Page 1 of 4 123 ... LastLast
Results 1 to 10 of 40
  1. #1
    Member
    Join Date
    Jul 2014
    Posts
    27
    Points
    0

    Default Outlook 2003 extremely slow

    My laptop runs with MS Windows XP. It has 250 Go hard disk (which I tested and found to be OK using HDScan). The RAM is 3Go. The antivirus is Avast Internet Security (latest version).

    I don't have any problem running most software. However, when I start Outlook, my hard disk runs non stop and everything comes to a near standstill. Any command in Outlook will take forever to happen. This has only started about 2 weeks ago.

    Since then, I've been exploring everything that I could find on the subject on the Internet.

    I deleted all that I could in Outlook's Inbox, Deleted Items box, etc. I also got rid of the archive.pst file that had saved messages in it so as to reduce the amount of mail messages left in Outlook. At present, there are about 650 messages in the Inbox.

    I defragmented my hard disk a few times using two different programs. I ran MalwareAntimalwareByte a few times and found 2 or 3 PUPs that I quarantined using the program.

    I ran DrWeb Cureit and corrected what I could. I did the same thing with CCleaner.

    I ran hijackthis and I'm providing the log below:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:58:34, on 2014-07-27
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\afwServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    C:\Program Files\Spamihilator\spamihilator.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe
    C:\Program Files\NVMS5 Standard Edition\bin\watch.exe
    C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\FLIR Systems\FLIR Device Drivers\FLIR T3Srv\sysx86\T3Srv.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - (no file)
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-21-1202660629-1060284298-1801674531-1041 Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (User '?')
    O4 - .DEFAULT User Startup: IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\iehome.bat (User 'Default user')
    O4 - Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
    O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
    O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.ca/
    O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc.c.../CpcViewAX.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1252573903906
    O16 - DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} (DVR4204 Client Control) - http://173.246.95.65/EDVR.CAB
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1347395172656
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn...Detection2.cab
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcDcToday.ocx
    O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} (WebClient Control) - http://98.238.19.60/WebClient.exe
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} -
    O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} -
    O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab...l_4.3.16.0.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcPreview.ocx
    O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot.mrnf.gouv.qc.ca/ACGM/acgm.cab
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logmein.com//activex/ractrl.cab?lmi=1058
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: protector.dll
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: FileOpen Manager Service (FileOpenManagerSvc) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: MySQL55 - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: NVMS-SRV-DB - Unknown owner - C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe
    O23 - Service: NVMS-SRV-NRU - Unknown owner - C:\Program Files\NVMS5 Standard Edition\bin\nru.exe
    O23 - Service: NVMS-SRV-VTDU - Unknown owner - C:\Program Files\NVMS5 Standard Edition\bin\vtdu.exe
    O23 - Service: NVMS-SRV-WATCH - Unknown owner - C:\Program Files\NVMS5 Standard Edition\bin\watch.exe
    O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: FLIR Systems Camera Monitor (T3Srv) - FLIR - C:\Program Files\FLIR Systems\FLIR Device Drivers\FLIR T3Srv\sysx86\T3Srv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

    --
    End of file - 13016 bytes

    Can you help?

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.[/*]
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner

  3. #3
    Member
    Join Date
    Jul 2014
    Posts
    27
    Points
    0

    Default

    Good morning Zep516,

    Thank you for your reply. Had I known that it would happen so quickly, I would have staid up a little longer. I'm going to stay online today.

    I did what you suggested. Here is the log file. Should you have problem with any of the french words, please let me know and I will translate them.

    I also forgot to tell you that I reinstalled Office 2003 before coming to this site for help.

    Jean-Pierre

    # AdwCleaner v3.300 - Rapport créé le 28/07/2014 à 08:21:22
    # Mis à jour le 27/07/2014 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : Profil test - BVI6
    # Exécuté depuis : C:\Documents and Settings\Profil test\Mes documents\Downloads\adwcleaner_3.300.exe
    # Option : Nettoyer

    ***** [ Services ] *****


    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\ParetoLogic
    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
    Dossier Supprimé : C:\Program Files\iMesh Applications
    Dossier Supprimé : C:\Program Files\Fichiers communs\ParetoLogic
    Dossier Supprimé : C:\Documents and Settings\All Users\Uniblue
    Dossier Supprimé : C:\Documents and Settings\Profil test\Local Settings\Application Data\FileTypeAssistant
    Dossier Supprimé : C:\Documents and Settings\Profil test\Application Data\DriverCure
    Dossier Supprimé : C:\Documents and Settings\Profil test\Application Data\FinalMediaPlayer
    Dossier Supprimé : C:\Documents and Settings\Profil test\Application Data\ParetoLogic
    Dossier Supprimé : C:\Documents and Settings\Profil test\Application Data\SpeedMaxPc
    Dossier Supprimé : C:\Documents and Settings\Profil test\Application Data\Systweak
    Dossier Supprimé : C:\Documents and Settings\Profil test\Application Data\Uniblue
    Dossier Supprimé : C:\Documents and Settings\usager\Local Settings\Application Data\FileTypeAssistant
    Dossier Supprimé : C:\Documents and Settings\usager\Local Settings\Application Data\iMesh
    Dossier Supprimé : C:\Documents and Settings\usager\Local Settings\Application Data\PackageAware
    Dossier Supprimé : C:\Documents and Settings\usager\Application Data\DriverCure
    Dossier Supprimé : C:\Documents and Settings\usager\Application Data\ParetoLogic
    Dossier Supprimé : C:\Documents and Settings\usager\Menu Démarrer\Programmes\ParetoLogic
    Dossier Supprimé : C:\Documents and Settings\usager\Menu Démarrer\Programmes\Video Converter
    [!] Dossier Supprimé : C:\Documents and Settings\usager\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
    Fichier Supprimé : C:\END
    Fichier Supprimé : C:\Documents and Settings\Profil test\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
    Fichier Supprimé : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\ldpdtcta.default-1349460608078\user.js
    Fichier Supprimé : C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data
    Fichier Supprimé : C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences

    ***** [ Tâches planifiées ] *****

    Tâche supprimée : paretologic registration3
    Tâche supprimée : paretologic update version3
    Tâche supprimée : PC Health Advisor Defrag
    Tâche supprimée : PC Health Advisor

    ***** [ Raccourcis ] *****


    ***** [ Registre ] *****

    Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
    Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C23B756A-BD9F-4CA6-ADED-17AB8CCF3E8B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C23B756A-BD9F-4CA6-ADED-17AB8CCF3E8B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C23B756A-BD9F-4CA6-ADED-17AB8CCF3E8B}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
    Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\Tinytag\Tinytag Explorer\aspen.exe]
    Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Tinytag\Tinytag Explorer\aspen.exe]
    Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\File Type Assistant\tsassist.exe]
    Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe]
    Clé Supprimée : HKCU\Software\Conduit
    Clé Supprimée : HKCU\Software\IM
    Clé Supprimée : HKCU\Software\ParetoLogic
    Clé Supprimée : HKCU\Software\powerpack
    Clé Supprimée : HKCU\Software\SpeedMaxPC
    Clé Supprimée : HKLM\Software\Conduit
    Clé Supprimée : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
    Clé Supprimée : HKLM\Software\ParetoLogic
    Clé Supprimée : HKLM\Software\SpeedMaxPC
    Clé Supprimée : HKLM\Software\systweak
    Clé Supprimée : HKLM\Software\Uniblue
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}

    ***** [ Navigateurs ] *****

    -\\ Internet Explorer v8.0.6001.18702


    -\\ Mozilla Firefox v27.0 (fr)

    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\2sb35fdn.default-1348081054718\prefs.js ]


    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\5u0cjodq.default-1349233033531\prefs.js ]


    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\jnts2b75.default\prefs.js ]

    Ligne Supprimée : user_pref("extensions.wrc.searchrules.ask.com.style", ".wrcn {display:none} #yui-main .tsrc_vnru .title + .wrcn, #yui-main #teoma-results .title + .wrcn {display:inline !important; background: url(\"i[...]
    Ligne Supprimée : user_pref("extensions.wrc.searchrules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
    Ligne Supprimée : user_pref("extensions.wrc.searchrules.rambler.ru.style", ".wrcn {display:none} .search-results .title + .wrcn {display:inline !important; background: url(\"image\") right no-repeat}");

    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\kngum293.default-1349097165625\prefs.js ]


    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\ldpdtcta.default-1349460608078\prefs.js ]


    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\n0vrllvc.default-1349287521859\prefs.js ]


    [ Fichier : C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\qg2dhxlx.default-1349452022484\prefs.js ]


    -\\ Google Chrome v36.0.1985.125

    [ Fichier : C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


    [ Fichier : C:\Documents and Settings\usager\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

    Supprimée [Extension] : jpihmmhdcobmllpcnpfbhnipmhamldje

    *************************

    AdwCleaner[R0].txt - [8524 octets] - [28/07/2014 08:13:29]
    AdwCleaner[S0].txt - [8294 octets] - [28/07/2014 08:21:22]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8354 octets] ##########
    Last edited by bioptic; 07-28-2014 at 09:54 AM.

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Hello,

    Off to a good start adwCleaner has Nettoyer quite a bit..

    Next

    Please download Malwarebytes Anti-Malware to your desktop
    Install the progamme and select update
    Once it has updated select Settings > Detection and Protection
    Tick Scan for rootkits

    [img=https://dl.dropboxusercontent.com/u/73555776/MBAMsettings.JPG]

    Go back to the Dashboard and select Scan Now

    [img=https://dl.dropboxusercontent.com/u/73555776/MBAMScan.JPG]

    If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

    [img=https://dl.dropboxusercontent.com/u/73555776/MBAMReboot.JPG]

    [img=https://dl.dropboxusercontent.com/u/73555776/MBAMLog.JPG]

    On completion of the scan (or after the reboot) select View Detailed Log
    Select Export > Select text file and save to the desktop

    Post that log

    EDIT Not sure why the forum is not displaying images, can you make your way through it ?
    Last edited by zep516; 07-28-2014 at 05:34 PM.

  5. #5
    Member
    Join Date
    Jul 2014
    Posts
    27
    Points
    0

    Default

    Hello Zep516,

    Thanks for your reply. No problem running through this without pictures.

    Here is the log:

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 2014-07-28
    Scan Time: 18:57:24
    Logfile: 14-07-28 Malwarebytes scan log.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.28.06
    Rootkit Database: v2014.07.17.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows XP Service Pack 3
    CPU: x86
    File System: NTFS
    User: Profil test

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 410448
    Time Elapsed: 22 min, 58 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.BProtector.A, C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotector web data, Quarantined, [23c3c2e2dc9f00368b7564abf70d43bd],
    PUP.Optional.BProtector.A, C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences, Quarantined, [8a5c93118af1330351b018f7c73d57a9],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Malwarebytes Anti-Malware did not ask for a reboot. So I didn't in an effort to reply to you ASAP.

    Regards,

    Jean-Pierre

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Well done ! Don't be in a hurry. I'm here till late tonite.... Reboot the computer....

    Lets take a good overall look at the computer now, This scan generates 2 log reports, post 1 log in a reply then the next log in the next reply. Sometimes the forum struggles with the posting of these logs just to let you know. You submit it and may have to wait a bit for it to upload..

    Here we go..

    First

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.


    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    Joe
    Last edited by zep516; 07-28-2014 at 07:03 PM.

  7. #7
    Member
    Join Date
    Jul 2014
    Posts
    27
    Points
    0

    Default

    Good evening Joe,

    Here is the OTL file:

    OTL logfile created on: 2014-07-28 20:22:11 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Profil test\Mes documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    2,99 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 80,44% Memory free
    4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,52% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 232,88 Gb Total Space | 46,48 Gb Free Space | 19,96% Space Free | Partition Type: NTFS
    Drive E: | 698,63 Gb Total Space | 683,87 Gb Free Space | 97,89% Space Free | Partition Type: NTFS

    Computer Name: BVI6 | User Name: Profil test | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014-07-28 20:16:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Profil test\Mes documents\Downloads\OTL.exe
    PRC - [2014-07-27 22:14:34 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2014-07-27 22:14:33 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2014-07-10 13:52:37 | 002,024,960 | ---- | M] (Michel Krämer) -- C:\Program Files\Spamihilator\spamihilator.exe
    PRC - [2014-06-09 08:55:45 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014-05-07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
    PRC - [2014-03-12 16:52:16 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
    PRC - [2012-02-07 19:19:26 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    PRC - [2011-12-23 11:48:56 | 000,176,640 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\bin\watch.exe
    PRC - [2011-12-09 20:47:42 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
    PRC - [2010-03-18 16:26:10 | 000,457,312 | ---- | M] (FLIR) -- C:\Program Files\FLIR Systems\FLIR Device Drivers\FLIR T3Srv\sysx86\T3Srv.exe
    PRC - [2009-03-16 14:29:28 | 006,562,432 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe
    PRC - [2009-02-09 05:01:52 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PRC - [2008-05-07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
    PRC - [2008-04-15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008-04-14 08:00:00 | 001,037,824 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007-11-21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
    PRC - [2007-02-11 20:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
    PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2014-07-28 12:58:08 | 002,795,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14072802\algo.dll
    MOD - [2014-07-27 22:14:38 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2014-07-27 22:14:35 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
    MOD - [2014-07-10 13:52:37 | 000,279,040 | ---- | M] () -- C:\Program Files\Spamihilator\sqlite3.dll
    MOD - [2014-07-10 13:52:37 | 000,060,416 | ---- | M] () -- C:\Program Files\Spamihilator\zlib1.dll
    MOD - [2014-03-12 16:53:02 | 000,063,376 | ---- | M] () -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
    MOD - [2012-07-04 15:29:09 | 000,748,544 | ---- | M] () -- C:\WINDOWS\system32\protector.dll
    MOD - [2011-12-23 11:48:56 | 000,176,640 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\bin\watch.exe
    MOD - [2009-03-16 14:29:28 | 006,562,432 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe


    ========== Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\DOCUME~1\ALLUSE~1\APPLIC~1\t1bjat.plz -- (winmgmt)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
    SRV - File not found [Auto | Stopped] -- C:\Program Files\NVMS5 Standard Edition\bin\vtdu.exe vtdu.cfg -- (NVMS-SRV-VTDU)
    SRV - File not found [Auto | Stopped] -- C:\Program Files\NVMS5 Standard Edition\bin\nru.exe nru.cfg -- (NVMS-SRV-NRU)
    SRV - [2014-07-27 22:14:33 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2014-07-27 22:14:20 | 000,106,488 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
    SRV - [2014-07-09 12:16:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014-06-09 08:55:59 | 000,203,088 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
    SRV - [2014-06-09 08:55:45 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
    SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2014-05-07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2014-03-12 16:52:16 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
    SRV - [2014-01-28 02:54:10 | 000,118,896 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013-12-11 17:11:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
    SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013-01-18 17:10:18 | 000,577,536 | ---- | M] (Research In Motion Limited) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe -- (Blackberry Device Manager)
    SRV - [2012-08-29 12:37:30 | 008,197,120 | ---- | M] () [Auto | Stopped] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL55)
    SRV - [2012-02-29 19:30:02 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2012-02-07 20:35:06 | 000,919,824 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
    SRV - [2012-02-07 19:39:52 | 000,866,576 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV - [2012-02-07 19:19:26 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV - [2012-02-07 12:57:14 | 000,182,784 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Allway Sync\Allway Sync\Bin\SyncService.exe -- (BotkindSyncService)
    SRV - [2011-12-23 11:48:56 | 000,176,640 | ---- | M] () [Auto | Running] -- C:\Program Files\NVMS5 Standard Edition\bin\watch.exe -- (NVMS-SRV-WATCH)
    SRV - [2011-12-09 20:47:42 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) [Auto | Running] -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe -- (FileOpenManagerSvc)
    SRV - [2011-07-20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
    SRV - [2010-03-18 16:26:10 | 000,457,312 | ---- | M] (FLIR) [Auto | Running] -- C:\Program Files\FLIR Systems\FLIR Device Drivers\FLIR T3Srv\sysx86\T3Srv.exe -- (T3Srv)
    SRV - [2009-03-17 15:36:12 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
    SRV - [2009-03-16 14:29:28 | 006,562,432 | ---- | M] () [Auto | Running] -- C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe -- (NVMS-SRV-DB)
    SRV - [2009-02-09 05:01:52 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
    SRV - [2008-05-07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
    SRV - [2008-04-15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2007-11-21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
    SRV - [2007-02-11 20:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
    SRV - [2006-10-26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
    SRV - [2006-10-23 08:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
    SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
    SRV - [2004-10-15 16:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
    SRV - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\kjrxm.sys -- (sipbs)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [File_System | Boot | Stopped] -- -- (Lbd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Lavasoft Kernexplorer)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
    DRV - [2014-07-27 22:14:55 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
    DRV - [2014-07-27 22:14:39 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
    DRV - [2014-07-27 22:14:39 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2014-07-27 22:14:39 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2014-07-27 22:14:39 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2014-07-27 22:14:39 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswrdr.sys -- (aswRdr)
    DRV - [2014-07-27 22:14:39 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2014-07-27 22:14:39 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
    DRV - [2014-07-27 22:14:25 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
    DRV - [2014-07-27 22:14:21 | 000,252,872 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
    DRV - [2014-06-09 08:55:46 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
    DRV - [2014-05-12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2014-03-12 16:35:16 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
    DRV - [2014-03-12 16:33:56 | 000,058,736 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
    DRV - [2014-03-12 16:33:56 | 000,040,304 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
    DRV - [2013-12-11 17:11:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
    DRV - [2013-12-11 17:11:50 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
    DRV - [2012-04-13 06:05:20 | 000,062,216 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
    DRV - [2012-04-13 06:05:06 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
    DRV - [2012-01-23 15:33:50 | 007,477,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32)
    DRV - [2011-10-07 16:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
    DRV - [2011-09-14 09:58:38 | 000,299,424 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
    DRV - [2011-02-17 11:42:22 | 000,095,024 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
    DRV - [2010-05-19 22:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
    DRV - [2010-04-27 04:51:26 | 004,687,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2009-12-18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
    DRV - [2009-09-11 17:34:22 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2009-03-23 18:28:24 | 000,054,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
    DRV - [2009-03-19 15:07:32 | 000,043,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
    DRV - [2009-03-12 12:33:08 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
    DRV - [2009-03-05 12:03:16 | 000,074,368 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
    DRV - [2009-03-03 16:42:56 | 000,036,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
    DRV - [2009-02-19 17:20:10 | 000,063,872 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
    DRV - [2009-02-13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
    DRV - [2009-02-09 03:54:24 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
    DRV - [2008-11-17 15:23:16 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
    DRV - [2008-10-06 18:56:38 | 000,137,984 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
    DRV - [2008-07-15 20:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
    DRV - [2008-05-29 11:27:00 | 003,692,160 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
    DRV - [2008-04-14 14:15:30 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
    DRV - [2008-04-13 11:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
    DRV - [2008-03-25 14:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
    DRV - [2008-03-24 19:22:00 | 000,985,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
    DRV - [2008-03-24 19:22:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2008-03-24 19:22:00 | 000,210,560 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
    DRV - [2008-03-17 12:45:52 | 000,019,584 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX)
    DRV - [2008-01-31 17:18:56 | 000,732,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (CnxtHdAudAddService)
    DRV - [2007-11-05 19:25:00 | 000,101,888 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2007-07-19 17:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2007-05-28 14:01:50 | 000,006,912 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\QIOMem.sys -- (QIOMem)
    DRV - [2007-03-26 12:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
    DRV - [2007-02-19 12:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
    DRV - [2006-12-12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
    DRV - [2006-10-23 17:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
    DRV - [2006-10-18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV - [2006-01-12 16:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
    DRV - [2005-12-21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
    DRV - [2005-12-21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
    DRV - [2005-12-21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
    DRV - [2005-09-23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
    DRV - [2005-06-10 01:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
    DRV - [2005-05-05 14:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
    DRV - [2003-01-10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
    DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{492222E2-1A09-4F12-9D27-7A4BD5DC2B04}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}


    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google Advanced Search
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..\SearchScopes\{492222E2-1A09-4F12-9D27-7A4BD5DC2B04}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_frCA565
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/advanced_search"
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@EDVR/WebClient: C:\windows\system32\WebClient\npwebclient.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
    FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Fichiers communs\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-27 22:14:42 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014-02-06 12:48:26 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-07-24 16:01:10 | 000,000,000 | ---D | M]

    [2012-02-29 20:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Extensions
    [2012-09-19 14:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\jnts2b75.default\extensions
    [2014-03-22 12:46:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\ldpdtcta.default-1349460608078\Extensions
    [2014-03-22 12:46:26 | 000,000,000 | ---D | M] (ObviousIdea Addon) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\ldpdtcta.default-1349460608078\Extensions\toolbarbutton@obviousidea.us
    [2013-04-12 11:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2013-04-12 11:58:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2014-02-06 17:04:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
    [2014-02-06 17:04:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013-04-12 11:59:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2013-01-12 11:19:45 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2013-04-12 11:58:51 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012-12-07 17:34:03 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2013-01-12 11:19:45 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2013-04-12 11:58:51 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
    [2013-01-12 11:19:45 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2012-02-28 16:04:46 | 000,020,569 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\xfinity.xml
    [2012-12-07 17:34:03 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    ========== Chrome ==========

    CHR - homepage:
    CHR - plugin: Error reading preferences file
    CHR - Extension: ObviousIdea = C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnefekibahpibgnllfjpckodgobkpije\2.0_0\
    CHR - Extension: avast! Online Security = C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
    CHR - Extension: GoogleÂ*Wallet = C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

    O1 HOSTS File: ([2014-07-22 09:11:27 | 000,001,010 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\IEHOME.BAT ()
    O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\IEHOME.BAT ()
    O4 - Startup: C:\Documents and Settings\Profil test\Menu Démarrer\Programmes\Démarrage\Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
    O4 - Startup: C:\Documents and Settings\usager\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = [binary data]
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
    O9 - Extra Button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy ()
    O9 - Extra 'Tools' menuitem : MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy ()
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O15 - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/pr.../ieawsdc32.cab (Microsoft Office Template and Media Control)
    O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} http://www.registrefoncier.gouv.qc.c.../CpcViewAX.cab (CPC View ax Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1252573903906 (WUWebControl Class)
    O16 - DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://173.246.95.65/EDVR.CAB (DVR4204 Client Control)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1347395172656 (MUWebControl Class)
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab (GMNRev Class)
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcDcToday.ocx (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.60.2)
    O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://98.238.19.60/WebClient.exe (WebClient Control)
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downlo...oadManager.cab (Reg Error: Key error.)
    O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_51)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.60.2)
    O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab...l_4.3.16.0.cab (SysInfo Class)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcPreview.ocx (Reg Error: Key error.)
    O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} http://infolot.mrnf.gouv.qc.ca/ACGM/acgm.cab (ActiveCGM Control)
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058 (Reg Error: Key error.)
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{286E34A1-399E-4B5A-B5D1-162710A6D944}: DhcpNameServer = 192.168.88.1
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (protector.dll) - C:\WINDOWS\System32\protector.dll ()
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
    O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\Profil test\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Profil test\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008-07-01 15:07:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014-07-28 18:56:59 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    [2014-07-28 18:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
    [2014-07-28 18:56:42 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
    [2014-07-28 18:56:42 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2014-07-28 18:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
    [2014-07-28 08:15:01 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll
    [2014-07-28 08:12:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014-07-28 07:16:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
    [2014-07-27 22:14:39 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2014-07-27 21:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Menu Démarrer\Programmes\HiJackThis
    [2014-07-27 21:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2014-07-27 20:59:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Profil test\Recent
    [2014-07-27 17:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Application Data\Auslogics
    [2014-07-25 22:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Menu Démarrer\Programmes\Application Compatibility Toolkit
    [2014-07-25 22:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Application Compatibility Toolkit
    [2014-07-25 22:03:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Support Tools
    [2014-07-25 22:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Support Tools
    [2014-07-23 14:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TechSmith
    [2014-07-23 14:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
    [2014-07-23 12:14:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.VC80.MFC
    [2014-07-23 12:14:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.VC80.CRT
    [2014-07-23 12:14:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.VC80.ATL
    [2014-07-23 09:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Local Settings\Application Data\Apple
    [2014-07-22 11:11:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\CrypKey
    [2014-07-22 11:11:02 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\WINDOWS\Ckconfig.exe
    [2014-07-22 11:11:02 | 000,122,880 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\System32\Crypserv.exe
    [2014-07-22 11:10:54 | 000,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix Outlook PST Repair
    [2014-07-22 07:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Mes documents\Nouveau dossier (3)
    [2014-07-22 07:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Mes documents\Nouveau dossier (2)
    [2014-07-22 07:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Mes documents\Nouveau dossier
    [2014-07-16 17:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Bureau\La rénovation des bâtiments - André Bergeron - Google Livres_files
    [2014-07-10 14:24:02 | 000,058,736 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\acsmux.sys
    [2014-07-10 14:23:57 | 000,040,304 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\acsint.sys
    [2014-07-10 14:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Cisco
    [2014-07-10 14:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
    [2014-07-10 14:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Local Settings\Application Data\Cisco
    [2014-07-10 14:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco
    [2014-07-10 14:19:40 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
    [2014-07-10 14:19:40 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
    [2014-07-10 14:19:28 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
    [2014-07-10 14:19:28 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
    [2014-07-10 14:19:28 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
    [2014-07-10 14:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
    [2014-07-10 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spamihilator
    [2014-07-10 13:52:38 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
    [2014-07-10 13:52:38 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
    [2014-07-08 14:20:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Profil test\Cookies
    [2014-07-07 19:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
    [2014-07-07 19:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Doctor Web
    [2014-07-07 10:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Application Data\ErrorTeck
    [2014-01-15 15:35:56 | 003,837,112 | ---- | C] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Client (2).exe
    [2010-08-20 18:51:18 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Profil test\Application Data\pcouffin.sys
    [2010-04-07 10:33:48 | 014,593,746 | ---- | C] (Natural Resources Canada ) -- C:\Program Files\H2K-Setup-GEN.exe
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp -> ]
    [1 C:\*.tmp files -> C:\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014-07-28 20:18:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2014-07-28 20:14:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2014-07-28 20:13:15 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
    [2014-07-28 20:13:15 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\WSSHelper.job
    [2014-07-28 20:12:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2014-07-28 20:06:51 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    [2014-07-28 18:54:31 | 000,104,990 | ---- | M] () -- C:\Documents and Settings\Profil test\wtge61fr.HST
    [2014-07-27 22:16:59 | 000,001,750 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
    [2014-07-27 22:14:55 | 000,414,520 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
    [2014-07-27 22:14:39 | 000,779,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
    [2014-07-27 22:14:39 | 000,276,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2014-07-27 22:14:39 | 000,192,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
    [2014-07-27 22:14:39 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    [2014-07-27 22:14:39 | 000,057,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2014-07-27 22:14:39 | 000,055,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
    [2014-07-27 22:14:39 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
    [2014-07-27 22:14:39 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2014-07-27 22:14:39 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
    [2014-07-27 22:14:25 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
    [2014-07-27 22:14:21 | 000,252,872 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
    [2014-07-27 21:54:49 | 000,001,996 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\HiJackThis.lnk
    [2014-07-26 18:03:33 | 000,000,608 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\Raccourci vers ADMINS sur NASServer (Nasbioptic).lnk
    [2014-07-26 13:44:44 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Profil test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2014-07-25 18:44:05 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\Raccourci vers CLIENTELES sur NASServer (Nasbioptic).lnk
    [2014-07-25 08:08:12 | 000,321,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2014-07-24 17:16:14 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Profil test\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
    [2014-07-24 17:16:11 | 000,579,614 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2014-07-24 17:16:11 | 000,506,014 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2014-07-24 17:16:11 | 000,105,992 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2014-07-24 17:16:11 | 000,089,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2014-07-24 16:40:44 | 000,000,743 | -H-- | M] () -- C:\WINDOWS\ODBC.INI
    [2014-07-23 09:44:26 | 000,000,127 | ---- | M] () -- C:\WINDOWS\Crypkey.ini
    [2014-07-23 08:58:53 | 000,001,056 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2014-07-23 08:58:53 | 000,001,052 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2014-07-23 08:58:53 | 000,000,644 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
    [2014-07-23 08:58:53 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\TechSmith Updater.job
    [2014-07-23 08:58:53 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
    [2014-07-23 08:58:38 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2014-07-22 16:54:25 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.ind
    [2014-07-22 11:11:52 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.nlp
    [2014-07-22 11:11:52 | 000,000,004 | ---- | M] () -- C:\WINDOWS\vx86036.dat
    [2014-07-22 09:11:27 | 000,001,010 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2014-07-22 07:47:57 | 000,189,530 | ---- | M] () -- C:\Documents and Settings\Profil test\Mes documents\suite_9.0.2018_2014-7-22_4-42-38.avastconfig
    [2014-07-21 05:32:46 | 000,135,952 | ---- | M] (trend_company_name) -- C:\WINDOWS\System32\drivers\tmrkb.sys
    [2014-07-17 19:45:00 | 000,000,240 | -HS- | M] () -- C:\boot.ini
    [2014-07-16 17:32:59 | 000,167,123 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\La rénovation des bâtiments - André Bergeron - Google Livres.htm
    [2014-07-10 17:08:48 | 000,000,836 | -H-- | M] () -- C:\WINDOWS\BRWMARK.INI
    [2014-07-10 17:08:48 | 000,000,027 | -H-- | M] () -- C:\WINDOWS\BRPP2KA.INI
    [2014-07-10 15:09:10 | 000,001,770 | -H-- | M] () -- C:\Documents and Settings\Profil test\Mes documents\Default.rdp
    [2014-07-10 13:52:38 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
    [2014-07-10 13:52:38 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
    [2014-07-09 12:16:24 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2014-07-09 12:16:24 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2014-07-09 00:30:00 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
    [2014-07-08 10:37:05 | 000,000,460 | ---- | M] () -- C:\0.bak
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp -> ]
    [1 C:\*.tmp files -> C:\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014-07-27 22:16:59 | 000,001,750 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
    [2014-07-27 21:54:49 | 000,001,996 | ---- | C] () -- C:\Documents and Settings\Profil test\Bureau\HiJackThis.lnk
    [2014-07-24 18:33:29 | 000,104,990 | ---- | C] () -- C:\Documents and Settings\Profil test\wtge61fr.HST
    [2014-07-24 17:16:14 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
    [2014-07-23 12:14:55 | 000,098,304 | ---- | C] () -- C:\WINDOWS\FunambolAddin.dll
    [2014-07-22 11:11:52 | 000,000,004 | ---- | C] () -- C:\WINDOWS\vx86036.dat
    [2014-07-22 11:11:31 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.nlp
    [2014-07-22 11:11:31 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.ind
    [2014-07-22 11:11:05 | 000,000,127 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
    [2014-07-22 11:11:02 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe
    [2014-07-22 11:11:02 | 000,019,584 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
    [2014-07-22 11:11:02 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
    [2014-07-22 11:11:02 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
    [2014-07-22 07:47:56 | 000,189,530 | ---- | C] () -- C:\Documents and Settings\Profil test\Mes documents\suite_9.0.2018_2014-7-22_4-42-38.avastconfig
    [2014-07-16 17:32:58 | 000,167,123 | ---- | C] () -- C:\Documents and Settings\Profil test\Bureau\La rénovation des bâtiments - André Bergeron - Google Livres.htm
    [2014-07-10 14:40:22 | 000,001,770 | -H-- | C] () -- C:\Documents and Settings\Profil test\Mes documents\Default.rdp
    [2014-06-19 02:01:23 | 000,190,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2014-06-18 21:53:34 | 001,766,170 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1202660629-1060284298-1801674531-1041-0.dat
    [2014-06-18 21:53:33 | 000,237,642 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    [2014-06-03 11:52:32 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
    [2014-06-03 11:52:32 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
    [2014-06-03 11:52:32 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
    [2014-05-19 09:26:09 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\lpng.dll
    [2014-03-28 14:01:37 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
    [2014-03-28 14:01:33 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\NS7100.dll
    [2014-03-28 14:01:33 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\mathdll.dll
    [2014-01-15 23:59:39 | 000,010,498 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\lpm.dat
    [2013-11-18 22:52:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\bibstats
    [2013-10-19 15:41:58 | 000,002,432 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
    [2013-09-10 03:02:27 | 000,001,552 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2013-09-09 21:20:20 | 000,016,002 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dgv.exe
    [2013-08-15 16:15:33 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Profil test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013-08-14 08:23:58 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\$_hpcst$.hpc
    [2013-08-13 16:45:02 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Profil test\Local Settings\Application Data\fusioncache.dat
    [2013-01-27 12:31:56 | 000,000,161 | ---- | C] () -- C:\WINDOWS\DISPARAM.INI
    [2012-01-31 12:55:08 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
    [2011-12-07 12:57:11 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
    [2011-12-07 00:23:39 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24t2z9XDw9XPP9
    [2011-12-07 00:23:39 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24t2z9XDw9XPP9r
    [2011-12-07 00:13:37 | 000,000,464 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\24t2z9XDw9XPP9
    [2010-08-20 18:51:18 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\inst.exe
    [2010-08-20 18:51:18 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\pcouffin.cat
    [2010-08-20 18:51:18 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\pcouffin.inf
    [2009-09-11 15:56:05 | 004,157,370 | ---- | C] () -- C:\Program Files\BullzipPDFPrinter_6_0_0_865.zip

    ========== ZeroAccess Check ==========

    [2008-07-01 15:12:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2010-03-10 00:41:37 | 001,510,400 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 06:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
    @Alternate Data Stream - 188 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

    < End of report >


    And the Extras file:

    OTL Extras logfile created on: 2014-07-28 20:22:11 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Profil test\Mes documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    2,99 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 80,44% Memory free
    4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,52% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 232,88 Gb Total Space | 46,48 Gb Free Space | 19,96% Space Free | Partition Type: NTFS
    Drive E: | 698,63 Gb Total Space | 683,87 Gb Free Space | 97,89% Space Free | Partition Type: NTFS

    Computer Name: BVI6 | User Name: Profil test | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
    .scr [@ = AutoCADScriptFile] -- C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)
    .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
    .scr [@ = AutoCADScriptFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
    hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    Unknown [openas] -- Reg Error: Key error.
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [LightImageResizer] -- "C:\Program Files\ObviousIdea\Image Resizer 4\Resize.exe" "%1" (ObviousIdea SARL)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "AntiVirusDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
    "4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
    "4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
    "4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
    "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Tinytag\Tinytag Explorer\kola.exe" = C:\Program Files\Tinytag\Tinytag Explorer\kola.exe:LocalSubNet:Enabled:Tinytag Explorer Radio Gateway -- (Gemini Data Loggers (UK) Ltd)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe" = C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (AOL Inc.)
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online)
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- (America Online, Inc)
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- (America Online Inc)
    "C:\Program Files\Fichiers communs\AOL\1252704829\EE\AOLServiceHost.exe" = C:\Program Files\Fichiers communs\AOL\1252704829\EE\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
    "C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe" = C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe:*:Enabled:AOL -- (AOL Inc.)
    "C:\Program Files\Fichiers communs\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Fichiers communs\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL
    "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe" = C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe:*:Enabled:Sprite Backup PC Service
    "C:\kav\kav7\setup.exe" = C:\kav\kav7\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup
    "C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe" = C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
    "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" = C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe:*isabled:ConfigFree(TM) Tray -- (TOSHIBA CORPORATION)
    "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
    "C:\WINDOWS\LMI7FD9.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI7FD9.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- (LogMeIn, Inc.)
    "C:\Program Files\Tinytag\Tinytag Explorer\kola.exe" = C:\Program Files\Tinytag\Tinytag Explorer\kola.exe:LocalSubNet:Enabled:Tinytag Explorer Radio Gateway -- (Gemini Data Loggers (UK) Ltd)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
    "C:\Documents and Settings\usager\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\usager\Local Settings\Application Data\Akamai\netsession_win.exe:*isabled:netsession_win -- (Akamai Technologies, Inc.)
    "C:\Program Files\Fichiers communs\AOL\1252704829\EE\aolsoftware.exe" = C:\Program Files\Fichiers communs\AOL\1252704829\EE\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
    "C:\Program Files\AOL Desktop 9.7\waol.exe" = C:\Program Files\AOL Desktop 9.7\waol.exe:*:Enabled:AOL -- (AOL Inc.)
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
    "C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe" = C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe:*:Enabled:AOL Browser -- (AOL Inc.)
    "C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox -- (Mozilla Corporation)
    "C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe" = C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:FreeFileViewerUpdateChecker
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
    "C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
    "C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
    "C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit
    "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
    "C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
    "C:\Documents and Settings\Profil test\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Profil test\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{01A05C97-0953-55B5-3278-23927449C433}" = ccc-utility
    "{0293D4CF-0EDF-41E1-805C-C298460000AE}" = MySQL Documents 5.5
    "{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
    "{0505C47B-6CBC-4DF5-9628-769566240F88}" = MySQL Connector J
    "{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0C0A2D69-7F51-4B77-B64E-AB405AC446BE}" = Toshiba Controls Utility
    "{0F09422F-B641-E01C-A46D-4362267C889B}" = CCC Help Korean
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{0FF72E37-5FDF-4A6D-B505-F00112FE9701}" = Tinytag Explorer 4.8
    "{1046C2FB-6750-43C9-AC61-3A09F23A5DB3}" = BlackBerry World Browser Plugin
    "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
    "{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
    "{14B95189-3DD8-4EAA-9B9B-67472FF12AD4}" = MySQL Installer
    "{156E98D0-1AEC-4013-A41A-94A1A01BFD68}" = O2Micro Flash Memory Card Reader Driver (x86)
    "{16AB7F63-F540-4437-B450-6A6143CC1DC7}" = ScanSnap
    "{17454FB3-7283-4AA8-8832-68C8B7B6D532}" = Logiciel Intel(R) PROSet/Wireless WiFi
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1C5E35C2-583E-436B-AFC8-FB3F9B917C33}" = FileOpen Client
    "{1D5754D6-5D39-445D-8D7A-8CAC96E1E788}" = FLIR Device Drivers
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{237A8EC0-F816-0EAA-F1D0-994A9A4C6154}" = CCC Help Norwegian
    "{23C3EF87-AD08-4F76-982D-1AE137485F08}" = MySQL Workbench 5.2 CE
    "{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
    "{294BB21B-0091-492F-87D2-A9192DA3E448}" = System Requirements Lab for Intel
    "{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35845E72-E34A-11D4-817D-005004D0F1FA}" = MarketBrowser
    "{35F15027-A18F-C2DF-637B-1A80D9C77FC5}" = CCC Help Chinese Traditional
    "{378746A9-3FAB-4DD0-A4AA-21B08ED07B5E}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
    "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
    "{3B101941-675F-4470-93D6-BFED1469DF7E}" = LoggerNet 4.2.1
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
    "{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer
    "{45473B15-6024-270C-3EDA-A889DE3F83A3}" = CCC Help German
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4642E31A-E374-A972-0F04-4E7678A68861}" = Catalyst Control Center Core Implementation
    "{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google*Earth
    "{4E38C125-6EAA-38EC-B76D-6EB8E4B56EF8}" = Catalyst Control Center Graphics Previews Common
    "{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
    "{5681C7AB-E29D-4EE9-B0F0-809A28ECECFC}" = MySQL Notifier 1.0.3
    "{5691A25E-C05B-4E0F-87DA-E80869F756C2}" = Toshiba Hotkey Utility
    "{576420A5-E1F0-4C09-A07C-F689082E666F}" = Toshiba Touchpad Utility
    "{5783F2D7-0134-0409-0000-0060B0CE6BBA}" = Autodesk Architectural Desktop 3.3
    "{5783F2D7-8001-0409-0002-0060B0CE6BBA}" = AutoCAD 2010 - English
    "{5783F2D7-8001-0409-1002-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
    "{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
    "{57BA6FD7-172B-4C0A-A575-BA808343CC3E}" = Spamihilator 1.5.0 (32 bit)
    "{599300E3-5279-36D1-512E-D545989E21A2}" = CCC Help Turkish
    "{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
    "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
    "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
    "{66F9302D-E145-4375-8C84-54DA2339C483}" = MySQL Connector C 6.0.2
    "{69733CDD-2AB0-44B7-979E-4753D810B103}" = MySQL Connector/ODBC 5.1
    "{69BBF1DA-8DFC-6B42-604F-8CCF9964618E}" = CCC Help Chinese Standard
    "{69E5255D-9D43-4CFF-8984-843ABD7753B7}" = Catalyst Control Center - Branding
    "{6AD1746D-6F7B-3BFD-0D8F-5932E62C34D5}" = CCC Help English
    "{6C2FE7F8-6C94-C2AC-4667-C7C217DE2CE0}" = CCC Help Polish
    "{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pilote vidéo Pinnacle
    "{6FA90C58-12F5-4712-B829-D2B304E4D2C1}" = SuperGraphics Suite
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{723F6AF5-E925-AD41-99B2-621AD1A463EB}" = Skins
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{72FD6FC4-37A5-ED1F-DCB4-A8F8BEE1C384}" = Catalyst Control Center Localization All
    "{7809AADD-7176-E27A-9709-E8814F9F8A87}" = CCC Help Hungarian
    "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
    "{80416A15-214B-4F25-A025-ED6E875631F2}" = Cisco AnyConnect Secure Mobility Client
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
    "{89B6F63A-7E0C-424A-9D39-C4EF59E96D78}" = hppQFolderCP2020
    "{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
    "{8CFF04C0-FB09-298D-FAA9-D4A5879656DE}" = Catalyst Control Center Graphics Full New
    "{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}" = BlackBerry App World Browser Plugin
    "{8FAA856D-0E74-B848-5A9A-CF6105E7CF6C}" = CCC Help Swedish
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_PRJSTDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PRJSTDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PMUI.en-us_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_PRJSTDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PMUI.en-us_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_PRJSTDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_PRJSTDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PMUI.en-us_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PRJSTDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PMUI.en-us_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_PRJSTDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
    "{90120000-00B4-0409-0000-0000000FF1CE}_PMUI.en-us_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{90120000-00B4-040C-0000-0000000FF1CE}" = Microsoft Office Project MUI (French) 2007
    "{90120000-00B4-040C-0000-0000000FF1CE}_PRJSTDR_{312364A9-1D13-481C-B297-FAA62E6D0174}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{90120000-00B5-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
    "{90120000-00B5-0409-0000-0000000FF1CE}_PMUI.en-us_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{90120000-0101-0409-0000-0000000FF1CE}" = Microsoft Office X MUI (English) 2007
    "{90120000-0101-0409-0000-0000000FF1CE}_PMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PMUI.en-us_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
    "{90A6D660-09BD-E8C9-0422-11DA2005ACCF}" = CCC Help Greek
    "{90D0FC4B-D653-4F49-BB97-A48C74A52E71}" = Snagit 11
    "{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
    "{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
    "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
    "{91C50994-9CCA-D278-806A-3BC396F547F4}" = Catalyst Control Center Graphics Full Existing
    "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
    "{9455C3DF-ADA4-6D26-4E8D-46A60FBF4322}" = ccc-core-preinstall
    "{962A23F0-3466-492F-AC73-CCB86A1767ED}" = MySQL Examples and Samples 5.5
    "{97C8EF91-4F07-271A-9948-AB1799E3FF69}" = CCC Help Finnish
    "{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
    "{99E519D4-82F4-0B84-9B80-BC6EAD402620}" = CCC Help French
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
    "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
    "{A2AD0A39-7311-2AE7-0B08-3E3E642801B6}" = CCC Help Danish
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
    "{A552CCF8-51D3-49D9-AD30-A939626F2299}" = Architecte 3D Ultimate
    "{A5F39441-3414-4db2-9A71-0BA8AB3CB16A}" = HP Color LaserJet CP2020 Series 2.0
    "{A72C38DD-8B2F-4B3B-D597-C3C36C704125}" = CCC Help Czech
    "{A738611B-D07E-0FE3-B3DE-D2436CE8B792}" = CCC Help Japanese
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
    "{AA1B0034-FE70-F50B-C2AF-D199901B0184}" = CCC Help Thai
    "{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Français
    "{AF2A8E58-DBC6-36D3-A145-7252029F6F48}" = Microsoft Report Viewer Redistributable 2008 SP1
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
    "{B4CF72FF-4A3F-44A7-BFF2-31A8E1CC70B6}" = Application Compatibility Toolkit
    "{B4EE1764-6C4D-449F-0499-72896C1F8213}" = CCC Help Dutch
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{BAE06076-DB3F-4936-8864-249A7B2AA662}" = Intel(R) Integrated Performance Primitives Run-Time Installer 5.1 for Windows* on IA-32 Intel(R) Architecture
    "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
    "{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}" = BlackBerry Desktop Software 7.1
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C0EAC838-4ABD-4C89-BF07-D2292A83929C}" = FLIR QuickReport 1.2 SP2
    "{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
    "{C15431A4-50E4-C7F9-D169-2F56454C7C3E}" = Catalyst Control Center InstallProxy
    "{C1AF55A4-9EA3-45D4-862B-D24890DC7534}" = Bluetooth Wireless Technology Synchronization Plug-in
    "{C46E1C8C-C805-4708-8659-68B3056C1F8C}_is1" = HOT2000 v10.51 GEN
    "{C4DEA973-2695-4C10-D9F3-397C863EB421}" = CCC Help Portuguese
    "{C518E3CB-5500-A37D-5B2F-52395EB6407E}" = CCC Help Italian
    "{C6987CA8-FCD1-8205-5968-11A5B56C4C40}" = ccc-core-static
    "{C852C0FF-CDF5-43F9-A75E-CB99410FF602}" = Toshiba Utility
    "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
    "{CB1DD37F-87F5-8DD7-7E54-6857BF5F90DB}" = CCC Help Spanish
    "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
    "{CD49E43B-88B1-48AD-A3AF-43FAAAB41CB8}" = Autodesk Design Review Browser Add-on v1.2
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C24013}" = WinZip 18.0
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
    "{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager
    "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
    "{E8A50230-55C6-DC49-64F6-78B7E063933D}" = CCC Help Russian
    "{E931DE90-D0B6-4AED-B02E-DC820F0E2992}" = Architecte 3D
    "{EBAF454D-F0E1-E920-73F3-0503788B5339}" = ATI Catalyst Install Manager
    "{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.6.0.0
    "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
    "{EC1AC200-8825-A358-350F-F7217A5F9C4F}" = Catalyst Control Center Graphics Light
    "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F8511796-1457-4A92-BEF7-71080FCF297A}" = LogMeIn
    "{FB400000-0001-0000-0000-074957833700}" = ABBYY FineReader for ScanSnap (TM) 4.0
    "{FD753E57-1F44-41E6-B962-E01D76676206}" = MySQL Connector C++ 1.1.0
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "{FFD35D1F-F7C8-47AE-AF3E-E569F025CD7D}" = MySQL Server 5.5
    "ActiveTouchMeetingClient" = Cisco WebEx Meetings
    "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
    "Allway Sync_is1" = Allway Sync version 12.0.8
    "AnswerWorks" = AnswerWorks Runtime
    "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
    "AutoCAD 2010 - English" = AutoCAD 2010 - English
    "Autodesk Design Review 2012" = Autodesk Design Review 2012
    "Avast" = avast! Internet Security
    "BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
    "Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.865
    "CCleaner" = CCleaner
    "Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
    "CNXT_AUDIO_HDA" = Conexant HD Audio
    "CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "ConversionsPlus6.60" = Conversions Plus 6.60
    "DivX Setup" = Configuration DivX
    "DWG TrueView 2012" = DWG TrueView 2012
    "Free Spider_is1" = Free Spider Solitaire 2010 v2.1
    "Google Chrome" = Google Chrome
    "GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 9.04
    "HP-Color LaserJet 2600n" = Color LaserJet 2600n
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{0C0A2D69-7F51-4B77-B64E-AB405AC446BE}" = Toshiba Controls Utility
    "InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = Outil de diagnostic PC TOSHIBA
    "InstallShield_{5691A25E-C05B-4E0F-87DA-E80869F756C2}" = Toshiba Hotkey Utility
    "InstallShield_{576420A5-E1F0-4C09-A07C-F689082E666F}" = Toshiba Touchpad Utility
    "InstallShield_{C852C0FF-CDF5-43F9-A75E-CB99410FF602}" = Toshiba Utility
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
    "Marvell Miniport Driver" = Marvell Miniport Driver
    "Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
    "Microsoft Report Viewer Redistributable 2008 SP1" = Microsoft Report Viewer Redistributable 2008 SP1
    "Mozilla Firefox 27.0 (x86 fr)" = Mozilla Firefox 27.0 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "Office8.0" = Microsoft Office 97 Professional
    "PMUI.en-us" = Microsoft Office Project Language Pack 2007 - English
    "Power Saver" = Gestion d'énergie TOSHIBA
    "PRJSTDR" = Microsoft Office Project Standard 2007
    "Recuva" = Recuva
    "SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
    "TeamViewer 7" = TeamViewer 7
    "Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
    "VLC media player" = VLC media player 2.1.3
    "Volo View Express" = Volo View Express
    "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    "WebClient" = WebClient
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media*11
    "WinRAR archiver" = WinRAR 5.01 (32-bit)
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XLink/Win_is1" = XLink/Win 2.84
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "magicJack" = magicJack

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2014-07-25 16:05:47 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:06:47 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:09:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:11:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:14:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:19:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-28 08:06:00 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Could not find file 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    Error - 2014-07-28 08:06:00 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Could not find file 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    Error - 2014-07-28 08:06:09 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Impossible de trouver le fichier 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    Error - 2014-07-28 08:06:09 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Impossible de trouver le fichier 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    [ Cisco AnyConnect Secure Mobility Client Events ]
    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
    Line:
    93 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL

    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
    .\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
    Return
    Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
    Line:
    111 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
    Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
    Line:
    57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description:
    WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
    Line:
    39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
    Description:
    WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
    Line:
    1639 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
    -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


    Error - 2014-07-28 20:13:54 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
    Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


    Error - 2014-07-28 20:18:09 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
    Line:
    274 m_pIServicePlugin is NULL

    Error - 2014-07-28 20:18:09 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
    Line:
    274 m_pIServicePlugin is NULL

    Error - 2014-07-28 20:18:09 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
    Line:
    311 m_pITelemetryPlugin is NULL

    [ Doctor Web Events ]
    Error - 2014-07-07 19:23:02 | Computer Name = BVI6 | Source = DrWebARKDaemon | ID = 1002
    Description =

    Error - 2014-07-07 19:23:02 | Computer Name = BVI6 | Source = DrWebARKDaemon | ID = 1002
    Description =

    Error - 2014-07-07 19:24:04 | Computer Name = BVI6 | Source = DrWebARKDaemon | ID = 1002
    Description =

    [ System Events ]
    Error - 2014-07-28 20:24:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:24:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:25:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:25:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:26:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:26:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:27:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:27:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:28:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:28:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.


    < End of report >

    Regards,

    Jean-Pierre

  8. #8
    Member
    Join Date
    Jul 2014
    Posts
    27
    Points
    0

    Default

    Good evening Joe,

    Here is the OTL file:

    OTL logfile created on: 2014-07-28 20:22:11 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Profil test\Mes documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    2,99 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 80,44% Memory free
    4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,52% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 232,88 Gb Total Space | 46,48 Gb Free Space | 19,96% Space Free | Partition Type: NTFS
    Drive E: | 698,63 Gb Total Space | 683,87 Gb Free Space | 97,89% Space Free | Partition Type: NTFS

    Computer Name: BVI6 | User Name: Profil test | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014-07-28 20:16:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Profil test\Mes documents\Downloads\OTL.exe
    PRC - [2014-07-27 22:14:34 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2014-07-27 22:14:33 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2014-07-10 13:52:37 | 002,024,960 | ---- | M] (Michel Krämer) -- C:\Program Files\Spamihilator\spamihilator.exe
    PRC - [2014-06-09 08:55:45 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014-05-07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
    PRC - [2014-03-12 16:52:16 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
    PRC - [2012-02-07 19:19:26 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    PRC - [2011-12-23 11:48:56 | 000,176,640 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\bin\watch.exe
    PRC - [2011-12-09 20:47:42 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
    PRC - [2010-03-18 16:26:10 | 000,457,312 | ---- | M] (FLIR) -- C:\Program Files\FLIR Systems\FLIR Device Drivers\FLIR T3Srv\sysx86\T3Srv.exe
    PRC - [2009-03-16 14:29:28 | 006,562,432 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe
    PRC - [2009-02-09 05:01:52 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PRC - [2008-05-07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
    PRC - [2008-04-15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008-04-14 08:00:00 | 001,037,824 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007-11-21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
    PRC - [2007-02-11 20:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
    PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2014-07-28 12:58:08 | 002,795,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14072802\algo.dll
    MOD - [2014-07-27 22:14:38 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2014-07-27 22:14:35 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
    MOD - [2014-07-10 13:52:37 | 000,279,040 | ---- | M] () -- C:\Program Files\Spamihilator\sqlite3.dll
    MOD - [2014-07-10 13:52:37 | 000,060,416 | ---- | M] () -- C:\Program Files\Spamihilator\zlib1.dll
    MOD - [2014-03-12 16:53:02 | 000,063,376 | ---- | M] () -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
    MOD - [2012-07-04 15:29:09 | 000,748,544 | ---- | M] () -- C:\WINDOWS\system32\protector.dll
    MOD - [2011-12-23 11:48:56 | 000,176,640 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\bin\watch.exe
    MOD - [2009-03-16 14:29:28 | 006,562,432 | ---- | M] () -- C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe


    ========== Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\DOCUME~1\ALLUSE~1\APPLIC~1\t1bjat.plz -- (winmgmt)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
    SRV - File not found [Auto | Stopped] -- C:\Program Files\NVMS5 Standard Edition\bin\vtdu.exe vtdu.cfg -- (NVMS-SRV-VTDU)
    SRV - File not found [Auto | Stopped] -- C:\Program Files\NVMS5 Standard Edition\bin\nru.exe nru.cfg -- (NVMS-SRV-NRU)
    SRV - [2014-07-27 22:14:33 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2014-07-27 22:14:20 | 000,106,488 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
    SRV - [2014-07-09 12:16:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014-06-09 08:55:59 | 000,203,088 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
    SRV - [2014-06-09 08:55:45 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
    SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2014-05-07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2014-03-12 16:52:16 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
    SRV - [2014-01-28 02:54:10 | 000,118,896 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013-12-11 17:11:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
    SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013-01-18 17:10:18 | 000,577,536 | ---- | M] (Research In Motion Limited) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe -- (Blackberry Device Manager)
    SRV - [2012-08-29 12:37:30 | 008,197,120 | ---- | M] () [Auto | Stopped] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL55)
    SRV - [2012-02-29 19:30:02 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2012-02-07 20:35:06 | 000,919,824 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
    SRV - [2012-02-07 19:39:52 | 000,866,576 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV - [2012-02-07 19:19:26 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV - [2012-02-07 12:57:14 | 000,182,784 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Allway Sync\Allway Sync\Bin\SyncService.exe -- (BotkindSyncService)
    SRV - [2011-12-23 11:48:56 | 000,176,640 | ---- | M] () [Auto | Running] -- C:\Program Files\NVMS5 Standard Edition\bin\watch.exe -- (NVMS-SRV-WATCH)
    SRV - [2011-12-09 20:47:42 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) [Auto | Running] -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe -- (FileOpenManagerSvc)
    SRV - [2011-07-20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
    SRV - [2010-03-18 16:26:10 | 000,457,312 | ---- | M] (FLIR) [Auto | Running] -- C:\Program Files\FLIR Systems\FLIR Device Drivers\FLIR T3Srv\sysx86\T3Srv.exe -- (T3Srv)
    SRV - [2009-03-17 15:36:12 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
    SRV - [2009-03-16 14:29:28 | 006,562,432 | ---- | M] () [Auto | Running] -- C:\Program Files\NVMS5 Standard Edition\data\bin\mysqld.exe -- (NVMS-SRV-DB)
    SRV - [2009-02-09 05:01:52 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
    SRV - [2008-05-07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
    SRV - [2008-04-15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2007-11-21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
    SRV - [2007-02-11 20:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
    SRV - [2006-10-26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
    SRV - [2006-10-23 08:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
    SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
    SRV - [2004-10-15 16:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
    SRV - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\kjrxm.sys -- (sipbs)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [File_System | Boot | Stopped] -- -- (Lbd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Lavasoft Kernexplorer)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
    DRV - [2014-07-27 22:14:55 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
    DRV - [2014-07-27 22:14:39 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
    DRV - [2014-07-27 22:14:39 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2014-07-27 22:14:39 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2014-07-27 22:14:39 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2014-07-27 22:14:39 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswrdr.sys -- (aswRdr)
    DRV - [2014-07-27 22:14:39 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2014-07-27 22:14:39 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
    DRV - [2014-07-27 22:14:25 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
    DRV - [2014-07-27 22:14:21 | 000,252,872 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
    DRV - [2014-06-09 08:55:46 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
    DRV - [2014-05-12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2014-03-12 16:35:16 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
    DRV - [2014-03-12 16:33:56 | 000,058,736 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
    DRV - [2014-03-12 16:33:56 | 000,040,304 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
    DRV - [2013-12-11 17:11:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
    DRV - [2013-12-11 17:11:50 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
    DRV - [2012-04-13 06:05:20 | 000,062,216 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
    DRV - [2012-04-13 06:05:06 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
    DRV - [2012-01-23 15:33:50 | 007,477,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32)
    DRV - [2011-10-07 16:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
    DRV - [2011-09-14 09:58:38 | 000,299,424 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
    DRV - [2011-02-17 11:42:22 | 000,095,024 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
    DRV - [2010-05-19 22:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
    DRV - [2010-04-27 04:51:26 | 004,687,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2009-12-18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
    DRV - [2009-09-11 17:34:22 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2009-03-23 18:28:24 | 000,054,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
    DRV - [2009-03-19 15:07:32 | 000,043,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
    DRV - [2009-03-12 12:33:08 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
    DRV - [2009-03-05 12:03:16 | 000,074,368 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
    DRV - [2009-03-03 16:42:56 | 000,036,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
    DRV - [2009-02-19 17:20:10 | 000,063,872 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
    DRV - [2009-02-13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
    DRV - [2009-02-09 03:54:24 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
    DRV - [2008-11-17 15:23:16 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
    DRV - [2008-10-06 18:56:38 | 000,137,984 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
    DRV - [2008-07-15 20:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
    DRV - [2008-05-29 11:27:00 | 003,692,160 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
    DRV - [2008-04-14 14:15:30 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
    DRV - [2008-04-13 11:46:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
    DRV - [2008-03-25 14:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
    DRV - [2008-03-24 19:22:00 | 000,985,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
    DRV - [2008-03-24 19:22:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2008-03-24 19:22:00 | 000,210,560 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
    DRV - [2008-03-17 12:45:52 | 000,019,584 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX)
    DRV - [2008-01-31 17:18:56 | 000,732,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (CnxtHdAudAddService)
    DRV - [2007-11-05 19:25:00 | 000,101,888 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2007-07-19 17:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2007-05-28 14:01:50 | 000,006,912 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\QIOMem.sys -- (QIOMem)
    DRV - [2007-03-26 12:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
    DRV - [2007-02-19 12:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
    DRV - [2006-12-12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
    DRV - [2006-10-23 17:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
    DRV - [2006-10-18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV - [2006-01-12 16:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
    DRV - [2005-12-21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
    DRV - [2005-12-21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
    DRV - [2005-12-21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
    DRV - [2005-09-23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
    DRV - [2005-06-10 01:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
    DRV - [2005-05-05 14:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
    DRV - [2003-01-10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
    DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{492222E2-1A09-4F12-9D27-7A4BD5DC2B04}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}


    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Toshiba Canada
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google Advanced Search
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..\SearchScopes\{492222E2-1A09-4F12-9D27-7A4BD5DC2B04}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_frCA565
    IE - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/advanced_search"
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@EDVR/WebClient: C:\windows\system32\WebClient\npwebclient.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
    FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Fichiers communs\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-27 22:14:42 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014-02-06 12:48:26 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-07-24 16:01:10 | 000,000,000 | ---D | M]

    [2012-02-29 20:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Extensions
    [2012-09-19 14:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\jnts2b75.default\extensions
    [2014-03-22 12:46:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\ldpdtcta.default-1349460608078\Extensions
    [2014-03-22 12:46:26 | 000,000,000 | ---D | M] (ObviousIdea Addon) -- C:\Documents and Settings\Profil test\Application Data\Mozilla\Firefox\Profiles\ldpdtcta.default-1349460608078\Extensions\toolbarbutton@obviousidea.us
    [2013-04-12 11:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2013-04-12 11:58:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2014-02-06 17:04:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
    [2014-02-06 17:04:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013-04-12 11:59:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2013-01-12 11:19:45 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2013-04-12 11:58:51 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012-12-07 17:34:03 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2013-01-12 11:19:45 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2013-04-12 11:58:51 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
    [2013-01-12 11:19:45 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2012-02-28 16:04:46 | 000,020,569 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\xfinity.xml
    [2012-12-07 17:34:03 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    ========== Chrome ==========

    CHR - homepage:
    CHR - plugin: Error reading preferences file
    CHR - Extension: ObviousIdea = C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnefekibahpibgnllfjpckodgobkpije\2.0_0\
    CHR - Extension: avast! Online Security = C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
    CHR - Extension: GoogleÂ*Wallet = C:\Documents and Settings\Profil test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

    O1 HOSTS File: ([2014-07-22 09:11:27 | 000,001,010 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\IEHOME.BAT ()
    O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\IEHOME.BAT ()
    O4 - Startup: C:\Documents and Settings\Profil test\Menu Démarrer\Programmes\Démarrage\Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
    O4 - Startup: C:\Documents and Settings\usager\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = [binary data]
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
    O9 - Extra Button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy ()
    O9 - Extra 'Tools' menuitem : MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy ()
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O15 - HKU\S-1-5-21-1202660629-1060284298-1801674531-1041\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/pr.../ieawsdc32.cab (Microsoft Office Template and Media Control)
    O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} http://www.registrefoncier.gouv.qc.c.../CpcViewAX.cab (CPC View ax Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1252573903906 (WUWebControl Class)
    O16 - DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://173.246.95.65/EDVR.CAB (DVR4204 Client Control)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1347395172656 (MUWebControl Class)
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab (GMNRev Class)
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcDcToday.ocx (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.60.2)
    O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://98.238.19.60/WebClient.exe (WebClient Control)
    O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downlo...oadManager.cab (Reg Error: Key error.)
    O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_51)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.60.2)
    O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab...l_4.3.16.0.cab (SysInfo Class)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcPreview.ocx (Reg Error: Key error.)
    O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} http://infolot.mrnf.gouv.qc.ca/ACGM/acgm.cab (ActiveCGM Control)
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058 (Reg Error: Key error.)
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{286E34A1-399E-4B5A-B5D1-162710A6D944}: DhcpNameServer = 192.168.88.1
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (protector.dll) - C:\WINDOWS\System32\protector.dll ()
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
    O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\Profil test\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Profil test\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008-07-01 15:07:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014-07-28 18:56:59 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    [2014-07-28 18:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
    [2014-07-28 18:56:42 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
    [2014-07-28 18:56:42 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2014-07-28 18:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
    [2014-07-28 08:15:01 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll
    [2014-07-28 08:12:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014-07-28 07:16:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
    [2014-07-27 22:14:39 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2014-07-27 21:54:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Menu Démarrer\Programmes\HiJackThis
    [2014-07-27 21:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2014-07-27 20:59:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Profil test\Recent
    [2014-07-27 17:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Application Data\Auslogics
    [2014-07-25 22:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Menu Démarrer\Programmes\Application Compatibility Toolkit
    [2014-07-25 22:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Application Compatibility Toolkit
    [2014-07-25 22:03:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Support Tools
    [2014-07-25 22:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Support Tools
    [2014-07-23 14:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TechSmith
    [2014-07-23 14:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
    [2014-07-23 12:14:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.VC80.MFC
    [2014-07-23 12:14:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.VC80.CRT
    [2014-07-23 12:14:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.VC80.ATL
    [2014-07-23 09:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Local Settings\Application Data\Apple
    [2014-07-22 11:11:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\CrypKey
    [2014-07-22 11:11:02 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\WINDOWS\Ckconfig.exe
    [2014-07-22 11:11:02 | 000,122,880 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\System32\Crypserv.exe
    [2014-07-22 11:10:54 | 000,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix Outlook PST Repair
    [2014-07-22 07:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Mes documents\Nouveau dossier (3)
    [2014-07-22 07:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Mes documents\Nouveau dossier (2)
    [2014-07-22 07:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Mes documents\Nouveau dossier
    [2014-07-16 17:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Bureau\La rénovation des bâtiments - André Bergeron - Google Livres_files
    [2014-07-10 14:24:02 | 000,058,736 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\acsmux.sys
    [2014-07-10 14:23:57 | 000,040,304 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\acsint.sys
    [2014-07-10 14:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Cisco
    [2014-07-10 14:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
    [2014-07-10 14:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Local Settings\Application Data\Cisco
    [2014-07-10 14:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco
    [2014-07-10 14:19:40 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
    [2014-07-10 14:19:40 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
    [2014-07-10 14:19:28 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
    [2014-07-10 14:19:28 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
    [2014-07-10 14:19:28 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
    [2014-07-10 14:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
    [2014-07-10 13:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spamihilator
    [2014-07-10 13:52:38 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
    [2014-07-10 13:52:38 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
    [2014-07-08 14:20:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Profil test\Cookies
    [2014-07-07 19:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
    [2014-07-07 19:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Doctor Web
    [2014-07-07 10:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Profil test\Application Data\ErrorTeck
    [2014-01-15 15:35:56 | 003,837,112 | ---- | C] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Client (2).exe
    [2010-08-20 18:51:18 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Profil test\Application Data\pcouffin.sys
    [2010-04-07 10:33:48 | 014,593,746 | ---- | C] (Natural Resources Canada ) -- C:\Program Files\H2K-Setup-GEN.exe
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp -> ]
    [1 C:\*.tmp files -> C:\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014-07-28 20:18:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2014-07-28 20:14:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2014-07-28 20:13:15 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
    [2014-07-28 20:13:15 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\WSSHelper.job
    [2014-07-28 20:12:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2014-07-28 20:06:51 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    [2014-07-28 18:54:31 | 000,104,990 | ---- | M] () -- C:\Documents and Settings\Profil test\wtge61fr.HST
    [2014-07-27 22:16:59 | 000,001,750 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
    [2014-07-27 22:14:55 | 000,414,520 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
    [2014-07-27 22:14:39 | 000,779,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
    [2014-07-27 22:14:39 | 000,276,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2014-07-27 22:14:39 | 000,192,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
    [2014-07-27 22:14:39 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    [2014-07-27 22:14:39 | 000,057,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2014-07-27 22:14:39 | 000,055,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
    [2014-07-27 22:14:39 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
    [2014-07-27 22:14:39 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2014-07-27 22:14:39 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
    [2014-07-27 22:14:25 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
    [2014-07-27 22:14:21 | 000,252,872 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
    [2014-07-27 21:54:49 | 000,001,996 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\HiJackThis.lnk
    [2014-07-26 18:03:33 | 000,000,608 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\Raccourci vers ADMINS sur NASServer (Nasbioptic).lnk
    [2014-07-26 13:44:44 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Profil test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2014-07-25 18:44:05 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\Raccourci vers CLIENTELES sur NASServer (Nasbioptic).lnk
    [2014-07-25 08:08:12 | 000,321,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2014-07-24 17:16:14 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Profil test\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
    [2014-07-24 17:16:11 | 000,579,614 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2014-07-24 17:16:11 | 000,506,014 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2014-07-24 17:16:11 | 000,105,992 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2014-07-24 17:16:11 | 000,089,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2014-07-24 16:40:44 | 000,000,743 | -H-- | M] () -- C:\WINDOWS\ODBC.INI
    [2014-07-23 09:44:26 | 000,000,127 | ---- | M] () -- C:\WINDOWS\Crypkey.ini
    [2014-07-23 08:58:53 | 000,001,056 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2014-07-23 08:58:53 | 000,001,052 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2014-07-23 08:58:53 | 000,000,644 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
    [2014-07-23 08:58:53 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\TechSmith Updater.job
    [2014-07-23 08:58:53 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
    [2014-07-23 08:58:38 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2014-07-22 16:54:25 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.ind
    [2014-07-22 11:11:52 | 000,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.nlp
    [2014-07-22 11:11:52 | 000,000,004 | ---- | M] () -- C:\WINDOWS\vx86036.dat
    [2014-07-22 09:11:27 | 000,001,010 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2014-07-22 07:47:57 | 000,189,530 | ---- | M] () -- C:\Documents and Settings\Profil test\Mes documents\suite_9.0.2018_2014-7-22_4-42-38.avastconfig
    [2014-07-21 05:32:46 | 000,135,952 | ---- | M] (trend_company_name) -- C:\WINDOWS\System32\drivers\tmrkb.sys
    [2014-07-17 19:45:00 | 000,000,240 | -HS- | M] () -- C:\boot.ini
    [2014-07-16 17:32:59 | 000,167,123 | ---- | M] () -- C:\Documents and Settings\Profil test\Bureau\La rénovation des bâtiments - André Bergeron - Google Livres.htm
    [2014-07-10 17:08:48 | 000,000,836 | -H-- | M] () -- C:\WINDOWS\BRWMARK.INI
    [2014-07-10 17:08:48 | 000,000,027 | -H-- | M] () -- C:\WINDOWS\BRPP2KA.INI
    [2014-07-10 15:09:10 | 000,001,770 | -H-- | M] () -- C:\Documents and Settings\Profil test\Mes documents\Default.rdp
    [2014-07-10 13:52:38 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
    [2014-07-10 13:52:38 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
    [2014-07-09 12:16:24 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2014-07-09 12:16:24 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2014-07-09 00:30:00 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
    [2014-07-08 10:37:05 | 000,000,460 | ---- | M] () -- C:\0.bak
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Profil test\Local Settings\Application Data\*.tmp -> ]
    [1 C:\*.tmp files -> C:\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014-07-27 22:16:59 | 000,001,750 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
    [2014-07-27 21:54:49 | 000,001,996 | ---- | C] () -- C:\Documents and Settings\Profil test\Bureau\HiJackThis.lnk
    [2014-07-24 18:33:29 | 000,104,990 | ---- | C] () -- C:\Documents and Settings\Profil test\wtge61fr.HST
    [2014-07-24 17:16:14 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
    [2014-07-23 12:14:55 | 000,098,304 | ---- | C] () -- C:\WINDOWS\FunambolAddin.dll
    [2014-07-22 11:11:52 | 000,000,004 | ---- | C] () -- C:\WINDOWS\vx86036.dat
    [2014-07-22 11:11:31 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.nlp
    [2014-07-22 11:11:31 | 000,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.ind
    [2014-07-22 11:11:05 | 000,000,127 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
    [2014-07-22 11:11:02 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe
    [2014-07-22 11:11:02 | 000,019,584 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
    [2014-07-22 11:11:02 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
    [2014-07-22 11:11:02 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
    [2014-07-22 07:47:56 | 000,189,530 | ---- | C] () -- C:\Documents and Settings\Profil test\Mes documents\suite_9.0.2018_2014-7-22_4-42-38.avastconfig
    [2014-07-16 17:32:58 | 000,167,123 | ---- | C] () -- C:\Documents and Settings\Profil test\Bureau\La rénovation des bâtiments - André Bergeron - Google Livres.htm
    [2014-07-10 14:40:22 | 000,001,770 | -H-- | C] () -- C:\Documents and Settings\Profil test\Mes documents\Default.rdp
    [2014-06-19 02:01:23 | 000,190,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2014-06-18 21:53:34 | 001,766,170 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1202660629-1060284298-1801674531-1041-0.dat
    [2014-06-18 21:53:33 | 000,237,642 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    [2014-06-03 11:52:32 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
    [2014-06-03 11:52:32 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
    [2014-06-03 11:52:32 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
    [2014-05-19 09:26:09 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\lpng.dll
    [2014-03-28 14:01:37 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
    [2014-03-28 14:01:33 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\NS7100.dll
    [2014-03-28 14:01:33 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\mathdll.dll
    [2014-01-15 23:59:39 | 000,010,498 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\lpm.dat
    [2013-11-18 22:52:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\bibstats
    [2013-10-19 15:41:58 | 000,002,432 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
    [2013-09-10 03:02:27 | 000,001,552 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2013-09-09 21:20:20 | 000,016,002 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dgv.exe
    [2013-08-15 16:15:33 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Profil test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013-08-14 08:23:58 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\$_hpcst$.hpc
    [2013-08-13 16:45:02 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Profil test\Local Settings\Application Data\fusioncache.dat
    [2013-01-27 12:31:56 | 000,000,161 | ---- | C] () -- C:\WINDOWS\DISPARAM.INI
    [2012-01-31 12:55:08 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
    [2011-12-07 12:57:11 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
    [2011-12-07 00:23:39 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24t2z9XDw9XPP9
    [2011-12-07 00:23:39 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24t2z9XDw9XPP9r
    [2011-12-07 00:13:37 | 000,000,464 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\24t2z9XDw9XPP9
    [2010-08-20 18:51:18 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\inst.exe
    [2010-08-20 18:51:18 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\pcouffin.cat
    [2010-08-20 18:51:18 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Profil test\Application Data\pcouffin.inf
    [2009-09-11 15:56:05 | 004,157,370 | ---- | C] () -- C:\Program Files\BullzipPDFPrinter_6_0_0_865.zip

    ========== ZeroAccess Check ==========

    [2008-07-01 15:12:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2010-03-10 00:41:37 | 001,510,400 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 06:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
    @Alternate Data Stream - 188 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

    < End of report >


    And the Extras file:

    OTL Extras logfile created on: 2014-07-28 20:22:11 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Profil test\Mes documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    2,99 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 80,44% Memory free
    4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,52% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 232,88 Gb Total Space | 46,48 Gb Free Space | 19,96% Space Free | Partition Type: NTFS
    Drive E: | 698,63 Gb Total Space | 683,87 Gb Free Space | 97,89% Space Free | Partition Type: NTFS

    Computer Name: BVI6 | User Name: Profil test | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
    .scr [@ = AutoCADScriptFile] -- C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)
    .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
    .scr [@ = AutoCADScriptFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
    hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    Unknown [openas] -- Reg Error: Key error.
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [LightImageResizer] -- "C:\Program Files\ObviousIdea\Image Resizer 4\Resize.exe" "%1" (ObviousIdea SARL)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "AntiVirusDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
    "4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
    "4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
    "4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
    "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Tinytag\Tinytag Explorer\kola.exe" = C:\Program Files\Tinytag\Tinytag Explorer\kola.exe:LocalSubNet:Enabled:Tinytag Explorer Radio Gateway -- (Gemini Data Loggers (UK) Ltd)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe" = C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (AOL Inc.)
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online)
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" = C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- (America Online, Inc)
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- (America Online Inc)
    "C:\Program Files\Fichiers communs\AOL\1252704829\EE\AOLServiceHost.exe" = C:\Program Files\Fichiers communs\AOL\1252704829\EE\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
    "C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe" = C:\Program Files\Fichiers communs\AOL\System Information\sinf.exe:*:Enabled:AOL -- (AOL Inc.)
    "C:\Program Files\Fichiers communs\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Fichiers communs\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL
    "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe" = C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe:*:Enabled:Sprite Backup PC Service
    "C:\kav\kav7\setup.exe" = C:\kav\kav7\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup
    "C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe" = C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
    "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" = C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe:*isabled:ConfigFree(TM) Tray -- (TOSHIBA CORPORATION)
    "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
    "C:\WINDOWS\LMI7FD9.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI7FD9.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- (LogMeIn, Inc.)
    "C:\Program Files\Tinytag\Tinytag Explorer\kola.exe" = C:\Program Files\Tinytag\Tinytag Explorer\kola.exe:LocalSubNet:Enabled:Tinytag Explorer Radio Gateway -- (Gemini Data Loggers (UK) Ltd)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
    "C:\Documents and Settings\usager\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\usager\Local Settings\Application Data\Akamai\netsession_win.exe:*isabled:netsession_win -- (Akamai Technologies, Inc.)
    "C:\Program Files\Fichiers communs\AOL\1252704829\EE\aolsoftware.exe" = C:\Program Files\Fichiers communs\AOL\1252704829\EE\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
    "C:\Program Files\AOL Desktop 9.7\waol.exe" = C:\Program Files\AOL Desktop 9.7\waol.exe:*:Enabled:AOL -- (AOL Inc.)
    "C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Fichiers communs\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
    "C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe" = C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe:*:Enabled:AOL Browser -- (AOL Inc.)
    "C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox -- (Mozilla Corporation)
    "C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe" = C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:FreeFileViewerUpdateChecker
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
    "C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
    "C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
    "C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit
    "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
    "C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
    "C:\Documents and Settings\Profil test\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Profil test\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{01A05C97-0953-55B5-3278-23927449C433}" = ccc-utility
    "{0293D4CF-0EDF-41E1-805C-C298460000AE}" = MySQL Documents 5.5
    "{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
    "{0505C47B-6CBC-4DF5-9628-769566240F88}" = MySQL Connector J
    "{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0C0A2D69-7F51-4B77-B64E-AB405AC446BE}" = Toshiba Controls Utility
    "{0F09422F-B641-E01C-A46D-4362267C889B}" = CCC Help Korean
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{0FF72E37-5FDF-4A6D-B505-F00112FE9701}" = Tinytag Explorer 4.8
    "{1046C2FB-6750-43C9-AC61-3A09F23A5DB3}" = BlackBerry World Browser Plugin
    "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
    "{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
    "{14B95189-3DD8-4EAA-9B9B-67472FF12AD4}" = MySQL Installer
    "{156E98D0-1AEC-4013-A41A-94A1A01BFD68}" = O2Micro Flash Memory Card Reader Driver (x86)
    "{16AB7F63-F540-4437-B450-6A6143CC1DC7}" = ScanSnap
    "{17454FB3-7283-4AA8-8832-68C8B7B6D532}" = Logiciel Intel(R) PROSet/Wireless WiFi
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1C5E35C2-583E-436B-AFC8-FB3F9B917C33}" = FileOpen Client
    "{1D5754D6-5D39-445D-8D7A-8CAC96E1E788}" = FLIR Device Drivers
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{237A8EC0-F816-0EAA-F1D0-994A9A4C6154}" = CCC Help Norwegian
    "{23C3EF87-AD08-4F76-982D-1AE137485F08}" = MySQL Workbench 5.2 CE
    "{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
    "{294BB21B-0091-492F-87D2-A9192DA3E448}" = System Requirements Lab for Intel
    "{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35845E72-E34A-11D4-817D-005004D0F1FA}" = MarketBrowser
    "{35F15027-A18F-C2DF-637B-1A80D9C77FC5}" = CCC Help Chinese Traditional
    "{378746A9-3FAB-4DD0-A4AA-21B08ED07B5E}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
    "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
    "{3B101941-675F-4470-93D6-BFED1469DF7E}" = LoggerNet 4.2.1
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
    "{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer
    "{45473B15-6024-270C-3EDA-A889DE3F83A3}" = CCC Help German
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4642E31A-E374-A972-0F04-4E7678A68861}" = Catalyst Control Center Core Implementation
    "{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google*Earth
    "{4E38C125-6EAA-38EC-B76D-6EB8E4B56EF8}" = Catalyst Control Center Graphics Previews Common
    "{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
    "{5681C7AB-E29D-4EE9-B0F0-809A28ECECFC}" = MySQL Notifier 1.0.3
    "{5691A25E-C05B-4E0F-87DA-E80869F756C2}" = Toshiba Hotkey Utility
    "{576420A5-E1F0-4C09-A07C-F689082E666F}" = Toshiba Touchpad Utility
    "{5783F2D7-0134-0409-0000-0060B0CE6BBA}" = Autodesk Architectural Desktop 3.3
    "{5783F2D7-8001-0409-0002-0060B0CE6BBA}" = AutoCAD 2010 - English
    "{5783F2D7-8001-0409-1002-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
    "{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
    "{57BA6FD7-172B-4C0A-A575-BA808343CC3E}" = Spamihilator 1.5.0 (32 bit)
    "{599300E3-5279-36D1-512E-D545989E21A2}" = CCC Help Turkish
    "{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
    "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
    "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
    "{66F9302D-E145-4375-8C84-54DA2339C483}" = MySQL Connector C 6.0.2
    "{69733CDD-2AB0-44B7-979E-4753D810B103}" = MySQL Connector/ODBC 5.1
    "{69BBF1DA-8DFC-6B42-604F-8CCF9964618E}" = CCC Help Chinese Standard
    "{69E5255D-9D43-4CFF-8984-843ABD7753B7}" = Catalyst Control Center - Branding
    "{6AD1746D-6F7B-3BFD-0D8F-5932E62C34D5}" = CCC Help English
    "{6C2FE7F8-6C94-C2AC-4667-C7C217DE2CE0}" = CCC Help Polish
    "{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pilote vidéo Pinnacle
    "{6FA90C58-12F5-4712-B829-D2B304E4D2C1}" = SuperGraphics Suite
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{723F6AF5-E925-AD41-99B2-621AD1A463EB}" = Skins
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{72FD6FC4-37A5-ED1F-DCB4-A8F8BEE1C384}" = Catalyst Control Center Localization All
    "{7809AADD-7176-E27A-9709-E8814F9F8A87}" = CCC Help Hungarian
    "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
    "{80416A15-214B-4F25-A025-ED6E875631F2}" = Cisco AnyConnect Secure Mobility Client
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
    "{89B6F63A-7E0C-424A-9D39-C4EF59E96D78}" = hppQFolderCP2020
    "{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
    "{8CFF04C0-FB09-298D-FAA9-D4A5879656DE}" = Catalyst Control Center Graphics Full New
    "{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}" = BlackBerry App World Browser Plugin
    "{8FAA856D-0E74-B848-5A9A-CF6105E7CF6C}" = CCC Help Swedish
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_PRJSTDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PRJSTDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PMUI.en-us_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_PRJSTDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PMUI.en-us_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_PRJSTDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_PRJSTDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PMUI.en-us_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PRJSTDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PMUI.en-us_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_PRJSTDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
    "{90120000-00B4-0409-0000-0000000FF1CE}_PMUI.en-us_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{90120000-00B4-040C-0000-0000000FF1CE}" = Microsoft Office Project MUI (French) 2007
    "{90120000-00B4-040C-0000-0000000FF1CE}_PRJSTDR_{312364A9-1D13-481C-B297-FAA62E6D0174}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{90120000-00B5-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
    "{90120000-00B5-0409-0000-0000000FF1CE}_PMUI.en-us_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{90120000-0101-0409-0000-0000000FF1CE}" = Microsoft Office X MUI (English) 2007
    "{90120000-0101-0409-0000-0000000FF1CE}_PMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PMUI.en-us_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
    "{90A6D660-09BD-E8C9-0422-11DA2005ACCF}" = CCC Help Greek
    "{90D0FC4B-D653-4F49-BB97-A48C74A52E71}" = Snagit 11
    "{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
    "{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
    "{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
    "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
    "{91C50994-9CCA-D278-806A-3BC396F547F4}" = Catalyst Control Center Graphics Full Existing
    "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
    "{9455C3DF-ADA4-6D26-4E8D-46A60FBF4322}" = ccc-core-preinstall
    "{962A23F0-3466-492F-AC73-CCB86A1767ED}" = MySQL Examples and Samples 5.5
    "{97C8EF91-4F07-271A-9948-AB1799E3FF69}" = CCC Help Finnish
    "{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
    "{99E519D4-82F4-0B84-9B80-BC6EAD402620}" = CCC Help French
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
    "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
    "{A2AD0A39-7311-2AE7-0B08-3E3E642801B6}" = CCC Help Danish
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
    "{A552CCF8-51D3-49D9-AD30-A939626F2299}" = Architecte 3D Ultimate
    "{A5F39441-3414-4db2-9A71-0BA8AB3CB16A}" = HP Color LaserJet CP2020 Series 2.0
    "{A72C38DD-8B2F-4B3B-D597-C3C36C704125}" = CCC Help Czech
    "{A738611B-D07E-0FE3-B3DE-D2436CE8B792}" = CCC Help Japanese
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
    "{AA1B0034-FE70-F50B-C2AF-D199901B0184}" = CCC Help Thai
    "{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Français
    "{AF2A8E58-DBC6-36D3-A145-7252029F6F48}" = Microsoft Report Viewer Redistributable 2008 SP1
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
    "{B4CF72FF-4A3F-44A7-BFF2-31A8E1CC70B6}" = Application Compatibility Toolkit
    "{B4EE1764-6C4D-449F-0499-72896C1F8213}" = CCC Help Dutch
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{BAE06076-DB3F-4936-8864-249A7B2AA662}" = Intel(R) Integrated Performance Primitives Run-Time Installer 5.1 for Windows* on IA-32 Intel(R) Architecture
    "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
    "{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}" = BlackBerry Desktop Software 7.1
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C0EAC838-4ABD-4C89-BF07-D2292A83929C}" = FLIR QuickReport 1.2 SP2
    "{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
    "{C15431A4-50E4-C7F9-D169-2F56454C7C3E}" = Catalyst Control Center InstallProxy
    "{C1AF55A4-9EA3-45D4-862B-D24890DC7534}" = Bluetooth Wireless Technology Synchronization Plug-in
    "{C46E1C8C-C805-4708-8659-68B3056C1F8C}_is1" = HOT2000 v10.51 GEN
    "{C4DEA973-2695-4C10-D9F3-397C863EB421}" = CCC Help Portuguese
    "{C518E3CB-5500-A37D-5B2F-52395EB6407E}" = CCC Help Italian
    "{C6987CA8-FCD1-8205-5968-11A5B56C4C40}" = ccc-core-static
    "{C852C0FF-CDF5-43F9-A75E-CB99410FF602}" = Toshiba Utility
    "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
    "{CB1DD37F-87F5-8DD7-7E54-6857BF5F90DB}" = CCC Help Spanish
    "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
    "{CD49E43B-88B1-48AD-A3AF-43FAAAB41CB8}" = Autodesk Design Review Browser Add-on v1.2
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C24013}" = WinZip 18.0
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
    "{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager
    "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
    "{E8A50230-55C6-DC49-64F6-78B7E063933D}" = CCC Help Russian
    "{E931DE90-D0B6-4AED-B02E-DC820F0E2992}" = Architecte 3D
    "{EBAF454D-F0E1-E920-73F3-0503788B5339}" = ATI Catalyst Install Manager
    "{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.6.0.0
    "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
    "{EC1AC200-8825-A358-350F-F7217A5F9C4F}" = Catalyst Control Center Graphics Light
    "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F8511796-1457-4A92-BEF7-71080FCF297A}" = LogMeIn
    "{FB400000-0001-0000-0000-074957833700}" = ABBYY FineReader for ScanSnap (TM) 4.0
    "{FD753E57-1F44-41E6-B962-E01D76676206}" = MySQL Connector C++ 1.1.0
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "{FFD35D1F-F7C8-47AE-AF3E-E569F025CD7D}" = MySQL Server 5.5
    "ActiveTouchMeetingClient" = Cisco WebEx Meetings
    "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
    "Allway Sync_is1" = Allway Sync version 12.0.8
    "AnswerWorks" = AnswerWorks Runtime
    "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
    "AutoCAD 2010 - English" = AutoCAD 2010 - English
    "Autodesk Design Review 2012" = Autodesk Design Review 2012
    "Avast" = avast! Internet Security
    "BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
    "Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.865
    "CCleaner" = CCleaner
    "Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
    "CNXT_AUDIO_HDA" = Conexant HD Audio
    "CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "ConversionsPlus6.60" = Conversions Plus 6.60
    "DivX Setup" = Configuration DivX
    "DWG TrueView 2012" = DWG TrueView 2012
    "Free Spider_is1" = Free Spider Solitaire 2010 v2.1
    "Google Chrome" = Google Chrome
    "GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 9.04
    "HP-Color LaserJet 2600n" = Color LaserJet 2600n
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{0C0A2D69-7F51-4B77-B64E-AB405AC446BE}" = Toshiba Controls Utility
    "InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = Outil de diagnostic PC TOSHIBA
    "InstallShield_{5691A25E-C05B-4E0F-87DA-E80869F756C2}" = Toshiba Hotkey Utility
    "InstallShield_{576420A5-E1F0-4C09-A07C-F689082E666F}" = Toshiba Touchpad Utility
    "InstallShield_{C852C0FF-CDF5-43F9-A75E-CB99410FF602}" = Toshiba Utility
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
    "Marvell Miniport Driver" = Marvell Miniport Driver
    "Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
    "Microsoft Report Viewer Redistributable 2008 SP1" = Microsoft Report Viewer Redistributable 2008 SP1
    "Mozilla Firefox 27.0 (x86 fr)" = Mozilla Firefox 27.0 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "Office8.0" = Microsoft Office 97 Professional
    "PMUI.en-us" = Microsoft Office Project Language Pack 2007 - English
    "Power Saver" = Gestion d'énergie TOSHIBA
    "PRJSTDR" = Microsoft Office Project Standard 2007
    "Recuva" = Recuva
    "SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
    "TeamViewer 7" = TeamViewer 7
    "Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
    "VLC media player" = VLC media player 2.1.3
    "Volo View Express" = Volo View Express
    "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    "WebClient" = WebClient
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media*11
    "WinRAR archiver" = WinRAR 5.01 (32-bit)
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XLink/Win_is1" = XLink/Win 2.84
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-1202660629-1060284298-1801674531-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "magicJack" = magicJack

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2014-07-25 16:05:47 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:06:47 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:09:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:11:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:14:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-25 16:19:18 | Computer Name = BVI6 | Source = Application Error | ID = 1000
    Description = Application défaillante lacie setup.exe, version 2.0.22.0, module
    défaillant deviceutilities.dll, version 0.0.0.0, adresse de défaillance 0x00001da2.

    Error - 2014-07-28 08:06:00 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Could not find file 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    Error - 2014-07-28 08:06:00 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Could not find file 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    Error - 2014-07-28 08:06:09 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Impossible de trouver le fichier 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    Error - 2014-07-28 08:06:09 | Computer Name = BVI6 | Source = TechSmith Updater | ID = 0
    Description = Impossible de trouver le fichier 'C:\Documents and Settings\All Users\Application
    Data\TechSmith\Updater\Snagit 11-11.4.3.xml'.

    [ Cisco AnyConnect Secure Mobility Client Events ]
    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
    Line:
    93 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL

    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
    .\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
    Return
    Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
    Line:
    111 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
    Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
    Line:
    57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description:
    WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
    Line:
    39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
    Description:
    WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED

    Error - 2014-07-28 20:13:10 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
    Line:
    1639 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
    -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


    Error - 2014-07-28 20:13:54 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108866
    Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
    Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


    Error - 2014-07-28 20:18:09 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
    Line:
    274 m_pIServicePlugin is NULL

    Error - 2014-07-28 20:18:09 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
    Line:
    274 m_pIServicePlugin is NULL

    Error - 2014-07-28 20:18:09 | Computer Name = BVI6 | Source = acvpnagent | ID = 67108865
    Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
    Line:
    311 m_pITelemetryPlugin is NULL

    [ Doctor Web Events ]
    Error - 2014-07-07 19:23:02 | Computer Name = BVI6 | Source = DrWebARKDaemon | ID = 1002
    Description =

    Error - 2014-07-07 19:23:02 | Computer Name = BVI6 | Source = DrWebARKDaemon | ID = 1002
    Description =

    Error - 2014-07-07 19:24:04 | Computer Name = BVI6 | Source = DrWebARKDaemon | ID = 1002
    Description =

    [ System Events ]
    Error - 2014-07-28 20:24:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:24:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:25:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:25:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:26:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:26:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:27:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:27:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:28:24 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2014-07-28 20:28:54 | Computer Name = BVI6 | Source = DCOM | ID = 10010
    Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.


    < End of report >

    Regards,

    Jean-Pierre

  9. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Next

    We need to do a fix to delete some files using OTL

    • Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Under the Custom Scans/Fixes box at the bottom, paste in the following


      Code:
      :COMMANDS
      [CREATERESTOREPOINT]
      
      :OTL
      O2 - BHO: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
      03 - HKLM\..\Toolbar: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
      @Alternate Data Stream - 188 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
      O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
      O20 - AppInit_DLLs: (protector.dll) - C:\WINDOWS\System32\protector.dll ()
      [2014-07-28 20:13:15 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
      C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
      
      :Files
      
      ipconfig /flushdns /c
      C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
      
      :Commands
      
      [emptytemp]
      [resethosts]
    • Make sure all other windows are closed.
    • Click the Run Fix button at the top
    • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
    • Post the log that is found in C:\_OTL\Moved Files in your next reply.
    • Open OTL again and click the Quick Scan button.


    In your next follow up post:
    The OTL Fix log, that log should pop up in front of you after the computer reboots, if not it's here--> C:\_OTL\Moved Files
    The new OTL after a quick scan is run.



    After you post the fix log, and the new OTL after a quick scan is run, I want to see another log file,

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


    Thanks
    Joe

    It's getting late we can resume Tomorrow at 4 pm Eastern standard time (US) if needed...
    Last edited by zep516; 07-28-2014 at 08:51 PM.

  10. #10
    Member
    Join Date
    Jul 2014
    Posts
    27
    Points
    0

    Default

    Yes indeed, it's getting late! Thanks for you time Joe.

    Here's the OTL Moved Files log. I will now do the Quick Scan with OTL and will post the log in my next reply.

    All processes killed
    ========== COMMANDS ==========
    System Restore Service not available.
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    ADS C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD deleted successfully.
    ADS C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dllsrotector.dll deleted successfully.
    C:\WINDOWS\system32\protector.dll moved successfully.
    C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de résolution DNS vidé.
    C:\Documents and Settings\Profil test\Mes documents\Downloads\cmd.bat deleted successfully.
    C:\Documents and Settings\Profil test\Mes documents\Downloads\cmd.txt deleted successfully.
    File\Folder C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 72 bytes
    ->Temporary Internet Files folder emptied: 36852819 bytes
    ->Flash cache emptied: 686 bytes

    User: All Users
    ->Flash cache emptied: 43 bytes

    User: Default User
    ->Temp folder emptied: 3111 bytes
    ->Temporary Internet Files folder emptied: 32983 bytes

    User: LocalService
    ->Temp folder emptied: 115348 bytes
    ->Temporary Internet Files folder emptied: 2102616 bytes

    User: LogMeInRemoteUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 161265 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 42460006 bytes
    ->Java cache emptied: 13 bytes
    ->Flash cache emptied: 3169 bytes

    User: Profil test
    ->Temp folder emptied: 194221454 bytes
    ->Temporary Internet Files folder emptied: 3154283 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 2301849 bytes
    ->Google Chrome cache emptied: 33146056 bytes

    User: usager
    ->Temp folder emptied: 4345856 bytes
    ->Temporary Internet Files folder emptied: 535921870 bytes
    ->FireFox cache emptied: 70206285 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 506 bytes

    %systemdrive% .tmp files removed: 598683 bytes
    %systemroot% .tmp files removed: 13546192 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 129125004 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 490214903 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 1 486,00 mb

    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    OTL by OldTimer - Version 3.2.69.0 log created on 07282014_221340

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

Page 1 of 4 123 ... LastLast