes | Created Date = 19/06/2008 15:56:50 | Attr = ]
    Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 19/06/2008 16:10:31 | Attr = ]
    $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 19/06/2008 17:09:24 | Attr = H ]
    EPSON CardMonitor Essential -> %SystemRoot%\EPSON CardMonitor Essential -> [Folder | Created Date = 20/06/2008 19:01:00 | Attr = ]
    $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 19/06/2008 17:41:14 | Attr = H ]
    $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 19/06/2008 17:41:28 | Attr = H ]
    ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 19/06/2008 17:41:41 | Attr = H ]
    WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 19/06/2008 17:42:14 | Attr = ]
    [Files Created - Additional Folder Scans - Non-Microsoft Only]
    Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Created Date = 19/06/2008 15:41:49 | Attr = ]
    Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Created Date = 19/06/2008 16:01:53 | Attr = ]
    Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Created Date = 19/06/2008 17:42:08 | Attr = ]
    ESTsoft -> %AllUsersProfile%\Application Data\ESTsoft -> [Folder | Created Date = 20/06/2008 09:05:46 | Attr = ]
    .zreglib -> %AllUsersProfile%\Application Data\.zreglib -> [Ver = | Size = 84 bytes | Created Date = 20/06/2008 09:07:39 | Attr = HS]
    SlySoft -> %AllUsersProfile%\Application Data\SlySoft -> [Folder | Created Date = 20/06/2008 09:07:47 | Attr = ]
    Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [Folder | Created Date = 20/06/2008 09:31:13 | Attr = ]
    WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller -> [Folder | Created Date = 20/06/2008 10:57:30 | Attr = ]
    InstallShield -> %AllUsersProfile%\Application Data\InstallShield -> [Folder | Created Date = 20/06/2008 11:39:08 | Attr = ]
    Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Created Date = 20/06/2008 11:49:14 | Attr = ]
    UDL -> %AllUsersProfile%\Application Data\UDL -> [Folder | Created Date = 20/06/2008 18:59:04 | Attr = ]
    LauncherAccess.dt -> %AllUsersProfile%\Application Data\LauncherAccess.dt -> [Ver = | Size = 0 bytes | Created Date = 20/06/2008 19:22:09 | Attr = ]
    Bluetooth -> %AllUsersProfile%\Application Data\Bluetooth -> [Folder | Created Date = 20/06/2008 19:32:07 | Attr = ]
    Identities -> %AppData%\Identities -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = ]
    Symantec -> %AppData%\Symantec -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = ]
    Adobe -> %AppData%\Adobe -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = ]
    Microsoft -> %AppData%\Microsoft -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = S]
    desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 19/06/2008 16:29:40 | Attr = HS]
    Ahead -> %AppData%\Ahead -> [Folder | Created Date = 19/06/2008 15:56:13 | Attr = ]
    Google -> %AppData%\Google -> [Folder | Created Date = 19/06/2008 16:01:56 | Attr = ]
    Macromedia -> %AppData%\Macromedia -> [Folder | Created Date = 19/06/2008 16:39:52 | Attr = ]
    ImgBurn -> %AppData%\ImgBurn -> [Folder | Created Date = 20/06/2008 08:51:40 | Attr = ]
    ESTsoft -> %AppData%\ESTsoft -> [Folder | Created Date = 20/06/2008 09:05:56 | Attr = ]
    InstallShield -> %AppData%\InstallShield -> [Folder | Created Date = 20/06/2008 11:37:03 | Attr = ]
    {3248F0A6-6813-11D6-A77B-00B0D0150020} -> %UserProfile%\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020} -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = ]
    Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = ]
    Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = ]
    IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 2640938 bytes | Created Date = 19/06/2008 16:29:39 | Attr = H ]
    Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Created Date = 19/06/2008 16:01:56 | Attr = ]
    DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 4608 bytes | Created Date = 19/06/2008 16:53:41 | Attr = ]
    GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 89976 bytes | Created Date = 20/06/2008 08:34:44 | Attr = ]
    Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [Folder | Created Date = 20/06/2008 09:31:19 | Attr = ]
    ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [Folder | Created Date = 20/06/2008 11:05:32 | Attr = ]
    fusioncache.dat -> %UserProfile%\Local Settings\Application Data\fusioncache.dat -> [Ver = | Size = 132 bytes | Created Date = 20/06/2008 11:05:32 | Attr = ]
    Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Created Date = 20/06/2008 11:58:03 | Attr = ]
    Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Created Date = 20/06/2008 11:58:06 | Attr = ]
    Mes images -> %UserProfile%\Mes documents\Mes images -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = R ]
    Ma musique -> %UserProfile%\Mes documents\Ma musique -> [Folder | Created Date = 19/06/2008 16:29:39 | Attr = R ]
    desktop.ini -> %UserProfile%\Mes documents\desktop.ini -> [Ver = | Size = 141 bytes | Created Date = 19/06/2008 16:29:40 | Attr = HS]
    Mes vidéos -> %UserProfile%\Mes documents\Mes vidéos -> [Folder | Created Date = 19/06/2008 17:43:16 | Attr = R ]
    AnyDVDHD -> %UserProfile%\Mes documents\AnyDVDHD -> [Folder | Created Date = 20/06/2008 09:07:53 | Attr = ]
    Visual Studio 2008 -> %UserProfile%\Mes documents\Visual Studio 2008 -> [Folder | Created Date = 20/06/2008 10:21:15 | Attr = ]
    Mes fichiers reçus -> %UserProfile%\Mes documents\Mes fichiers reçus -> [Folder | Created Date = 20/06/2008 11:04:50 | Attr = ]
    Hercules webcam -> %UserProfile%\Mes documents\Hercules webcam -> [Folder | Created Date = 20/06/2008 11:49:15 | Attr = ]
    Nero Home -> %UserProfile%\Mes documents\Nero Home -> [Folder | Created Date = 20/06/2008 12:12:54 | Attr = ]
    Contre_la_prochaine_canicule.exe -> %UserProfile%\Mes documents\Contre_la_prochaine_canicule.exe -> Macromedia, Inc. [Ver = 5,0,30,0 | Size = 379325 bytes | Created Date = 20/06/2008 12:29:13 | Attr = ]
    Bluetooth -> %UserProfile%\Mes documents\Bluetooth -> [Folder | Created Date = 20/06/2008 19:32:07 | Attr = ]
    avast! Antivirus.lnk -> %AllUsersProfile%\Bureau\avast! Antivirus.lnk -> [Ver = | Size = 1617 bytes | Created Date = 20/06/2008 08:33:02 | Attr = ]
    AnyDVD.lnk -> %AllUsersProfile%\Bureau\AnyDVD.lnk -> [Ver = | Size = 662 bytes | Created Date = 20/06/2008 09:07:14 | Attr = ]
    CloneDVD2.lnk -> %AllUsersProfile%\Bureau\CloneDVD2.lnk -> [Ver = | Size = 760 bytes | Created Date = 20/06/2008 09:07:31 | Attr = ]
    CloneDVDmobile.lnk -> %AllUsersProfile%\Bureau\CloneDVDmobile.lnk -> [Ver = | Size = 762 bytes | Created Date = 20/06/2008 09:08:33 | Attr = ]
    Nero StartSmart.lnk -> %AllUsersProfile%\Bureau\Nero StartSmart.lnk -> [Ver = | Size = 2309 bytes | Created Date = 20/06/2008 11:57:53 | Attr = ]
    EPSON Smart Panel.lnk -> %AllUsersProfile%\Bureau\EPSON Smart Panel.lnk -> [Ver = | Size = 1483 bytes | Created Date = 20/06/2008 18:56:46 | Attr = ]
    Samsung PC Studio 3.lnk -> %AllUsersProfile%\Bureau\Samsung PC Studio 3.lnk -> [Ver = | Size = 673 bytes | Created Date = 20/06/2008 19:13:21 | Attr = ]
    Spybot - Search & Destroy.lnk -> %UserProfile%\Bureau\Spybot - Search & Destroy.lnk -> [Ver = | Size = 871 bytes | Created Date = 19/06/2008 15:41:53 | Attr = ]
    Poste de travail.lnk -> %UserProfile%\Bureau\Poste de travail.lnk -> [Ver = | Size = 104 bytes | Created Date = 19/06/2008 15:49:07 | Attr = ]
    Windows Media Player.lnk -> %UserProfile%\Bureau\Windows Media Player.lnk -> [Ver = | Size = 690 bytes | Created Date = 19/06/2008 17:28:46 | Attr = ]
    ZNsoft Free.lnk -> %UserProfile%\Bureau\ZNsoft Free.lnk -> [Ver = | Size = 1721 bytes | Created Date = 20/06/2008 08:39:05 | Attr = ]
    ZNsoft Utility.lnk -> %UserProfile%\Bureau\ZNsoft Utility.lnk -> [Ver = | Size = 739 bytes | Created Date = 20/06/2008 08:39:33 | Attr = ]
    CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [Ver = | Size = 1456 bytes | Created Date = 20/06/2008 08:40:49 | Attr = ]
    Free Mp3 Wma Converter.lnk -> %UserProfile%\Bureau\Free Mp3 Wma Converter.lnk -> [Ver = | Size = 808 bytes | Created Date = 20/06/2008 08:55:51 | Attr = ]
    Free CD Ripper.lnk -> %UserProfile%\Bureau\Free CD Ripper.lnk -> [Ver = | Size = 810 bytes | Created Date = 20/06/2008 08:55:51 | Attr = ]
    dvdSanta.lnk -> %UserProfile%\Bureau\dvdSanta.lnk -> [Ver = | Size = 590 bytes | Created Date = 20/06/2008 08:59:01 | Attr = ]
    Free FLV Converter.lnk -> %UserProfile%\Bureau\Free FLV Converter.lnk -> [Ver = | Size = 700 bytes | Created Date = 20/06/2008 09:03:37 | Attr = ]
    Capturino.lnk -> %UserProfile%\Bureau\Capturino.lnk -> [Ver = | Size = 639 bytes | Created Date = 20/06/2008 09:06:16 | Attr = ]
    Game Jackal.lnk -> %UserProfile%\Bureau\Game Jackal.lnk -> [Ver = | Size = 665 bytes | Created Date = 20/06/2008 09:09:00 | Attr = ]
    Microsoft Office Word 2007.lnk -> %UserProfile%\Bureau\Microsoft Office Word 2007.lnk -> [Ver = | Size = 2659 bytes | Created Date = 20/06/2008 09:39:01 | Attr = ]
    ESPRX500 Guide de référence.lnk -> %UserProfile%\Bureau\ESPRX500 Guide de référence.lnk -> [Ver = | Size = 1553 bytes | Created Date = 20/06/2008 18:54:40 | Attr = ]
    ESPRX500 Guide fonctionnement.lnk -> %UserProfile%\Bureau\ESPRX500 Guide fonctionnement.lnk -> [Ver = | Size = 1550 bytes | Created Date = 20/06/2008 18:54:52 | Attr = ]
    ESPRX500 Guide des logiciels.lnk -> %UserProfile%\Bureau\ESPRX500 Guide des logiciels.lnk -> [Ver = | Size = 1553 bytes | Created Date = 20/06/2008 18:59:58 | Attr = ]
    VirtumundoBeGone.exe -> %UserProfile%\Bureau\VirtumundoBeGone.exe -> Business Information Solutions [Ver = 1.5 | Size = 96978 bytes | Created Date = 20/06/2008 19:39:06 | Attr = ]
    OTMoveIt2.exe -> %UserProfile%\Bureau\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.2 | Size = 291328 bytes | Created Date = 20/06/2008 19:39:12 | Attr = ]
    OTScanIt -> %UserProfile%\Bureau\OTScanIt -> [Folder | Created Date = 20/06/2008 19:54:12 | Attr = ]
    ATF-Cleaner.exe -> %UserProfile%\Bureau\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 20/06/2008 20:16:53 | Attr = ]
    BlueSoleil.lnk.disabled -> %AllUsersProfile%\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk.disabled -> [Ver = | Size = 1794 bytes | Created Date = 20/06/2008 19:29:35 | Attr = ]
    desktop.ini -> %UserProfile%\Menu Démarrer\Programmes\Démarrage\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 19/06/2008 16:29:39 | Attr = HS]
    DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Created Date = 20/06/2008 09:35:10 | Attr = ]
    Merge Modules -> %CommonProgramFiles%\Merge Modules -> [Folder | Created Date = 20/06/2008 10:19:25 | Attr = ]
    WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Created Date = 20/06/2008 10:57:41 | Attr = HS]
    Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Created Date = 20/06/2008 11:49:14 | Attr = ]
    D-Link -> %ProgramFiles%\D-Link -> [Folder | Created Date = 19/06/2008 16:32:23 | Attr = ]
    ANI -> %ProgramFiles%\ANI -> [Folder | Created Date = 19/06/2008 16:32:27 | Attr = ]
    Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [Folder | Created Date = 19/06/2008 15:41:49 | Attr = ]
    Google -> %ProgramFiles%\Google -> [Folder | Created Date = 19/06/2008 16:01:04 | Attr = ]
    Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [Folder | Created Date = 19/06/2008 17:28:40 | Attr = ]
    MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [Folder | Created Date = 19/06/2008 17:54:28 | Attr = ]
    Alwil Software -> %ProgramFiles%\Alwil Software -> [Folder | Created Date = 20/06/2008 08:32:51 | Attr = ]
    ZNsoft Corporation -> %ProgramFiles%\ZNsoft Corporation -> [Folder | Created Date = 20/06/2008 08:39:03 | Attr = ]
    CCleaner -> %ProgramFiles%\CCleaner -> [Folder | Created Date = 20/06/2008 08:40:49 | Attr = ]
    My Lockbox -> %ProgramFiles%\My Lockbox -> [Folder | Created Date = 20/06/2008 08:49:01 | Attr = ]
    ImgBurn -> %ProgramFiles%\ImgBurn -> [Folder | Created Date = 20/06/2008 08:51:07 | Attr = ]
    Free Audio Pack -> %ProgramFiles%\Free Audio Pack -> [Folder | Created Date = 20/06/2008 08:55:47 | Attr = ]
    dvdSanta -> %ProgramFiles%\dvdSanta -> [Folder | Created Date = 20/06/2008 08:59:00 | Attr = ]
    UDPixel -> %ProgramFiles%\UDPixel -> [Folder | Created Date = 20/06/2008 09:02:56 | Attr = ]
    Free FLV Converter -> %ProgramFiles%\Free FLV Converter -> [Folder | Created Date = 20/06/2008 09:03:33 | Attr = ]
    ESTsoft -> %ProgramFiles%\ESTsoft -> [Folder | Created Date = 20/06/2008 09:05:42 | Attr = ]
    Capturino V1.3 -> %ProgramFiles%\Capturino V1.3 -> [Folder | Created Date = 20/06/2008 09:06:11 | Attr = ]
    SlySoft -> %ProgramFiles%\SlySoft -> [Folder | Created Date = 20/06/2008 09:07:12 | Attr = ]
    Elaborate Bytes -> %ProgramFiles%\Elaborate Bytes -> [Folder | Created Date = 20/06/2008 09:07:29 | Attr = ]
    Microsoft Office -> %ProgramFiles%\Microsoft Office -> [Folder | Created Date = 20/06/2008 09:31:14 | Attr = ]
    Microsoft.NET -> %ProgramFiles%\Microsoft.NET -> [Folder | Created Date = 20/06/2008 09:34:19 | Attr = ]
    Microsoft Visual Studio -> %ProgramFiles%\Microsoft Visual Studio -> [Folder | Created Date = 20/06/2008 09:35:11 | Attr = ]
    MSBuild -> %ProgramFiles%\MSBuild -> [Folder | Created Date = 20/06/2008 09:35:39 | Attr = ]
    Microsoft Works -> %ProgramFiles%\Microsoft Works -> [Folder | Created Date = 20/06/2008 09:36:05 | Attr = ]
    MSXML 6.0 -> %ProgramFiles%\MSXML 6.0 -> [Folder | Created Date = 20/06/2008 10:13:55 | Attr = ]
    Reference Assemblies -> %ProgramFiles%\Reference Assemblies -> [Folder | Created Date = 20/06/2008 10:16:21 | Attr = ]
    Microsoft SDKs -> %ProgramFiles%\Microsoft SDKs -> [Folder | Created Date = 20/06/2008 10:18:49 | Attr = ]
    Microsoft Visual Studio 9.0 -> %ProgramFiles%\Microsoft Visual Studio 9.0 -> [Folder | Created Date = 20/06/2008 10:19:25 | Attr = ]
    Microsoft Silverlight -> %ProgramFiles%\Microsoft Silverlight -> [Folder | Created Date = 20/06/2008 10:21:45 | Attr = ]
    Windows Live -> %ProgramFiles%\Windows Live -> [Folder | Created Date = 20/06/2008 10:57:37 | Attr = ]
    Microsoft SQL Server Compact Edition -> %ProgramFiles%\Microsoft SQL Server Compact Edition -> [Folder | Created Date = 20/06/2008 11:05:55 | Attr = ]
    Symantec -> %ProgramFiles%\Symantec -> [Folder | Created Date = 20/06/2008 11:38:02 | Attr = ]
    Hercules -> %ProgramFiles%\Hercules -> [Folder | Created Date = 20/06/2008 11:38:55 | Attr = ]
    Nero -> %ProgramFiles%\Nero -> [Folder | Created Date = 20/06/2008 11:49:14 | Attr = ]
    Microsoft CAPICOM 2.1.0.2 -> %ProgramFiles%\Microsoft CAPICOM 2.1.0.2 -> [Folder | Created Date = 20/06/2008 12:03:09 | Attr = ]
    EPSON -> %ProgramFiles%\EPSON -> [Folder | Created Date = 20/06/2008 18:51:36 | Attr = ]
    Smart Panel -> %ProgramFiles%\Smart Panel -> [Folder | Created Date = 20/06/2008 18:55:16 | Attr = ]
    ArcSoft -> %ProgramFiles%\ArcSoft -> [Folder | Created Date = 20/06/2008 18:56:59 | Attr = ]
    ABBYY FineReader 5.0 Sprint -> %ProgramFiles%\ABBYY FineReader 5.0 Sprint -> [Folder | Created Date = 20/06/2008 18:58:18 | Attr = ]
    Samsung -> %ProgramFiles%\Samsung -> [Folder | Created Date = 20/06/2008 19:12:35 | Attr = ]
    IVT Corporation -> %ProgramFiles%\IVT Corporation -> [Folder | Created Date = 20/06/2008 19:27:58 | Attr = ]
    Lavalys -> %ProgramFiles%\Lavalys -> [Folder | Created Date = 20/06/2008 19:39:56 | Attr = ]

    [Files/Folders - Modified Within 30 days]
    FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Modified Date = 19/06/2008 16:09:06 | Attr = HS]
    boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 216 bytes | Modified Date = 19/06/2008 16:28:58 | Attr = RHS]
    FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Modified Date = 19/06/2008 16:10:24 | Attr = HS]
    hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073139712 bytes | Modified Date = 20/06/2008 19:07:02 | Attr = HS]
    TempDVD -> %SystemDrive%\TempDVD -> [Folder | Modified Date = 20/06/2008 09:26:22 | Attr = ]
    MSOCache -> %SystemDrive%\MSOCache -> [Folder | Modified Date = 20/06/2008 09:31:00 | Attr = RH ]
    autorun.inf -> %SystemDrive%\autorun.inf -> [Folder | Modified Date = 20/06/2008 10:48:02 | Attr = RHS]
    _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 20/06/2008 19:46:24 | Attr = ]
    UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 19/06/2008 17:27:42 | Attr = ]
    MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 19/06/2008 17:27:44 | Attr = H ]
    AnyDVD.sys -> %SystemRoot%\System32\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.4.5.0 | Size = 99648 bytes | Modified Date = 17/06/2008 15:59:16 | Attr = ]
    StarOpen.sys -> %SystemRoot%\System32\drivers\StarOpen.sys -> [Ver = | Size = 5632 bytes | Modified Date = 20/06/2008 19:21:58 | Attr = ]
    wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 20/06/2008 17:23:14 | Attr = ]
    perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 71980 bytes | Modified Date = 20/06/2008 11:23:20 | Attr = ]
    perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 442966 bytes | Modified Date = 20/06/2008 11:23:20 | Attr = ]
    mcheck.mhf -> %SystemRoot%\System32\mcheck.mhf -> [Ver = | Size = 28 bytes | Modified Date = 20/06/2008 09:26:02 | Attr = ]
    perfc00C.dat -> %SystemRoot%\System32\perfc00C.dat -> [Ver = | Size = 85688 bytes | Modified Date = 20/06/2008 11:23:20 | Attr = ]
    perfh00C.dat -> %SystemRoot%\System32\perfh00C.dat -> [Ver = | Size = 512286 bytes | Modified Date = 20/06/2008 11:23:20 | Attr = ]
    eRLog.ini -> %SystemRoot%\System32\eRLog.ini -> [Ver = | Size = 0 bytes | Modified Date = 20/06/2008 09:11:40 | Attr = ]
    ControlSubX.ocx -> %SystemRoot%\System32\ControlSubX.ocx -> [Ver = 1.00.0007 | Size = 24576 bytes | Modified Date = 04/06/2008 18:42:54 | Attr = ]
    PropertyGrid.ocx -> %SystemRoot%\System32\PropertyGrid.ocx -> [Ver = 1.00 | Size = 364544 bytes | Modified Date = 04/06/2008 18:42:54 | Attr = ]
    ReyXpBasics.tlb -> %SystemRoot%\System32\ReyXpBasics.tlb -> [Ver = | Size = 208500 bytes | Modified Date = 04/06/2008 18:42:54 | Attr = ]
    TubeFinder.exe -> %SystemRoot%\System32\TubeFinder.exe -> Koyote Soft [Ver = 1.00 | Size = 225280 bytes | Modified Date = 13/06/2008 01:00:08 | Attr = ]
    $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 733 bytes | Modified Date = 19/06/2008 16:29:00 | Attr = ]
    FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 333072 bytes | Modified Date = 20/06/2008 12:06:00 | Attr = ]
    en-us -> %SystemRoot%\System32\en-us -> [Folder | Modified Date = 20/06/2008 10:16:22 | Attr = ]
    3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
    PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 1127594 bytes | Modified Date = 20/06/2008 11:23:20 | Attr = ]
    mapisvc.inf -> %SystemRoot%\System32\mapisvc.inf -> [Ver = | Size = 57 bytes | Modified Date = 19/06/2008 15:45:54 | Attr = ]
    XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Modified Date = 20/06/2008 10:16:28 | Attr = ]
    DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 20/06/2008 11:04:46 | Attr = ]
    HWC HD -> %SystemRoot%\System32\HWC HD -> [Folder | Modified Date = 20/06/2008 11:38:56 | Attr = ]
    CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 3121 bytes | Modified Date = 20/06/2008 08:33:04 | Attr = ]
    nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 29204 bytes | Modified Date = 20/06/2008 19:07:30 | Attr = ]
    Samsung_USB_Drivers -> %SystemRoot%\System32\Samsung_USB_Drivers -> [Folder | Modified Date = 20/06/2008 19:12:40 | Attr = ]
    SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Modified Date = 19/06/2008 15:38:02 | Attr = ]
    PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 19/06/2008 17:09:10 | Attr = ]
    LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 19/06/2008 17:27:42 | Attr = ]
    nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 19/06/2008 17:28:52 | Attr = ]
    fr-fr -> %SystemRoot%\System32\fr-fr -> [Folder | Modified Date = 19/06/2008 17:42:14 | Attr = ]
    win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 582 bytes | Modified Date = 20/06/2008 09:31:42 | Attr = ]
    SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Modified Date = 20/06/2008 09:31:28 | Attr = ]
    1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
    LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 20/06/2008 19:12:40 | Attr = ]
    CDE RX500F.ini -> %SystemRoot%\CDE RX500F.ini -> [Ver = | Size = 25 bytes | Modified Date = 20/06/2008 18:48:36 | Attr = ]
    WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 19/06/2008 17:28:12 | Attr = ]
    bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 20/06/2008 19:07:06 | Attr = S]
    ovtcam -> %SystemRoot%\ovtcam -> [Folder | Modified Date = 20/06/2008 11:39:14 | Attr = ]
    ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 20/06/2008 12:01:20 | Attr = ]
    EPSON PhotoStarter Essential -> %SystemRoot%\EPSON PhotoStarter Essential -> [Folder | Modified Date = 20/06/2008 19:00:50 | Attr = ]
    RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 19/06/2008 15:53:46 | Attr = ]
    NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 47 bytes | Modified Date = 19/06/2008 15:56:52 | Attr = ]
    Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 19/06/2008 16:10:32 | Attr = ]
    $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 19/06/2008 17:09:26 | Attr = H ]
    EPSON CardMonitor Essential -> %SystemRoot%\EPSON CardMonitor Essential -> [Folder | Modified Date = 20/06/2008 19:01:02 | Attr = ]
    $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 19/06/2008 17:41:16 | Attr = H ]
    $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 19/06/2008 17:41:30 | Attr = H ]
    ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 19/06/2008 17:41:42 | Attr = H ]
    WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 19/06/2008 17:42:16 | Attr = ]
    SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 20/06/2008 19:07:14 | Attr = H ]
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 13/11/2005 07:08:38 | Attr = ]
    qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 22590 bytes | Modified Date = 20/06/2008 19:08:06 | Attr = ]
    qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 22590 bytes | Modified Date = 20/06/2008 19:08:06 | Attr = ]
    C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 20/06/2008 09:34:22 | Attr = ]
    opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 20/06/2008 19:36:48 | Attr = ]
    C:\Documents and Settings\All Users\Application Data\Microsoft\VCExpress\9.0\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\VCExpress\9.0 -> [Folder | Modified Date = 20/06/2008 10:21:20 | Attr = ]
    VCExpress000223.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\VCExpress\9.0\VCExpress000223.dat -> [Ver = | Size = 677178 bytes | Modified Date = 20/06/2008 10:21:22 | Attr = H ]
    C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 25/06/2005 07:29:20 | Attr = ]
    IEHost.exe -> C:\WINDOWS\Temp\IEHost.exe -> Naviant [Ver = 1, 0, 0, 1 | Size = 65536 bytes | Modified Date = 10/10/2000 12:48:56 | Attr = ]
    NavBrowser.exe -> C:\WINDOWS\Temp\NavBrowser.exe -> Naviant, Inc. [Ver = 1.0.1.2 | Size = 212992 bytes | Modified Date = 12/09/2001 14:42:58 | Attr = ]
    C:\WINDOWS\Temp\WLXPL_DX\ -> C:\WINDOWS\Temp\WLXPL_DX -> [Folder | Modified Date = 20/06/2008 12:01:44 | Attr = ]
    dxsetup.exe -> C:\WINDOWS\Temp\WLXPL_DX\dxsetup.exe -> Microsoft Corporation [Ver = 4.9.0.0904 | Size = 484632 bytes | Modified Date = 21/12/2007 14:46:58 | Attr = ]
    C:\WINDOWS\Temp\WLXPL_DX\ -> C:\WINDOWS\Temp\WLXPL_DX -> [Folder | Modified Date = 20/06/2008 12:01:44 | Attr = ]
    DSETUP.dll -> C:\WINDOWS\Temp\WLXPL_DX\DSETUP.dll -> Microsoft Corporation [Ver = 4.9.0.0904 | Size = 74520 bytes | Modified Date = 21/12/2007 14:46:58 | Attr = ]
    dsetup32.dll -> C:\WINDOWS\Temp\WLXPL_DX\dsetup32.dll -> Microsoft Corporation [Ver = 4.9.0.0904 | Size = 1670936 bytes | Modified Date = 21/12/2007 14:46:58 | Attr = ]
    C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 25/06/2005 07:29:20 | Attr = ]
    Perflib_Perfdata_640.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_640.dat -> [Ver = | Size = 16384 bytes | Modified Date = 20/06/2008 19:07:14 | Attr = ]
    C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 25/06/2005 07:29:20 | Attr = ]
    navLoad.ini -> C:\WINDOWS\Temp\navLoad.ini -> [Ver = | Size = 1840 bytes | Modified Date = 20/06/2008 19:00:32 | Attr = ]
    [Files Modified - Additional Folder Scans - Non-Microsoft Only]
    Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Modified Date = 19/06/2008 15:41:50 | Attr = ]
    Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Modified Date = 19/06/2008 16:01:54 | Attr = ]
    Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 19/06/2008 17:42:10 | Attr = ]
    ESTsoft -> %AllUsersProfile%\Application Data\ESTsoft -> [Folder | Modified Date = 20/06/2008 09:05:48 | Attr = ]
    .zreglib -> %AllUsersProfile%\Application Data\.zreglib -> [Ver = | Size = 84 bytes | Modified Date = 20/06/2008 09:18:12 | Attr = HS]
    SlySoft -> %AllUsersProfile%\Application Data\SlySoft -> [Folder | Modified Date = 20/06/2008 09:07:48 | Attr = ]
    Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [Folder | Modified Date = 20/06/2008 09:31:14 | Attr = ]
    WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller -> [Folder | Modified Date = 20/06/2008 10:57:32 | Attr = ]
    InstallShield -> %AllUsersProfile%\Application Data\InstallShield -> [Folder | Modified Date = 20/06/2008 11:39:10 | Attr = ]
    Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Modified Date = 20/06/2008 11:49:16 | Attr = ]
    UDL -> %AllUsersProfile%\Application Data\UDL -> [Folder | Modified Date = 20/06/2008 18:59:06 | Attr = ]
    LauncherAccess.dt -> %AllUsersProfile%\Application Data\LauncherAccess.dt -> [Ver = | Size = 0 bytes | Modified Date = 20/06/2008 19:22:10 | Attr = ]
    Bluetooth -> %AllUsersProfile%\Application Data\Bluetooth -> [Folder | Modified Date = 20/06/2008 19:32:08 | Attr = ]
    Ahead -> %AppData%\Ahead -> [Folder | Modified Date = 19/06/2008 15:56:14 | Attr = ]
    Google -> %AppData%\Google -> [Folder | Modified Date = 19/06/2008 16:01:58 | Attr = ]
    Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 19/06/2008 16:39:54 | Attr = ]
    ImgBurn -> %AppData%\ImgBurn -> [Folder | Modified Date = 20/06/2008 08:51:42 | Attr = ]
    ESTsoft -> %AppData%\ESTsoft -> [Folder | Modified Date = 20/06/2008 09:05:58 | Attr = ]
    InstallShield -> %AppData%\InstallShield -> [Folder | Modified Date = 20/06/2008 11:37:04 | Attr = ]
    IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 2640938 bytes | Modified Date = 20/06/2008 12:00:16 | Attr = H ]
    Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Modified Date = 19/06/2008 16:01:58 | Attr = ]
    DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 4608 bytes | Modified Date = 19/06/2008 16:53:44 | Attr = ]
    GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 89976 bytes | Modified Date = 20/06/2008 10:31:16 | Attr = ]
    Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [Folder | Modified Date = 20/06/2008 09:31:20 | Attr = ]
    ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [Folder | Modified Date = 20/06/2008 11:05:34 | Attr = ]
    fusioncache.dat -> %UserProfile%\Local Settings\Application Data\fusioncache.dat -> [Ver = | Size = 132 bytes | Modified Date = 20/06/2008 11:05:34 | Attr = ]
    Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Modified Date = 20/06/2008 11:58:04 | Attr = ]
    Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Modified Date = 20/06/2008 11:58:08 | Attr = ]
    Mes images -> %UserProfile%\Mes documents\Mes images -> [Folder | Modified Date = 19/06/2008 17:52:12 | Attr = R ]
    Ma musique -> %UserProfile%\Mes documents\Ma musique -> [Folder | Modified Date = 19/06/2008 17:52:12 | Attr = R ]
    desktop.ini -> %UserProfile%\Mes documents\desktop.ini -> [Ver = | Size = 141 bytes | Modified Date = 19/06/2008 17:52:12 | Attr = HS]
    Mes vidéos -> %UserProfile%\Mes documents\Mes vidéos -> [Folder | Modified Date = 19/06/2008 17:43:18 | Attr = R ]
    AnyDVDHD -> %UserProfile%\Mes documents\AnyDVDHD -> [Folder | Modified Date = 20/06/2008 09:07:54 | Attr = ]
    Visual Studio 2008 -> %UserProfile%\Mes documents\Visual Studio 2008 -> [Folder | Modified Date = 20/06/2008 10:21:16 | Attr = ]
    Mes fichiers reçus -> %UserProfile%\Mes documents\Mes fichiers reçus -> [Folder | Modified Date = 20/06/2008 11:04:52 | Attr = ]
    Hercules webcam -> %UserProfile%\Mes documents\Hercules webcam -> [Folder | Modified Date = 20/06/2008 11:49:16 | Attr = ]
    Nero Home -> %UserProfile%\Mes documents\Nero Home -> [Folder | Modified Date = 20/06/2008 12:12:56 | Attr = ]
    Bluetooth -> %UserProfile%\Mes documents\Bluetooth -> [Folder | Modified Date = 20/06/2008 19:32:08 | Attr = ]
    avast! Antivirus.lnk -> %AllUsersProfile%\Bureau\avast! Antivirus.lnk -> [Ver = | Size = 1617 bytes | Modified Date = 20/06/2008 08:33:04 | Attr = ]
    AnyDVD.lnk -> %AllUsersProfile%\Bureau\AnyDVD.lnk -> [Ver = | Size = 662 bytes | Modified Date = 20/06/2008 09:20:54 | Attr = ]
    CloneDVD2.lnk -> %AllUsersProfile%\Bureau\CloneDVD2.lnk -> [Ver = | Size = 760 bytes | Modified Date = 20/06/2008 09:21:44 | Attr = ]
    CloneDVDmobile.lnk -> %AllUsersProfile%\Bureau\CloneDVDmobile.lnk -> [Ver = | Size = 762 bytes | Modified Date = 20/06/2008 09:23:34 | Attr = ]
    Nero StartSmart.lnk -> %AllUsersProfile%\Bureau\Nero StartSmart.lnk -> [Ver = | Size = 2309 bytes | Modified Date = 20/06/2008 11:57:54 | Attr = ]
    EPSON Smart Panel.lnk -> %AllUsersProfile%\Bureau\EPSON Smart Panel.lnk -> [Ver = | Size = 1483 bytes | Modified Date = 20/06/2008 18:56:48 | Attr = ]
    Samsung PC Studio 3.lnk -> %AllUsersProfile%\Bureau\Samsung PC Studio 3.lnk -> [Ver = | Size = 673 bytes | Modified Date = 20/06/2008 19:13:22 | Attr = ]
    Spybot - Search & Destroy.lnk -> %UserProfile%\Bureau\Spybot - Search & Destroy.lnk -> [Ver = | Size = 871 bytes | Modified Date = 19/06/2008 15:43:24 | Attr = ]
    Poste de travail.lnk -> %UserProfile%\Bureau\Poste de travail.lnk -> [Ver = | Size = 104 bytes | Modified Date = 19/06/2008 15:49:08 | Attr = ]
    Windows Media Player.lnk -> %UserProfile%\Bureau\Windows Media Player.lnk -> [Ver = | Size = 690 bytes | Modified Date = 19/06/2008 17:43:08 | Attr = ]
    ZNsoft Free.lnk -> %UserProfile%\Bureau\ZNsoft Free.lnk -> [Ver = | Size = 1721 bytes | Modified Date = 20/06/2008 08:39:06 | Attr = ]
    ZNsoft Utility.lnk -> %UserProfile%\Bureau\ZNsoft Utility.lnk -> [Ver = | Size = 739 bytes | Modified Date = 20/06/2008 08:39:34 | Attr = ]
    CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [Ver = | Size = 1456 bytes | Modified Date = 20/06/2008 08:43:38 | Attr = ]
    Free Mp3 Wma Converter.lnk -> %UserProfile%\Bureau\Free Mp3 Wma Converter.lnk -> [Ver = | Size = 808 bytes | Modified Date = 20/06/2008 08:55:52 | Attr = ]
    Free CD Ripper.lnk -> %UserProfile%\Bureau\Free CD Ripper.lnk -> [Ver = | Size = 810 bytes | Modified Date = 20/06/2008 08:55:52 | Attr = ]
    dvdSanta.lnk -> %UserProfile%\Bureau\dvdSanta.lnk -> [Ver = | Size = 590 bytes | Modified Date = 20/06/2008 08:59:02 | Attr = ]
    Free FLV Converter.lnk -> %UserProfile%\Bureau\Free FLV Converter.lnk -> [Ver = | Size = 700 bytes | Modified Date = 20/06/2008 09:03:38 | Attr = ]
    Capturino.lnk -> %UserProfile%\Bureau\Capturino.lnk -> [Ver = | Size = 639 bytes | Modified Date = 20/06/2008 09:06:18 | Attr = ]
    Game Jackal.lnk -> %UserProfile%\Bureau\Game Jackal.lnk -> [Ver = | Size = 665 bytes | Modified Date = 20/06/2008 09:25:56 | Attr = ]
    Microsoft Office Word 2007.lnk -> %UserProfile%\Bureau\Microsoft Office Word 2007.lnk -> [Ver = | Size = 2659 bytes | Modified Date = 20/06/2008 09:39:02 | Attr = ]
    ESPRX500 Guide de référence.lnk -> %UserProfile%\Bureau\ESPRX500 Guide de référence.lnk -> [Ver = | Size = 1553 bytes | Modified Date = 20/06/2008 18:54:42 | Attr = ]
    ESPRX500 Guide fonctionnement.lnk -> %UserProfile%\Bureau\ESPRX500 Guide fonctionnement.lnk -> [Ver = | Size = 1550 bytes | Modified Date = 20/06/2008 18:54:54 | Attr = ]
    ESPRX500 Guide des logiciels.lnk -> %UserProfile%\Bureau\ESPRX500 Guide des logiciels.lnk -> [Ver = | Size = 1553 bytes | Modified Date = 20/06/2008 19:00:00 | Attr = ]
    VirtumundoBeGone.exe -> %UserProfile%\Bureau\VirtumundoBeGone.exe -> Business Information Solutions [Ver = 1.5 | Size = 96978 bytes | Modified Date = 19/06/2008 16:50:12 | Attr = ]
    OTMoveIt2.exe -> %UserProfile%\Bureau\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.2 | Size = 291328 bytes | Modified Date = 20/06/2008 10:05:48 | Attr = ]
    OTScanIt -> %UserProfile%\Bureau\OTScanIt -> [Folder | Modified Date = 20/06/2008 19:54:14 | Attr = ]
    ATF-Cleaner.exe -> %UserProfile%\Bureau\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 20/06/2008 20:16:52 | Attr = ]
    BlueSoleil.lnk.disabled -> %AllUsersProfile%\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk.disabled -> [Ver = | Size = 1794 bytes | Modified Date = 20/06/2008 19:29:36 | Attr = ]
    DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 20/06/2008 09:35:12 | Attr = ]
    Merge Modules -> %CommonProgramFiles%\Merge Modules -> [Folder | Modified Date = 20/06/2008 10:19:26 | Attr = ]
    WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Modified Date = 20/06/2008 10:57:42 | Attr = HS]
    Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Modified Date = 20/06/2008 11:49:16 | Attr = ]

    < End of report >
    [/code]
    21 Juin 2008 13:02:54

    Bonjour, On va procéder autrement ;) 

    Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer.
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.

    ;) 
    22 Juin 2008 08:24:27

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:26:55, on 22/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files\My Lockbox\flockbox.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [flockbox] C:\Program Files\My Lockbox\flockbox.exe /a
    O4 - HKLM\..\Run: [EPSON Stylus Photo RX500] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /O6 "USB001" /M "Stylus Photo RX500"
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [EPSON Stylus Photo RX500] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /M "Stylus Photo RX500" /EF "HKCU"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BlueSoleil.lnk.disabled
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 8571 bytes
    22 Juin 2008 08:33:30

    Je viens de te poster mon rapport HijackThis.
    Merci pour ta réponse.
    J'aurais aussi voulu savoir ce que signifie le message "Bootkit Write: Virus-Continue Y/N"
    Ce message est apparu à la fin du processus de restauration de mon dvd d'origine du system.
    J'ai fait "Yes" pour finaliser la restauration.
    Puis j'ai réinstallé toutes mes apps, et au lancement de spybot Virtumonde était toujours là, c'est pourquoi je suis ici.
    A bientot et encore merci.
    22 Juin 2008 08:44:56

    Je pense que ce scan est clean tu me dira si tu pense que non, et si c'est le cas, comment savoir si il reste des traces?
    Je pense que virtumonde était sur le fichier .exe contenu dans une application téléchargée sur limewire.
    OTscanit lui incluait ma 2eme partition (D:)  mais aussi J: l'emplacement de ma clé usb.
    Donc si tu as besoin de plus d'infos je peux refaire un scan avec et l'uploader sur mediafire.com
    Je voudrais etre sur de ne plus avoir de traces car j'ai aussi contaminé l'ordi de mon frere avec ma clé et je pense qu'en suite je te posterai le rapport du scan de son ordi si tu veux bien.
    Mais chaque chose en son temps. lol
    Désolé merci et bye.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS