Rapport de ZHPDiag v1.3.5.35 par Nicolas Coolman, Update du 07/02/2013
Run by chouchou at 09/02/2013 18:04:13
State : Version à jour.
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 16.0.2 v16.0.2

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 15 Model 107 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1790 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 104 GB (72%) free of 144 GB

---\\ Logged in mode
~ Computer Name: PC-DE-CHOUCHOU
~ User Name: chouchou
~ All Users Names: chouchou, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\chouchou\AppData\Roaming\
~ %Desktop% : C:\Users\chouchou\Desktop\
~ %Favorites% : C:\Users\chouchou\Favorites\
~ %LocalAppData% : C:\Users\chouchou\AppData\Local\
~ %StartMenu% : C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 104 Go of 144 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 144 Go of 144 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.7FA3A810F383588D46220967DE8B64FF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 02:57:37.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/229
~ Mes musiques (My Musics) : 1/229
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/104
~ Mes Documents (My Documents) : 1/229
~ Mon Bureau (My Desktop) : 1/17
~ Menu demarrer (Programs) : 0/30
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.8FBAFD103A801D92E9EB528C9B841AEE] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [4423680] [PID.1852]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252848] [PID.1552]
[MD5.CD1993092FDC63B215D787801260DEF8] - (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe   [77824] [PID.892]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4297136] [PID.2100]
[MD5.CFCB4F1C6DBE8A5DC0B8DBF058E2586A] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe   [976192] [PID.2460]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe   [125952] [PID.2668]
[MD5.AD298BDBF33C10EFD2F9BB2BAE8718D9] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe   [495616] [PID.2732]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe   [37376] [PID.2752]
[MD5.9A9086A90B280BA5B20BB08CA18DABFF] - (.ArcSoft, Inc. - ArcSoft Magic-i File.) -- C:\Program Files\ArcSoft\Magic-i 3\Magic-i.exe   [530944] [PID.2824]
[MD5.ABC2C67DFD48930F846934B907C3D606] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe   [7424000] [PID.3092]
[MD5.15D982E21248E9BE337D9B40247AF30E] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin   [7418368] [PID.3416]
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe   [512360] [PID.3560]
[MD5.0151C2C433693948FD5A48E3D0408C77] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe   [7357824] [PID.1400]
[MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe   [168960] [PID.5276]
[MD5.0D286C0FE561D1A7EB30E83A0FF305B2] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   [757296] [PID.4700]
[MD5.BAD663957F682F95B22C4E83AB49CB52] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe   [308368] [PID.4424]
[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe   [233936] [PID.744]
[MD5.5AF5988C947F34FC478E0054DFD5D5F9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [5660160] [PID.3468]
[MD5.C74D9A831B523EF5A66F4F13B2DDEA2E] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe   [569344] [PID.1160]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.1384]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [44808] [PID.1936]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe   [113152] [PID.2484]
[MD5.A5F948A07B69401683BD809EEA3DC34B] - (.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe   [266343] [PID.2564]
[MD5.509980831739ED65E173EC6CAB056B5B] - (.Pas de propriétaire - MemCheck.Service.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe   [28672] [PID.2616]
[MD5.F87DDE13D57062DA8EBA2368667D8130] - (.HiTRSUT - eDataSecurity Service.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe   [457512] [PID.3240]
[MD5.A06EFD4965F8A3F97A8C9A291D032678] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.exe   [116104] [PID.3324]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe   [61440] [PID.3380]
[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe   [398184] [PID.3396]
[MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe   [682344] [PID.3428]
[MD5.DB330D9BDAEAE4A198D6EF4D15FA5101] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe   [76544] [PID.3456]
[MD5.A76CDDB6D1F25797843E2557A2118E2E] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe   [143360] [PID.3568]
[MD5.A4D2CE94B028EF1E437CF4AC3D8FF26C] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe   [2666880] [PID.4048]
[MD5.A2580C15D2664D18C3E140C7F98B366C] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe   [53248] [PID.1976]
[MD5.26ED0791F84F49571AB88CF7A8217F5C] - (.TeamViewer GmbH - Helper process for TeamViewer performance o.) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe   [106368] [PID.2428]
[MD5.639337547BACC1DC06679C1C4A8CCDBB] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- c:\program files\teamviewer\version7\TeamViewer_Desktop.exe   [2279296] [PID.4976]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\chouchou\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\ltsqtnul.default-1344757990394\prefs.js
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\ltsqtnul.default-1344757990394\user.js
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\t93wvpmh.default\prefs.js
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\t93wvpmh.default\user.js
M3 - MFPP: Plugins - [chouchou] -- C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\ltsqtnul.default-1344757990394\searchplugins\bing.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\ltsqtnul.default-1344757990394\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\t93wvpmh.default\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [chouchou] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M2 - MFEP: prefs.js [chouchou - ltsqtnul.default-1344757990394\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.)
M2 - MFEP: prefs.js [chouchou - ltsqtnul.default-1344757990394\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20120926 (.WOT Services Oy.)
M2 - MFEP: prefs.js [chouchou - t93wvpmh.default\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.)
M2 - MFEP: prefs.js [chouchou - t93wvpmh.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (.DealPly.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.1".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.3.0f4.) -- C:\Users\chouchou\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (...) -- C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll (.not file.)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} . (...) -- C:\Program Files\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (...) -- C:\Program Files\Java\jre1.6.0_02\bin\jp2ssv.dll (.not file.)
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Acer eDataSecurity Management - [HKLM]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - eDStoolbar Module.) -- C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: WOT - [HKLM]{71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files\WOT\WOT.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe 
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe 
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe 
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe 
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKUS\S-1-5-18\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe 
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKUS\S-1-5-21-2465643848-3244870746-783416107-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe 
O4 - HKUS\S-1-5-21-2465643848-3244870746-783416107-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe 
O4 - HKUS\S-1-5-21-2465643848-3244870746-783416107-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-21-2465643848-3244870746-783416107-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKUS\S-1-5-21-2465643848-3244870746-783416107-1000\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe 
O4 - HKUS\S-1-5-21-2465643848-3244870746-783416107-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\chouchou\Desktop\Corbeille - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\chouchou\Desktop\Gadwin PrintScreen.lnk . (.Gadwin Systems, Inc.)  -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Aller sur MSN.fr.url . (...)  -- C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Aller sur MSN.fr.url
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CCleaner.lnk . (.Piriform Ltd.)  -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IMGP0054 - Raccourci.lnk . (...)  -- M:\2007_12_9\IMGP0054.JPG (.not file.)
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet - Raccourci (2).lnk - Clé orpheline
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation.)  -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird (2).lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..)  -- C:\Program Files\Google\Picasa3\Picasa3.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk . (.Apple Computer, Inc..)  -- C:\Program Files\QuickTime\QuickTimePlayer.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Explorer.lnk . (.Microsoft Corporation.)  -- C:\Windows\explorer.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\chouchou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -- C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll (.not file.)
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A2B0E1E-7832-4DEC-BC6D-FF931A906AC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DB9D58F-FD38-424D-9247-1669A380A59C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{280CCE9C-2E65-4BA2-811A-10E7B67C9629}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A2B0E1E-7832-4DEC-BC6D-FF931A906AC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DB9D58F-FD38-424D-9247-1669A380A59C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{280CCE9C-2E65-4BA2-811A-10E7B67C9629}: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files\WOT\WOT.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) . (.CyberLink - CLMSServer.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) . (.Pas de propriétaire - MemCheck.Service.) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service:  (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (...) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: eDSService.exe (eDataSecurity Service) . (.HiTRSUT - eDataSecurity Service.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extende (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling  (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MgiSvr (MgiSvr) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
~ Scan Services in 00mn 12s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - D:\Picasa\Arrière-plans\picasabackground-6.bmp
O24 - Desktop General: WallPaper - .(...) - D:\Picasa\Arrière-plans\picasabackground-6.bmp
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.7F19838AC317C34FCED020BE529AF71E] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.88C511BE2C6649DAA9DABA888BBDA77E] [APT] [DealPly] (...) -- C:\Users\chouchou\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.)
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.58FC609888AAB15B5DCA23E5E521A5E1] [APT] [Hoolapp For Android] (...) -- C:\Users\chouchou\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.exe
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineCore] (...) -- C:\Program Files\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{15EA919C-1C66-41D3-815A-9CD42942DE22}] (...) -- C:\Users\chouchou\Documents\eMule0.48a-Installer2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{3BDDAE73-887F-468C-ADD3-CF3627CFA990}] (...) -- C:\Users\chouchou\Documents\install_OOo3.0.0rc120080904Win32IntelinstallenUS.exe.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{5BBF0212-596A-44CC-B250-8E998B108986}] (...) -- C:\Users\chouchou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OX5VO6U\rootsupd_afc57447f7caadd3253333e35777fcd[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{874F5818-9F4E-4415-A058-875BD5A29B71}] (...) -- C:\Users\chouchou\Documents\eMule0.48a-Installer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{91899740-7E65-4091-8E3D-1AE29BC7A898}] (...) -- C:\Program Files\Lexmark 2400 Series\Install\x86\Uninst.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{A6322717-59D1-4C15-90AF-962DFC4958AC}] (...) -- E:\setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{A7CD8033-FDFE-4DDD-AEE4-0AEB595671FD}] (...) -- C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B352423D-8178-4EA9-B2B4-662C13E26E1A}] (...) -- E:\install.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B405A819-75AA-4F0F-9F26-B3A4A39D4E6B}] (...) -- E:\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{D6E5661C-FBB0-4CD7-A3EA-5D319C0018EB}] (...) -- E:\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{DE65730E-19EC-4642-8C57-B936A31F2C9B}] (...) -- C:\Windows\system32\BTcpl.cpl (.not file.)
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_02\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r102.) -- C:\Windows\system32\Macromed\Flash\Flash10l.ocx
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller
O42 - Logiciel: Acer Arcade Live Main Page - (.Acer Inc..) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}
O42 - Logiciel: Acer DV Magician - (.Acer Inc..) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75}
O42 - Logiciel: Acer DVDivine - (.Acer Inc..) [HKLM] -- {B145EC69-66F5-11D8-9D75-000129760D75}
O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2}
O42 - Logiciel: Acer HomeMedia - (.Acer Inc..) [HKLM] -- {AA4BF92B-2AAF-11DA-9D78-000129760D75}
O42 - Logiciel: Acer HomeMedia Connect - (.Acer Inc..) [HKLM] -- {132888AE-EF67-41C5-BCA2-7D5D2488AB63}
O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer SlideShow DVD - (.Acer Inc..) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75}
O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35}
O42 - Logiciel: Acer VideoMagician - (.Acer Inc..) [HKLM] -- {F79A208D-D929-11D9-9D77-000129760D75}
O42 - Logiciel: Acer eDataSecurity Management - (.HiTRUST Inc..) [HKLM] -- {AEEAE013-92F1-4515-B278-139F1A692A36}
O42 - Logiciel: Acer ePerformance Management - (.Acer Inc..) [HKLM] -- {D462BF9E-0C35-4705-BF9B-3DF9F3816643}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: ArcSoft Magic-i 3 - (.ArcSoft.) [HKLM] -- {FAB046D7-C187-4648-A1A9-FC875F7E3FCE}
O42 - Logiciel: ArcSoft PhotoImpression 4 - (.ArcSoft.) [HKLM] -- {7D4ED56E-C3DF-46F6-924B-D6774A766943}
O42 - Logiciel: ArcSoft VideoImpression 2 - (.ArcSoft.) [HKLM] -- {719842F9-FF69-4BA6-A6FE-52244575E0B3}
O42 - Logiciel: ArcSoft WebCam Companion 2 - (.ArcSoft.) [HKLM] -- {2BB67266-D1A3-4CCC-8EB2-16770AB1FB76}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0
O42 - Logiciel: Canon MP250 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner
O42 - Logiciel: Enregistrement utilisateur de Canon MP250 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP250 series
O42 - Logiciel: Gadwin PrintScreen - (.Gadwin Systems, Inc..) [HKLM] -- Gadwin PrintScreen
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Button Manager - (.HP.) [HKLM] -- {CA634931-0CC3-4067-ABCC-7182E1DC23B7}
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: Java(TM) 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC - (.Linksys, A Division of Cisco Systems, Inc..) [HKLM] -- {F855C3AE-992D-4B84-A09D-07103CDCDAC2}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MUSICMATCH Jukebox - (.Pas de propriétaire.) [HKLM] -- MUSICMATCH Jukebox
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Manuel de l'utilisateur de la Webcam HP - (.HP.) [HKLM] -- {D31612BB-C6D7-4142-96AE-16DB062354CF}
O42 - Logiciel: Maxi Puzzles - (.Pas de propriétaire.) [HKLM] -- Maxi Puzzles_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: MioMore Desktop 2008 - (.Navman Technologies NZ Ltd.) [HKLM] -- {7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}
O42 - Logiciel: Mozilla Firefox 16.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 16.0.2 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 17.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird 17.0.2 (x86 fr)
O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {4EE2EF4B-25D3-4D44-8384-A2B96F811F55}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: TeamViewer 7 - (.TeamViewer.) [HKLM] -- TeamViewer 7
O42 - Logiciel: TerraTec Aureon 5.1 Audio Driver - (.Pas de propriétaire.) [HKLM] -- C-Media PCI Audio Driver
O42 - Logiciel: Uninstall Dual Mode Camera - (.Pas de propriétaire.) [HKLM] -- Dual Mode Camera_is1
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: WOT for Internet Explorer - (.WOT Services Oy.) [HKLM] -- {DCAEC601-735C-41AE-B84F-D792F09FB7D1}
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam
O42 - Logiciel: Yontoo 1.12.02 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: avast! Free Antivirus v7.0.1474.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1

---\\ HKCU & HKLM Software Keys
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\8322898]
[HKCU\Software\ABBYY]
[HKCU\Software\AFW Applications]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AlterGeo]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\LastScanTime]
[HKCU\Software\AppDataLow\Software\Against Intuition]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArcSoft]
[HKCU\Software\Badoo]
[HKCU\Software\BitComet]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Borland]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DealPly]
[HKCU\Software\Disney Interactive]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EMME]
[HKCU\Software\ESET]
[HKCU\Software\FSS]
[HKCU\Software\FileScout]
[HKCU\Software\FotoWire]
[HKCU\Software\Gadwin Systems]
[HKCU\Software\Gemtek]
[HKCU\Software\Google]
[HKCU\Software\HP Webcam]
[HKCU\Software\Hemera Technologies Inc.]
[HKCU\Software\HookNetwork]
[HKCU\Software\Hoolapp]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\Lexmark]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\Mio]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SOFTWIN]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\SweetIM]
[HKCU\Software\SysInternals]
[HKCU\Software\TeamViewer]
[HKCU\Software\TorrentAid]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Wajam]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Windows Live]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\acer]
[HKCU\Software\cspep]
[HKCU\Software\eSobi]
[HKCU\Software\eojet]
[HKCU\Software\keyhole.com]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Acer Inc.]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Borland]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CA561B]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DT Soft]
[HKLM\Software\DealPly]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Driver-Soft]
[HKLM\Software\Eset]
[HKLM\Software\FaxManPorts]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hemera Technologies Inc.]
[HKLM\Software\IncrediMail]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JL2005D]
[HKLM\Software\JL2005D_1]
[HKLM\Software\JL2005D_2]
[HKLM\Software\JL2005D_3]
[HKLM\Software\JL2005D_4]
[HKLM\Software\JL6_DECODE]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lexmark]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Linksys, A Division of Cisco Systems, Inc.]
[HKLM\Software\Loader]
[HKLM\Software\Logitech]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mindscape]
[HKLM\Software\Mio]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicMatch]
[HKLM\Software\Navman Technologies NZ Ltd]
[HKLM\Software\Neuf]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SOFTWIN]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Swearware]
[HKLM\Software\SweetIM]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\TrendMicro]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WIDCOMM_TEMP]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WinRAR]
[HKLM\Software\Wise Solutions]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\ZSMC]
[HKLM\Software\eMule Turbo Accelerator]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/12/2007 - 21:29:06 - [115,460] ----D C:\Program Files\Abbyy FineReader 6.0 Sprint
O43 - CFD: 06/05/2007 - 20:33:40 - [489,913] ----D C:\Program Files\Acer Arcade Live
O43 - CFD: 19/09/2007 - 19:19:06 - [0,348] ----D C:\Program Files\Acer Inc
O43 - CFD: 15/06/2008 - 05:02:35 - [12,096] ----D C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 25/08/2010 - 16:57:32 - [157,719] ----D C:\Program Files\Adobe
O43 - CFD: 10/09/2008 - 10:09:45 - [0,807] ----D C:\Program Files\Alcohol Soft
O43 - CFD: 05/10/2010 - 09:45:33 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 24/12/2009 - 19:43:36 - [427,851] ----D C:\Program Files\ArcSoft
O43 - CFD: 19/09/2007 - 19:14:50 - [13,735] ----D C:\Program Files\ATI
O43 - CFD: 19/09/2007 - 19:16:23 - [191,514] ----D C:\Program Files\ATI Technologies
O43 - CFD: 31/01/2013 - 17:55:48 - [287,190] ----D C:\Program Files\AVAST Software
O43 - CFD: 09/02/2008 - 21:53:47 - [0] ----D C:\Program Files\Best_Security_Tips
O43 - CFD: 14/01/2011 - 14:26:36 - [317,291] ----D C:\Program Files\Canon
O43 - CFD: 14/01/2011 - 14:17:11 - [14,992] ----D C:\Program Files\CanonBJ
O43 - CFD: 25/04/2012 - 16:29:15 - [4,386] ----D C:\Program Files\CCleaner
O43 - CFD: 11/10/2009 - 16:10:59 - [0] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 08/02/2013 - 14:43:01 - [712,066] ----D C:\Program Files\Common Files
O43 - CFD: 30/12/2012 - 19:35:31 - [1,155] ----D C:\Program Files\cspep
O43 - CFD: 06/05/2007 - 20:30:43 - [4,439] ----D C:\Program Files\CyberLink
O43 - CFD: 06/11/2011 - 20:42:10 - [7,546] ----D C:\Program Files\DAEMON Tools Pro
O43 - CFD: 24/10/2012 - 14:48:27 - [142,002] ----D C:\Program Files\ESET
O43 - CFD: 04/01/2009 - 18:54:08 - [0] ----D C:\Program Files\eSobi
O43 - CFD: 01/12/2007 - 19:04:57 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 30/12/2012 - 17:35:27 - [3,490] ----D C:\Program Files\Gadwin Systems
O43 - CFD: 11/10/2009 - 16:31:41 - [0,027] ----D C:\Program Files\Gamenext
O43 - CFD: 31/01/2013 - 18:02:47 - [123,885] ----D C:\Program Files\Google
O43 - CFD: 30/12/2012 - 19:25:03 - [4,594] ----D C:\Program Files\GUM845C.tmp
O43 - CFD: 19/09/2009 - 18:10:54 - [0,540] ----D C:\Program Files\HP
O43 - CFD: 09/06/2012 - 13:33:15 - [151,871] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 22/12/2012 - 06:41:19 - [6,005] ----D C:\Program Files\Internet Explorer
O43 - CFD: 06/09/2012 - 17:25:06 - [199,793] ----D C:\Program Files\Java
O43 - CFD: 24/12/2009 - 19:45:38 - [2,500] ----D C:\Program Files\JL2005D
O43 - CFD: 20/05/2010 - 11:28:42 - [15,502] ----D C:\Program Files\JRE
O43 - CFD: 21/01/2013 - 19:13:33 - [0,320] ----D C:\Program Files\Lexmark Toolbar
O43 - CFD: 11/10/2009 - 16:16:05 - [0,002] ----D C:\Program Files\Logitech
O43 - CFD: 13/01/2013 - 17:07:03 - [12,304] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 11/10/2009 - 16:19:36 - [27,354] ----D C:\Program Files\Micro Application
O43 - CFD: 25/04/2012 - 14:46:14 - [0,502] ----D C:\Program Files\Microsoft
O43 - CFD: 02/12/2007 - 03:11:03 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 13:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 06/11/2011 - 16:13:05 - [562,817] ----D C:\Program Files\Microsoft Office
O43 - CFD: 13/05/2012 - 10:16:41 - [36,641] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 01/12/2007 - 22:39:31 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 19/11/2008 - 16:12:34 - [0,014] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 19/11/2008 - 16:08:31 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 27/11/2009 - 22:09:40 - [8,426] ----D C:\Program Files\Microsoft Works
O43 - CFD: 27/06/2010 - 20:48:07 - [7,789] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 09/06/2012 - 13:33:19 - [522,631] ----D C:\Program Files\Mio Technology
O43 - CFD: 13/11/2010 - 15:59:58 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 30/01/2013 - 10:13:36 - [40,740] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 02/02/2013 - 16:48:24 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/02/2013 - 12:42:51 - [43,370] ----D C:\Program Files\Mozilla Thunderbird
O43 - CFD: 19/11/2008 - 16:12:57 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 14/06/2008 - 21:14:11 - [28,414] ----D C:\Program Files\MSECache
O43 - CFD: 02/12/2007 - 03:02:49 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 20/09/2008 - 21:52:16 - [26,637] ----D C:\Program Files\MUSICMATCH
O43 - CFD: 06/05/2007 - 20:18:00 - [46,751] ----D C:\Program Files\NewTech Infosystems
O43 - CFD: 02/02/2013 - 16:48:24 - [0] ----D C:\Program Files\Notation
O43 - CFD: 20/05/2010 - 11:28:38 - [354,248] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 05/06/2009 - 18:07:22 - [2,713] ----D C:\Program Files\QuickTime
O43 - CFD: 06/05/2007 - 20:05:49 - [14,170] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [36,910] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 09/02/2008 - 20:41:34 - [1,846] ----D C:\Program Files\Samsung
O43 - CFD: 18/03/2011 - 17:42:58 - [14,221] ----D C:\Program Files\SFR
O43 - CFD: 04/01/2009 - 18:58:35 - [0,000] ----D C:\Program Files\Shareaza
O43 - CFD: 14/09/2012 - 08:10:35 - [16,855] R---D C:\Program Files\Skype
O43 - CFD: 30/01/2013 - 10:14:54 - [7,515] ----D C:\Program Files\SweetIM
O43 - CFD: 31/03/2012 - 11:29:43 - [16,778] ----D C:\Program Files\TeamViewer
O43 - CFD: 25/04/2012 - 17:03:21 - [0,763] ----D C:\Program Files\trend micro
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 23/02/2008 - 23:04:11 - [53,231] ----D C:\Program Files\VideoLAN
O43 - CFD: 30/01/2013 - 10:13:48 - [0,109] ----D C:\Program Files\Wajam
O43 - CFD: 25/05/2008 - 13:21:59 - [6,379] ----D C:\Program Files\Western Digital
O43 - CFD: 13/11/2010 - 15:59:58 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 13/11/2010 - 15:59:58 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 13/11/2010 - 15:59:56 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 13/05/2012 - 10:15:25 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 19/06/2012 - 13:00:42 - [186,724] ----D C:\Program Files\Windows Live
O43 - CFD: 12/04/2012 - 11:59:03 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 13/11/2010 - 15:59:58 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 01/12/2007 - 19:04:57 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 13/11/2010 - 15:59:57 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 25/11/2010 - 09:44:49 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 06/09/2011 - 13:57:18 - [6,409] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 20/05/2010 - 11:54:34 - [3,707] ----D C:\Program Files\WinRAR
O43 - CFD: 08/02/2013 - 16:24:10 - [1,540] ----D C:\Program Files\WOT
O43 - CFD: 01/12/2007 - 19:11:11 - [0,214] ----D C:\Program Files\Yahoo!
O43 - CFD: 04/02/2013 - 19:10:31 - [0] ----D C:\Program Files\Yontoo
O43 - CFD: 09/02/2013 - 11:02:43 - [0] ----D C:\Program Files\ZebHelpProcess
O43 - CFD: 09/02/2013 - 18:04:17 - [11,581] ----D C:\Program Files\ZHPDiag
O43 - CFD: 01/10/2011 - 07:47:09 - [3,086] ----D C:\Program Files\ZooskMessenger(4)
O43 - CFD: 30/01/2012 - 12:16:19 - [6,178] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 22/08/2011 - 08:34:04 - [30,069] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 28/01/2009 - 10:34:15 - [0] ----D C:\Program Files\Common Files\Ahead
O43 - CFD: 19/09/2009 - 18:02:57 - [16,563] ----D C:\Program Files\Common Files\ArcSoft
O43 - CFD: 25/04/2012 - 14:01:56 - [7,320] ----D C:\Program Files\Common Files\Borland Shared
O43 - CFD: 14/01/2011 - 14:22:05 - [0,001] ----D C:\Program Files\Common Files\CANON
O43 - CFD: 19/11/2008 - 16:12:34 - [0,089] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 06/05/2007 - 20:30:01 - [8,056] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 06/09/2012 - 17:27:12 - [34,236] ----D C:\Program Files\Common Files\Java
O43 - CFD: 06/05/2007 - 20:17:31 - [6,846] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 13/11/2010 - 15:54:35 - [0,884] ----D C:\Program Files\Common Files\logishrd
O43 - CFD: 22/02/2012 - 12:10:36 - [433,530] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 06/05/2007 - 20:17:12 - [9,257] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 06/05/2007 - 20:18:01 - [2,184] ----D C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/09/2012 - 08:10:34 - [2,056] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 10/04/2009 - 14:46:42 - [8,385] ----D C:\Program Files\Common Files\Softwin
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/01/2009 - 20:13:20 - [0] ----D C:\Program Files\Common Files\SWF Studio
O43 - CFD: 08/01/2008 - 18:10:39 - [4,504] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 10/11/2011 - 08:06:32 - [44,185] ----D C:\Program Files\Common Files\System
O43 - CFD: 20/01/2009 - 17:51:50 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 01/12/2007 - 22:36:54 - [58,522] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 30/01/2012 - 12:16:25 - [332,213] ----D C:\ProgramData\Adobe
O43 - CFD: 13/11/2010 - 16:54:25 - [3,089] ----D C:\ProgramData\Alwil Software
O43 - CFD: 02/11/2006 - 14:02:03 - [0] ----D C:\ProgramData\Application Data
O43 - CFD: 29/11/2010 - 09:50:40 - [1,612] ----D C:\ProgramData\ArcSoft
O43 - CFD: 31/01/2013 - 17:55:48 - [1,135] ----D C:\ProgramData\AVAST Software
O43 - CFD: 01/12/2007 - 19:04:57 - [0,006] R-H-D C:\ProgramData\Bureau
O43 - CFD: 14/01/2011 - 14:19:48 - [20,622] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 19/11/2012 - 19:23:24 - [0,000] ----D C:\ProgramData\CanonIJ
O43 - CFD: 19/01/2011 - 14:16:50 - [0,000] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 17/01/2011 - 18:15:44 - [0,000] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 14/01/2011 - 14:26:44 - [0,000] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 07/02/2013 - 11:18:36 - [0,004] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 14/01/2011 - 14:26:46 - [0,000] --H-D C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 12/02/2008 - 23:12:22 - [0,022] ----D C:\ProgramData\CyberLink
O43 - CFD: 10/09/2008 - 10:49:43 - [0] ----D C:\ProgramData\DAEMON Tools Pro
O43 - CFD: 02/11/2006 - 14:02:03 - [0] ----D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:03 - [0] ----D C:\ProgramData\Documents
O43 - CFD: 07/02/2010 - 12:41:31 - [0,000] ----D C:\ProgramData\Driver Whiz
O43 - CFD: 19/01/2013 - 12:02:46 - [0] ----D C:\ProgramData\eSobi
O43 - CFD: 01/12/2007 - 19:04:57 - [0] R-H-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:03 - [0] R-H-D C:\ProgramData\Favorites
O43 - CFD: 01/12/2007 - 21:35:35 - [0] ----D C:\ProgramData\FaxCtr
O43 - CFD: 27/01/2008 - 19:17:31 - [0] ----D C:\ProgramData\FloodLightGames
O43 - CFD: 31/01/2013 - 18:03:09 - [1,665] ----D C:\ProgramData\Google
O43 - CFD: 17/10/2008 - 17:44:07 - [0] ----D C:\ProgramData\Logitech
O43 - CFD: 25/04/2012 - 16:09:04 - [26,024] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 13/01/2012 - 11:19:03 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 01/12/2007 - 19:04:57 - [0] ----D C:\ProgramData\Menu Démarrer
O43 - CFD: 13/01/2013 - 17:59:54 - [239,700] -S--D C:\ProgramData\Microsoft
O43 - CFD: 10/01/2013 - 08:25:19 - [0,064] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 01/12/2007 - 19:04:57 - [0,030] ----D C:\ProgramData\Modèles
O43 - CFD: 03/05/2012 - 22:45:37 - [0,031] ----D C:\ProgramData\Mozilla
O43 - CFD: 14/02/2010 - 12:17:54 - [0,000] ----D C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 05/06/2009 - 18:07:19 - [0,022] ----D C:\ProgramData\QuickTime
O43 - CFD: 14/09/2012 - 08:10:47 - [36,511] ----D C:\ProgramData\Skype
O43 - CFD: 02/11/2006 - 14:02:03 - [0] ----D C:\ProgramData\Start Menu
O43 - CFD: 20/05/2010 - 11:27:14 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 30/01/2013 - 10:13:43 - [2,571] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 16/01/2013 - 21:51:14 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 14:02:04 - [0,030] ----D C:\ProgramData\Templates
O43 - CFD: 12/01/2013 - 11:41:00 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 20/09/2008 - 21:44:40 - [1,551] ----D C:\ProgramData\WLInstaller
O43 - CFD: 15/06/2008 - 05:01:50 - [6,585] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 25/04/2012 - 14:40:36 - [0,010] ----D C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
O43 - CFD: 25/08/2010 - 16:44:39 - [14,584] ----D C:\Users\chouchou\AppData\Roaming\Adobe
O43 - CFD: 09/12/2007 - 08:42:09 - [0] ----D C:\Users\chouchou\AppData\Roaming\AdobeUM
O43 - CFD: 02/02/2013 - 12:38:52 - [0] ----D C:\Users\chouchou\AppData\Roaming\Advernet
O43 - CFD: 22/12/2007 - 21:51:35 - [0,001] ----D C:\Users\chouchou\AppData\Roaming\Ahead
O43 - CFD: 07/06/2012 - 19:25:15 - [0,010] ----D C:\Users\chouchou\AppData\Roaming\ArcSoft
O43 - CFD: 15/12/2007 - 19:42:25 - [0] ----D C:\Users\chouchou\AppData\Roaming\ATI
O43 - CFD: 17/01/2011 - 18:17:29 - [0,000] ----D C:\Users\chouchou\AppData\Roaming\Canon
O43 - CFD: 25/08/2010 - 16:57:40 - [0,030] ----D C:\Users\chouchou\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
O43 - CFD: 01/02/2008 - 23:00:17 - [0,000] ----D C:\Users\chouchou\AppData\Roaming\CyberLink
O43 - CFD: 19/11/2008 - 15:49:04 - [0,001] ----D C:\Users\chouchou\AppData\Roaming\DAEMON Tools
O43 - CFD: 10/09/2008 - 10:49:43 - [0,001] ----D C:\Users\chouchou\AppData\Roaming\DAEMON Tools Pro
O43 - CFD: 30/01/2013 - 10:13:42 - [0,087] ----D C:\Users\chouchou\AppData\Roaming\DealPly
O43 - CFD: 19/04/2008 - 07:32:19 - [0] ----D C:\Users\chouchou\AppData\Roaming\eMule
O43 - CFD: 01/12/2007 - 20:58:47 - [0] ----D C:\Users\chouchou\AppData\Roaming\eSobi
O43 - CFD: 28/08/2012 - 13:46:38 - [0] ----D C:\Users\chouchou\AppData\Roaming\FastStone
O43 - CFD: 27/01/2008 - 19:17:31 - [0,426] ----D C:\Users\chouchou\AppData\Roaming\FloodLightGames
O43 - CFD: 03/09/2010 - 09:22:37 - [0,032] ----D C:\Users\chouchou\AppData\Roaming\Google
O43 - CFD: 14/06/2008 - 20:54:24 - [184,032] ----D C:\Users\chouchou\AppData\Roaming\Hemera
O43 - CFD: 31/01/2013 - 18:02:39 - [0,096] ----D C:\Users\chouchou\AppData\Roaming\HoolappForAndroid
O43 - CFD: 01/12/2007 - 19:11:24 - [0] ----D C:\Users\chouchou\AppData\Roaming\Identities
O43 - CFD: 23/03/2009 - 19:53:48 - [0] ----D C:\Users\chouchou\AppData\Roaming\InstallShield
O43 - CFD: 13/01/2013 - 17:20:32 - [0,001] ----D C:\Users\chouchou\AppData\Roaming\LavasoftStatistics
O43 - CFD: 17/10/2008 - 17:44:38 - [0,027] ----D C:\Users\chouchou\AppData\Roaming\Leadertech
O43 - CFD: 17/01/2010 - 14:02:22 - [25,413] ----D C:\Users\chouchou\AppData\Roaming\LimeWire
O43 - CFD: 01/12/2007 - 19:12:20 - [0,009] ----D C:\Users\chouchou\AppData\Roaming\Macromedia
O43 - CFD: 25/04/2012 - 16:09:13 - [0,002] ----D C:\Users\chouchou\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\chouchou\AppData\Roaming\Media Center Programs
O43 - CFD: 28/08/2012 - 13:00:33 - [3,885] -S--D C:\Users\chouchou\AppData\Roaming\Microsoft
O43 - CFD: 22/11/2011 - 09:29:44 - [39,338] ----D C:\Users\chouchou\AppData\Roaming\Mozilla
O43 - CFD: 24/09/2008 - 21:02:30 - [2,273] ----D C:\Users\chouchou\AppData\Roaming\OpenOffice.org
O43 - CFD: 25/12/2012 - 10:40:32 - [0] ----D C:\Users\chouchou\AppData\Roaming\Optimizer Pro
O43 - CFD: 14/09/2012 - 08:12:48 - [3,095] ----D C:\Users\chouchou\AppData\Roaming\Skype
O43 - CFD: 02/02/2013 - 12:43:04 - [39,354] ----D C:\Users\chouchou\AppData\Roaming\Thunderbird
O43 - CFD: 23/02/2008 - 23:04:40 - [0,354] ----D C:\Users\chouchou\AppData\Roaming\vlc
O43 - CFD: 15/11/2008 - 17:35:43 - [0] ----D C:\Users\chouchou\AppData\Roaming\Windows Live Writer
O43 - CFD: 20/05/2010 - 11:55:01 - [0,000] ----D C:\Users\chouchou\AppData\Roaming\WinRAR
O43 - CFD: 19/01/2011 - 14:13:24 - [0,048] ----D C:\Users\chouchou\AppData\Local\ABBYY
O43 - CFD: 01/12/2007 - 21:14:08 - [0,007] ----D C:\Users\chouchou\AppData\Local\Acer Arcade Live
O43 - CFD: 22/06/2012 - 10:29:04 - [120,969] ----D C:\Users\chouchou\AppData\Local\Adobe
O43 - CFD: 01/12/2007 - 19:09:08 - [0] ----D C:\Users\chouchou\AppData\Local\Application Data
O43 - CFD: 29/11/2009 - 14:23:42 - [0] ----D C:\Users\chouchou\AppData\Local\Apps
O43 - CFD: 19/09/2009 - 18:07:51 - [0,002] ----D C:\Users\chouchou\AppData\Local\ArcSoft
O43 - CFD: 28/01/2009 - 09:39:54 - [0,091] ----D C:\Users\chouchou\AppData\Local\Ares
O43 - CFD: 15/12/2007 - 19:42:25 - [0,034] ----D C:\Users\chouchou\AppData\Local\ATI
O43 - CFD: 17/01/2011 - 18:16:21 - [0,028] ----D C:\Users\chouchou\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 24/12/2007 - 18:43:36 - [0,007] ----D C:\Users\chouchou\AppData\Local\CDBurnerXP_Soft
O43 - CFD: 02/12/2007 - 14:44:34 - [0,008] ----D C:\Users\chouchou\AppData\Local\DVDivine
O43 - CFD: 12/12/2009 - 12:16:31 - [0] ----D C:\Users\chouchou\AppData\Local\eMule
O43 - CFD: 30/12/2012 - 17:12:26 - [0] ----D C:\Users\chouchou\AppData\Local\FastStone
O43 - CFD: 02/02/2013 - 11:28:01 - [496,376] ----D C:\Users\chouchou\AppData\Local\Google
O43 - CFD: 01/12/2007 - 19:09:08 - [3,516] -SH-D C:\Users\chouchou\AppData\Local\Historique
O43 - CFD: 09/01/2009 - 16:06:40 - [1,992] ----D C:\Users\chouchou\AppData\Local\IM
O43 - CFD: 13/01/2013 - 17:59:54 - [731,981] ----D C:\Users\chouchou\AppData\Local\Microsoft
O43 - CFD: 08/11/2010 - 15:22:40 - [1,333] ----D C:\Users\chouchou\AppData\Local\Microsoft Games
O43 - CFD: 05/01/2009 - 09:57:03 - [0,283] ----D C:\Users\chouchou\AppData\Local\Microsoft Help
O43 - CFD: 25/04/2012 - 16:51:17 - [0,001] ----D C:\Users\chouchou\AppData\Local\MigWiz
O43 - CFD: 09/06/2012 - 13:38:35 - [0,000] ----D C:\Users\chouchou\AppData\Local\MiTAC_International_Corpo
O43 - CFD: 22/11/2011 - 09:29:44 - [0,018] ----D C:\Users\chouchou\AppData\Local\Mozilla
O43 - CFD: 24/11/2011 - 14:48:53 - [0] ----D C:\Users\chouchou\AppData\Local\PackageAware
O43 - CFD: 01/12/2007 - 19:11:53 - [0] ----D C:\Users\chouchou\AppData\Local\PowerCinema
O43 - CFD: 15/06/2008 - 05:01:38 - [0,272] ----D C:\Users\chouchou\AppData\Local\Seven Zip
O43 - CFD: 09/02/2013 - 18:03:53 - [0,888] ----D C:\Users\chouchou\AppData\Local\Temp
O43 - CFD: 01/12/2007 - 19:09:08 - [0] ----D C:\Users\chouchou\AppData\Local\Temporary Internet Files
O43 - CFD: 02/02/2013 - 12:43:04 - [1,782] ----D C:\Users\chouchou\AppData\Local\Thunderbird
O43 - CFD: 16/07/2011 - 11:08:49 - [0,200] ----D C:\Users\chouchou\AppData\Local\Unity
O43 - CFD: 12/02/2008 - 23:12:21 - [0,007] ----D C:\Users\chouchou\AppData\Local\VideoMagician
O43 - CFD: 01/12/2007 - 21:56:42 - [206,859] ----D C:\Users\chouchou\AppData\Local\VirtualStore
O43 - CFD: 30/01/2013 - 10:13:32 - [0,054] ----D C:\Users\chouchou\AppData\Local\Wajam
O43 - CFD: 17/08/2012 - 19:53:34 - [0,188] ----D C:\Users\chouchou\AppData\Local\Windows Live
O43 - CFD: 15/11/2008 - 17:35:46 - [0,227] ----D C:\Users\chouchou\AppData\Local\Windows Live Writer
O43 - CFD: 24/12/2009 - 20:55:58 - [2,086] ----D C:\Users\chouchou\AppData\Local\Xenocode
O43 - CFD: 21/01/2013 - 12:19:15 - [0] ----D C:\Users\chouchou\AppData\Local\{06A720E2-DA0C-4A44-8AEF-1257D34E14CC}
O43 - CFD: 03/02/2013 - 15:06:47 - [0] ----D C:\Users\chouchou\AppData\Local\{0F0FB0BF-BFCA-4D5F-941D-8CB4F463CB7C}
O43 - CFD: 27/01/2013 - 16:34:18 - [0] ----D C:\Users\chouchou\AppData\Local\{16426063-6C81-4DC1-B12E-329D699F696B}
O43 - CFD: 31/01/2013 - 17:41:10 - [0] ----D C:\Users\chouchou\AppData\Local\{1D81F9F3-A8C1-43C1-9D42-63462C039B18}
O43 - CFD: 23/01/2013 - 21:39:48 - [0] ----D C:\Users\chouchou\AppData\Local\{255E2B1C-7AC2-46CE-B5BD-53D434E720E1}
O43 - CFD: 05/02/2013 - 14:37:44 - [0] ----D C:\Users\chouchou\AppData\Local\{28F2828B-1B03-4E49-9A4E-CA5BC5FDA010}
O43 - CFD: 02/02/2013 - 11:29:22 - [0] ----D C:\Users\chouchou\AppData\Local\{567F266B-5C5D-4FE5-BC81-3637CAAA7170}
O43 - CFD: 04/02/2013 - 09:09:23 - [0] ----D C:\Users\chouchou\AppData\Local\{5CCA6054-F77B-481D-89A5-5B2E15F638D4}
O43 - CFD: 22/01/2013 - 14:10:27 - [0] ----D C:\Users\chouchou\AppData\Local\{6163633C-D0C4-4CAE-B341-7FE851511093}
O43 - CFD: 07/02/2013 - 09:30:16 - [0] ----D C:\Users\chouchou\AppData\Local\{629B1EBF-1A22-4B9D-AE13-DF37A4603C39}
O43 - CFD: 24/01/2013 - 21:40:42 - [0] ----D C:\Users\chouchou\AppData\Local\{8EA6C24A-FCC4-4FB6-ADE1-4FC0A44CFF67}
O43 - CFD: 23/01/2013 - 09:39:22 - [0] ----D C:\Users\chouchou\AppData\Local\{94EB847B-CAE8-4B7C-BFAB-105B644E1A84}
O43 - CFD: 26/01/2013 - 21:55:49 - [0] ----D C:\Users\chouchou\AppData\Local\{94F4CBF4-B318-40ED-84FE-299F4FD4CE73}
O43 - CFD: 20/01/2013 - 23:29:50 - [0] ----D C:\Users\chouchou\AppData\Local\{B612DE06-4981-4C84-AA56-6DADB10C0296}
O43 - CFD: 25/01/2013 - 10:39:28 - [0] ----D C:\Users\chouchou\AppData\Local\{BD0581BF-BF5B-423A-ADB9-1F5938407B2E}
O43 - CFD: 29/01/2013 - 13:45:16 - [0] ----D C:\Users\chouchou\AppData\Local\{CE45E90D-4E84-4261-B175-47C2C1C1987A}
O43 - CFD: 06/02/2013 - 17:03:49 - [0] ----D C:\Users\chouchou\AppData\Local\{DF475B9C-316B-4669-8AB2-3EACA61582F7}
O43 - CFD: 28/01/2013 - 19:31:59 - [0] ----D C:\Users\chouchou\AppData\Local\{E3DBD782-394B-426A-B2F7-D05FC6FBDEB1}
O43 - CFD: 30/01/2013 - 09:58:30 - [0] ----D C:\Users\chouchou\AppData\Local\{EA8F9600-939A-49CC-8DDB-2C4F72A1832F}
O43 - CFD: 09/02/2013 - 10:56:38 - [0] ----D C:\Users\chouchou\AppData\Local\{F69976E7-D75D-4D60-A991-8BF502B90ABA}
O43 - CFD: 08/02/2013 - 16:34:58 - [0] ----D C:\Users\chouchou\AppData\Local\{F8244F12-A519-4A22-B67C-94083DC1B5FF}
O43 - CFD: 24/01/2013 - 09:40:15 - [0] ----D C:\Users\chouchou\AppData\Local\{FCFDFDB6-50C0-4923-B9AB-BCF819CEB088}
O43 - CFD: 02/11/2006 - 13:54:36 - [0,015] R---D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 01/12/2007 - 19:11:38 - [0,000] R---D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 30/01/2013 - 10:13:58 - [0,004] ----D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
O43 - CFD: 13/01/2013 - 16:19:05 - [0] ----D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems
O43 - CFD: 02/11/2006 - 13:50:41 - [0,001] R---D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/02/2013 - 14:07:10 - [0,001] R---D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 30/01/2013 - 10:13:41 - [0,001] ----D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
O43 - CFD: 20/05/2010 - 11:54:34 - [0,002] ----D C:\Users\chouchou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 05s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D966CDE9095943DE8752A8EB55A74686] - 09/02/2013 - 17:06:05 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1611889]
O44 - LFC:[MD5.1E57BB91D801A88048ADBBE116C91332] - 09/02/2013 - 15:54:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [405800]
O44 - LFC:[MD5.C643BE3641B4E2D59DD1F9708BD7F24A] - 09/02/2013 - 15:53:55 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.37CEB4A7596EE7D089E7B9B681087C4F] - 08/02/2013 - 14:50:47 ---A- . (...) -- C:\ComboFix.txt   [16711]
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 08/02/2013 - 14:47:57 ---A- . (...) -- C:\Windows\system.ini   [215]
O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 08/02/2013 - 14:31:11 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe   [60416]
O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 08/02/2013 - 14:31:11 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe   [518144]
O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 08/02/2013 - 14:31:11 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe   [406528]
O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 08/02/2013 - 13:22:12 ---A- . (...) -- C:\Windows\QTFont.qfn   [54156]
O44 - LFC:[MD5.E029CD2204E084EA8485AD3495E0CAB8] - 07/02/2013 - 15:00:28 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1496184]
O44 - LFC:[MD5.5736BCF701866D62E28050BD6B1A2C98] - 07/02/2013 - 15:00:28 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [104110]
O44 - LFC:[MD5.F767DEE56C255A8C01739C44AECC3BEE] - 07/02/2013 - 15:00:28 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [126658]
O44 - LFC:[MD5.2CFF9A3DBC74E0299600EF70436BB436] - 07/02/2013 - 15:00:28 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [596036]
O44 - LFC:[MD5.231ECBB71E4F63710181060D5E59417F] - 07/02/2013 - 15:00:28 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [679042]
O44 - LFC:[MD5.DE6ED95AEF259979B2830450072A627B] - 31/01/2013 - 18:01:10 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys   [21256]
O44 - LFC:[MD5.67B558895695545FB0568B7541F3BCA7] - 31/01/2013 - 18:01:06 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys   [361032]
O44 - LFC:[MD5.7C9F0A2AB17D52261A9252A2EB320884] - 31/01/2013 - 18:00:44 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys   [35928]
O44 - LFC:[MD5.E3E73B2B73A4DFADFDDF557192C4B08A] - 31/01/2013 - 18:00:40 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys   [54232]
O44 - LFC:[MD5.B32E9AD44A1DBB3E8095E80F8DF32B03] - 31/01/2013 - 18:00:31 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys   [738504]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 31/01/2013 - 18:00:27 ---A- . (...) -- C:\Windows\System32\config.nt   [2577]
O44 - LFC:[MD5.62F9DCEC95F91B8E0203E85D344A7E65] - 31/01/2013 - 18:00:27 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys   [58680]
O44 - LFC:[MD5.74D55DED81C61871F0DB7F3A63A4D312] - 31/01/2013 - 17:56:48 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr   [41224]
O44 - LFC:[MD5.A4B4FE50CCA23B38688003EA85A30EF6] - 31/01/2013 - 17:56:47 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe   [227648]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 22/01/2013 - 15:02:56 ---A- . (...) -- C:\Windows\epplauncher.mif   [1912]
O44 - LFC:[MD5.726A04EA4963D1836E25DDB939C18CC0] - 21/01/2013 - 19:13:34 ---A- . (...) -- C:\Windows\System32\LexFiles.ulf   [2403]
O44 - LFC:[MD5.EFD231D7FF4D55A54FDA9EA31B4EB67C] - 21/01/2013 - 19:13:32 ---A- . (...) -- C:\lxcr.log   [100]
O44 - LFC:[MD5.F5CDA913FDE5B1FD86C9E230E9F847A5] - 21/01/2013 - 19:13:26 ---A- . (...) -- C:\lxcrscan.log   [151]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 26/06/2011 - 07:45:56 ---A- . (...) -- C:\Windows\PEV.exe   [256000]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 07/11/2010 - 18:20:24 ---A- . (...) -- C:\Windows\MBR.exe   [208896]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\grep.exe   [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\sed.exe   [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\zip.exe   [68096]
~ Scan Files in 00mn 32s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.4EA315DDEF4698E8EA8F6CE2604D285A] - 03/02/2013 - 14:11:33 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.CAC109FC54F7A4C23C2B7D6484EB884D] - 03/02/2013 - 14:12:35 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.65467B5D15CC776B82B02DC576E6A291] - 08/02/2013 - 14:07:21 ---A- - C:\Windows\Prefetch\WMIC.EXE-A7D06383.pf
O45 - LFCP:[MD5.B9B0BE9E208128962D1AC27CEDB60ACB] - 08/02/2013 - 14:32:41 ---A- - C:\Windows\Prefetch\CF6715.3XE-FFD110B0.pf
O45 - LFCP:[MD5.D14A671122A742FD0D7B63ED462A8BD2] - 08/02/2013 - 14:35:37 ---A- - C:\Windows\Prefetch\PEV.3XE-82BE176E.pf
O45 - LFCP:[MD5.1FFC4E0F7D0BE581146BF58B569BD3DC] - 08/02/2013 - 14:35:38 ---A- - C:\Windows\Prefetch\SWXCACLS.3XE-B9DEC87F.pf
O45 - LFCP:[MD5.3457019EA3BC10BBEFA7C6BE97CEA9AF] - 08/02/2013 - 14:35:39 ---A- - C:\Windows\Prefetch\GREP.3XE-E3BCD30D.pf
O45 - LFCP:[MD5.907BCFB69B16C77D51EA54B6DD4DCBF5] - 08/02/2013 - 14:35:39 ---A- - C:\Windows\Prefetch\SED.3XE-A9B5A7B3.pf
O45 - LFCP:[MD5.9D94ACB2FD667103B9A43CD563BF9B1A] - 08/02/2013 - 14:35:39 ---A- - C:\Windows\Prefetch\SWREG.3XE-1E942DC7.pf
O45 - LFCP:[MD5.733CB063A14799F86DF426B8B8A6638E] - 08/02/2013 - 14:35:41 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-8F1B6CBC.pf
O45 - LFCP:[MD5.4C06135E9D885D7616560169407DB040] - 08/02/2013 - 14:35:54 ---A- - C:\Windows\Prefetch\PEV.3XE-1AE655A3.pf
O45 - LFCP:[MD5.A8452BD7788240A2AB2E44F22ACD682E] - 08/02/2013 - 14:35:54 ---A- - C:\Windows\Prefetch\SED.3XE-41DDE5E8.pf
O45 - LFCP:[MD5.D418712E690A6EFFC79CF85C5B5E423C] - 08/02/2013 - 14:35:54 ---A- - C:\Windows\Prefetch\SWREG.3XE-0F3235AC.pf
O45 - LFCP:[MD5.72AEAC5A9E63D77EF8122CDCF23C7A74] - 08/02/2013 - 14:35:55 ---A- - C:\Windows\Prefetch\GREP.3XE-92F17C7A.pf
O45 - LFCP:[MD5.4561F49EA73EABDB0EF8B1A909341BE8] - 08/02/2013 - 14:50:42 ---A- - C:\Windows\Prefetch\FINDSTR.EXE-2E9C6FE2.pf
O45 - LFCP:[MD5.60C888B89FF3FD67F6DE6F5566B2D32E] - 08/02/2013 - 14:50:49 ---A- - C:\Windows\Prefetch\CHCP.COM-61043047.pf
O45 - LFCP:[MD5.3E26256A1BE726A3E4F9451CE7C508BE] - 08/02/2013 - 15:48:58 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E8AC3089.pf
O45 - LFCP:[MD5.B84D28A4D2B0911DDB886AFCC3A181A9] - 08/02/2013 - 16:11:28 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA9BDDD2.pf
O45 - LFCP:[MD5.D2B030E65883468F9FB21470E957266A] - 08/02/2013 - 16:17:51 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B615E6ED.pf
O45 - LFCP:[MD5.B85F5902521C38BA649A1370554F784B] - 08/02/2013 - 16:20:13 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-172CF576.pf
O45 - LFCP:[MD5.112F6132E8A99254D4072B8165561A5D] - 08/02/2013 - 16:24:16 ---A- - C:\Windows\Prefetch\WSS.EXE-056D83F9.pf
O45 - LFCP:[MD5.655DF26D9307EFCB009233A774BB2DE5] - 08/02/2013 - 16:31:07 ---A- - C:\Windows\Prefetch\TV_W32.EXE-0C807AC1.pf
O45 - LFCP:[MD5.4C675CCC239437AB6059044D187568DC] - 08/02/2013 - 16:34:23 ---A- - C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf
O45 - LFCP:[MD5.78333332A69B2BF91832572008A9AB4A] - 08/02/2013 - 17:16:10 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-707B5C72.pf
O45 - LFCP:[MD5.932CC8715B4880C7197C5495823A0D6F] - 08/02/2013 - 17:55:10 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:[MD5.9CB337D7EF195D668ABBDE49A4F84DBE] - 09/02/2013 - 10:54:33 ---A- - C:\Windows\Prefetch\ERECOVERYSERVICE.EXE-42F19B34.pf
O45 - LFCP:[MD5.0F09AB515733BA4A483BA729762DF36B] - 09/02/2013 - 10:54:33 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
O45 - LFCP:[MD5.B1095476985DD6B8B88AE129149A6F8F] - 09/02/2013 - 10:55:24 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-6EF4B603.pf
O45 - LFCP:[MD5.BAF8237C2DA25173583646796F06BD6C] - 09/02/2013 - 10:59:50 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.CCDFE7F256350C4A609AFB26C6E754FB] - 09/02/2013 - 11:00:37 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEONDEMAND.EXE-F042B9AF.pf
O45 - LFCP:[MD5.D766201181A67479F0E54B9691FD7A1A] - 09/02/2013 - 11:00:42 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_94DDE1ED-01D00A60.pf
O45 - LFCP:[MD5.103FBE5A0C5CBD9A7B181E7EA7D3DFE0] - 09/02/2013 - 11:00:46 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-09540BCD.pf
O45 - LFCP:[MD5.153B058D50E6226B69B8DC03DAE03F1D] - 09/02/2013 - 11:00:52 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-EB3F2433.pf
O45 - LFCP:[MD5.251AE4D19F1527AA42EA0E9F0C900D05] - 09/02/2013 - 11:01:26 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7FAA2E4C.pf
O45 - LFCP:[MD5.8A729528140EB12B8A93CE97749BCCE9] - 09/02/2013 - 11:01:40 ---A- - C:\Windows\Prefetch\UNINS000.EXE-28317D3C.pf
O45 - LFCP:[MD5.230125F5965BFC57D14CE167A2E7DDEC] - 09/02/2013 - 11:01:42 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-AC11A5B8.pf
O45 - LFCP:[MD5.F336372580BEA515BB5FEF1E97CD2E3F] - 09/02/2013 - 11:06:30 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-DC641591.pf
O45 - LFCP:[MD5.84DE1EE3CA3E94FDD1A592222E965246] - 09/02/2013 - 11:06:35 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-A1850D0A.pf
O45 - LFCP:[MD5.F6EA1489530E559C824C7F479AE5CEA3] - 09/02/2013 - 11:06:36 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-2FFD4034.pf
O45 - LFCP:[MD5.5E85081A71EF0DA2BAA673E061AD1957] - 09/02/2013 - 12:27:07 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-53F681E6.pf
O45 - LFCP:[MD5.655B5EF96A2C5E89EE7AD55443B8AFEE] - 09/02/2013 - 14:28:28 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf
O45 - LFCP:[MD5.A2BC28167D8224D589D57CEA39196422] - 09/02/2013 - 14:31:50 ---A- - C:\Windows\Prefetch\ACRORD32INFO.EXE-1C0557AA.pf
O45 - LFCP:[MD5.936AF298C61DF5B51F2D40E2C77B38C4] - 09/02/2013 - 14:44:25 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf
O45 - LFCP:[MD5.E32060FB05885D408E7AFF188FF0DFBD] - 09/02/2013 - 14:47:01 ---A- - C:\Windows\Prefetch\CTFMON.EXE-9450846B.pf
O45 - LFCP:[MD5.D75C90EEF42BAFA1DCF76D463E00D37A] - 09/02/2013 - 15:02:32 ---A- - C:\Windows\Prefetch\AVAST.SETUP-B1D66586.pf
O45 - LFCP:[MD5.76A7F34985A20DD0E2F47D89E512981A] - 09/02/2013 - 15:03:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf
O45 - LFCP:[MD5.E78F368923630115325037F3D0B1E02D] - 09/02/2013 - 15:45:49 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.DFA559A8A93C43A8AAEA4F971CA7D135] - 09/02/2013 - 15:45:54 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.BF409CBBCC626FA9FF62983940680BA1] - 09/02/2013 - 15:45:58 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
O45 - LFCP:[MD5.3AAB1F8F691F9A71CAB1080A26E0ED7A] - 09/02/2013 - 15:52:09 ---A- - C:\Windows\Prefetch\SETUP.EXE-FDBAAFD1.pf
O45 - LFCP:[MD5.9D03175BF5E2EF12E048DD6E6DFF2F9A] - 09/02/2013 - 15:52:11 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf
O45 - LFCP:[MD5.2CE4EF21B315765DD381EBA4EE953C5F] - 09/02/2013 - 15:52:17 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.87F742BE6C32D54F488B914C06FF705A] - 09/02/2013 - 15:52:44 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.C6336C7E44ADD15F295D130DD159A3E5] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf
O45 - LFCP:[MD5.3DBD4E2AE55CCA72199D8C6BFF1D007A] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\AVASTSVC.EXE-AEB722C6.pf
O45 - LFCP:[MD5.639140A3D42858FB6E2D473E57BFEFA9] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
O45 - LFCP:[MD5.FB4A46FBCEE31FE9192194B612ABBA65] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.0238C0F357B86A8D7BBAFE9EA2D44842] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.0D4C44EC461EA39271FFF585C0DCF16F] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
O45 - LFCP:[MD5.59895E0920F67EF94A4F26285287C03B] - 09/02/2013 - 15:55:54 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
O45 - LFCP:[MD5.87BE0CADB5BD1F75F9647E5397255960] - 09/02/2013 - 15:56:13 ---A- - C:\Windows\Prefetch\MBRWRWIN.EXE-2144233B.pf
O45 - LFCP:[MD5.BE250A72775ACF97B552B2ED0B13AF99] - 09/02/2013 - 15:56:38 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf
O45 - LFCP:[MD5.F48AC7914F31F950C6964F8E655BBC89] - 09/02/2013 - 15:56:57 ---A- - C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf
O45 - LFCP:[MD5.4BF1C1239CEC1AE33DB0212023C5DD24] - 09/02/2013 - 15:57:26 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.A5A4DEB3F55D8DF3F59D41546EB66DBC] - 09/02/2013 - 15:57:27 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.356A25EAB9C8D72DB01C4CEE1D769239] - 09/02/2013 - 15:58:32 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf
O45 - LFCP:[MD5.12913227B5319315500D24E9F6279BEB] - 09/02/2013 - 15:58:32 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.456390EA1AC0598E13570CE296716E44] - 09/02/2013 - 15:59:05 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.01A8B285FAD437B8CAEAF12CC9D49496] - 09/02/2013 - 15:59:13 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.FEB9B2481CDF6F4A128A017CAE124338] - 09/02/2013 - 16:02:28 ---A- - C:\Windows\Prefetch\RIBBONS.SCR-9E2C8FF1.pf
O45 - LFCP:[MD5.5473B53C53511AB4903680B40BCD181E] - 09/02/2013 - 16:07:07 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.82DE35886050E4259897C31F12F4FABB] - 09/02/2013 - 16:07:08 ---A- - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf
O45 - LFCP:[MD5.AA3B7904881D201084C645963578C51B] - 09/02/2013 - 16:09:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-CF2B07FC.pf
O45 - LFCP:[MD5.F95A01BB9CCB71AA883F4D1CB8A8A5C5] - 09/02/2013 - 16:26:25 ---A- - C:\Windows\Prefetch\THUNDERBIRD.EXE-5119524C.pf
O45 - LFCP:[MD5.B1167869384F432897013A888FFC0292] - 09/02/2013 - 16:28:44 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.B448A1A59C96D69B6742671DE2AAC7A2] - 09/02/2013 - 17:09:17 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.24739DC6793A3C5C682B2075DA8E967E] - 09/02/2013 - 17:17:33 ---A- - C:\Windows\Prefetch\TEAMVIEWER.EXE-28EA46AD.pf
O45 - LFCP:[MD5.1F1949B4EE2E1535700351791419C9B8] - 09/02/2013 - 17:25:12 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-85222C4E.pf
O45 - LFCP:[MD5.3D7D94BD0454AA4AE8F2999AFA24CB3B] - 09/02/2013 - 17:32:39 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARUSER_32.EXE-4E14BB2A.pf
O45 - LFCP:[MD5.1AE2CD496DC348B038132F97BAFE4A72] - 09/02/2013 - 17:32:41 ---A- - C:\Windows\Prefetch\FLASHUTIL10L_ACTIVEX.EXE-9E744EDA.pf
O45 - LFCP:[MD5.0AD247A7500BDAEE9593BEC912E8E074] - 09/02/2013 - 17:33:01 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf
O45 - LFCP:[MD5.76FD03318FCCC6A5FFDB368479932400] - 09/02/2013 - 17:35:13 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:[MD5.E73820997395CAA280C6E39EC23CCD35] - 09/02/2013 - 17:35:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.DBAD4073F2DD406514EE407C3EC1626F] - 09/02/2013 - 17:55:45 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.50D8AC44BFF946A001D5816153608AB6] - 09/02/2013 - 17:55:46 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.1641E8153212EBEC5AF3D92D19E226B5] - 09/02/2013 - 17:55:46 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.6806833F59D149B933E7966CA36FDB5B] - 09/02/2013 - 17:55:46 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.7B1D741E05C9C32BA3A889835F534C03] - 09/02/2013 - 18:02:26 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.4644163320C4F16CEE166AE320033BBD] - 09/02/2013 - 18:02:26 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.40E0E3A91204EAE61808308DA439FD55] - 09/02/2013 - 18:02:56 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.A29736807A1C5261A29AC7A1322881CF] - 09/02/2013 - 18:03:00 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-7FBD134E.pf
O45 - LFCP:[MD5.3A28F30C37BB751C068187D3045D6118] - 09/02/2013 - 18:03:14 ---A- - C:\Windows\Prefetch\TEAMVIEWER_DESKTOP.EXE-FAAF995A.pf
O45 - LFCP:[MD5.66DD37F02EE2B096CC344E7226C47193] - 09/02/2013 - 18:03:45 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2465643848-3244870746-783416107-1000.db
O45 - LFCP:[MD5.1A3C4EB7783E5A3738B86AE3A5372494] - 09/02/2013 - 18:03:46 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2465643848-3244870746-783416107-1000.db
O45 - LFCP:[MD5.DA20A551F94CBC4DE7F5F9D05034297C] - 09/02/2013 - 18:03:46 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
O45 - LFCP:[MD5.395C4338BFBF7DAD848D2CFA82CC8890] - 09/02/2013 - 18:03:57 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.F338023840FACE0803816D5633F4A4A5] - 09/02/2013 - 18:04:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.A4452B2DCACBEC2A68517314814D2F27] - 09/02/2013 - 18:04:07 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-5F50D22C.pf
O45 - LFCP:[MD5.644829AE3633E7DAFB559E9F6FA9B5DF] - 09/02/2013 - 18:04:14 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-D1EF4768.pf
O45 - LFCP:[MD5.E51482CFE0FB0991C80A728F1FF2F6DE] - 09/02/2013 - 18:04:15 ---A- - C:\Windows\Prefetch\PV.EXE-7B89A1E7.pf
O45 - LFCP:[MD5.48F0B86967AEF1BDA3DBBCE622435DCF] - 09/02/2013 - 18:04:33 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
O45 - LFCP:[MD5.A959B6939531AEBF49C0A3F53BFC0D9F] - 31/01/2013 - 18:40:52 ---A- - C:\Windows\Prefetch\Layout.ini
~ Scan Prefetcher in 00mn 02s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (...) -- C:\Windows\System32\Drivers\sr.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\Windows\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\Windows\System32\sl_anet.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Acer Empowering Technology Monitor  [Key] . (...) -- C:\Acer\Empowering Technology\SysMonitor.exe
O53 - SMSR:HKLM\...\startupreg\Acer Tour Reminder  [Key] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\ArcSoft Connection Service  [Key] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter  [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu  [Key] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Pro Agent  [Key] . (.DT Soft Ltd. - DAEMON Tools Pro Tray Application.) -- C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
O53 - SMSR:HKLM\...\startupreg\eDataSecurity Loader  [Key] . (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O53 - SMSR:HKLM\...\startupreg\MMTray  [Key] . (.MUSICMATCH, Inc. - mm_tray.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr  [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task  [Key] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar  [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\Skype  [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\WarReg_PopUp  [Key] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender  [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG  [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 07/02/2013 - 17:33:47 ---A- C:\Users\chouchou\Downloads\unnamed   [182]
O61 - LFC:Last File Created 07/02/2013 - 17:34:22 ---A- C:\Users\chouchou\Downloads\unnamed (1)   [182]
O61 - LFC:Last File Created 07/02/2013 - 20:45:05 ---A- C:\Users\chouchou\AppData\Local\Windows Live\uxcore_msnmsgr_01.etl   [8192]
O61 - LFC:Last File Created 08/02/2013 - 13:55:24 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\startupCache\startupCache.4.little   [1746830]
O61 - LFC:Last File Created 08/02/2013 - 13:55:28 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\msgFilterRules.dat   [1198]
O61 - LFC:Last File Created 08/02/2013 - 13:55:48 ---A- C:\Users\chouchou\AppData\Local\Google\Toolbar Cache\7.4.3607.2246\fr\translate_element.js.content   [2337]
O61 - LFC:Last File Created 08/02/2013 - 13:55:54 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\addons.sqlite   [524288]
O61 - LFC:Last File Created 08/02/2013 - 13:57:52 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\blocklist.xml   [29276]
O61 - LFC:Last File Created 08/02/2013 - 14:06:59 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.FirstStartWizard.dat   [560]
O61 - LFC:Last File Created 08/02/2013 - 14:07:06 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Inet.dat   [6206]
O61 - LFC:Last File Created 08/02/2013 - 14:07:06 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.Java.dat   [946]
O61 - LFC:Last File Created 08/02/2013 - 14:07:09 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\config\javasettings_Windows_x86.xml   [882]
O61 - LFC:Last File Created 08/02/2013 - 14:07:11 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.TypeDetection.dat   [1050]
O61 - LFC:Last File Created 08/02/2013 - 14:07:12 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.TypeDetection.Misc.dat   [1282]
O61 - LFC:Last File Created 08/02/2013 - 14:07:12 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.TypeDetection.Types.dat   [60177]
O61 - LFC:Last File Created 08/02/2013 - 14:07:13 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.TypeDetection.Filter.dat   [93889]
O61 - LFC:Last File Created 08/02/2013 - 14:07:14 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.TabBrowse.dat   [297]
O61 - LFC:Last File Created 08/02/2013 - 14:07:14 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.dat   [12240]
O61 - LFC:Last File Created 08/02/2013 - 14:07:16 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.Compatibility.dat   [1370]
O61 - LFC:Last File Created 08/02/2013 - 14:07:16 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.Writer.dat   [20523]
O61 - LFC:Last File Created 08/02/2013 - 14:07:16 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.WriterWeb.dat   [1850]
O61 - LFC:Last File Created 08/02/2013 - 14:07:17 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\OOoImprovement\Settings.xcu   [377]
O61 - LFC:Last File Created 08/02/2013 - 14:07:18 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.Addons.dat   [6857]
O61 - LFC:Last File Created 08/02/2013 - 14:07:18 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.DataAccess.dat   [13301]
O61 - LFC:Last File Created 08/02/2013 - 14:07:19 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.Controller.dat   [4660]
O61 - LFC:Last File Created 08/02/2013 - 14:07:19 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.Factories.dat   [1111]
O61 - LFC:Last File Created 08/02/2013 - 14:07:19 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.GenericCommands.dat   [153678]
O61 - LFC:Last File Created 08/02/2013 - 14:07:19 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.GlobalSettings.dat   [433]
O61 - LFC:Last File Created 08/02/2013 - 14:07:19 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.WriterCommands.dat   [78242]
O61 - LFC:Last File Created 08/02/2013 - 14:07:19 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.UI.WriterWindowState.dat   [14698]
O61 - LFC:Last File Created 08/02/2013 - 14:07:21 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.SFX.dat   [1485]
O61 - LFC:Last File Created 08/02/2013 - 14:07:21 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys   [1]
O61 - LFC:Last File Created 08/02/2013 - 14:07:31 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Linguistic.xcu   [10145]
O61 - LFC:Last File Created 08/02/2013 - 14:07:36 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.Office.Accelerators.dat   [105666]
O61 - LFC:Last File Created 08/02/2013 - 14:07:40 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.TypeDetection.UISort.dat   [3723]
O61 - LFC:Last File Created 08/02/2013 - 14:07:56 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Jobs.xcu   [1832]
O61 - LFC:Last File Created 08/02/2013 - 14:08:23 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\cache\org.openoffice.TypeDetection.GraphicFilter.dat   [11529]
O61 - LFC:Last File Created 08/02/2013 - 14:27:51 ---A- C:\Users\chouchou\Downloads\ComboFix.exe   [5030592]
O61 - LFC:Last File Created 08/02/2013 - 14:31:00 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Recovery.xcu   [323]
O61 - LFC:Last File Created 08/02/2013 - 14:31:00 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Views.xcu   [2167]
O61 - LFC:Last File Created 08/02/2013 - 14:31:00 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Setup.xcu   [914]
O61 - LFC:Last File Created 08/02/2013 - 14:33:50 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\permissions.sqlite   [65536]
O61 - LFC:Last File Created 08/02/2013 - 16:15:09 ---A- C:\Users\chouchou\Downloads\wot_-20130129-fx.xpi   [376241]
O61 - LFC:Last File Created 08/02/2013 - 16:16:18 ---A- C:\Users\chouchou\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents   [3072]
O61 - LFC:Last File Created 08/02/2013 - 16:27:41 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registration.xml   [1476]
O61 - LFC:Last File Created 08/02/2013 - 16:35:49 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\9HttjBiJcvxAmgjExR2FowU4Ejpo=   [4220]
O61 - LFC:Last File Created 08/02/2013 - 16:35:50 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\8flvJRLO7MYXp1iakws0+32Fsg6o=   [17957]
O61 - LFC:Last File Created 08/02/2013 - 16:36:23 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\kd3OycqRbqJ3ReosMSNyoTKVhzw=   [4017]
O61 - LFC:Last File Created 08/02/2013 - 16:36:25 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\5qs17Y7lvo2bSSmuhrZOv5zwcsI=   [25354]
O61 - LFC:Last File Created 08/02/2013 - 16:36:30 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\P6qJjaDYI5tvWw78m8vV031ySoc=   [45669]
O61 - LFC:Last File Created 08/02/2013 - 16:36:38 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\rnpWjb4kkv5tBZCi5EBWRBr+0os=   [3439]
O61 - LFC:Last File Created 08/02/2013 - 16:36:39 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\I5PpKm1od2PktOCZBh5pKTl3LrI=   [24621]
O61 - LFC:Last File Created 08/02/2013 - 16:36:49 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\ZAE3ifFrWY4yn0FE6ekO099G7iE=   [103052]
O61 - LFC:Last File Created 08/02/2013 - 16:37:04 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\Gp6IV2Fdt1PnaZeZ2GdHHIwXdK3A=   [51382]
O61 - LFC:Last File Created 08/02/2013 - 21:32:56 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\JenZTPruHYsEVfK8Yk0cFonVGlo=   [10324]
O61 - LFC:Last File Created 09/02/2013 - 10:56:19 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\VBlaq8S86lE3lYqcg2F9HFGzoHEI=   [28457]
O61 - LFC:Last File Created 09/02/2013 - 11:00:03 ---A- C:\Users\chouchou\AppData\Local\Google\Toolbar Cache\7.4.3607.2246\fr\translate_languages.json.content   [1505]
O61 - LFC:Last File Created 09/02/2013 - 14:16:58 ---A- C:\Users\chouchou\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin   [73588]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\0HQ36FVQ.txt   [239]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\1BGM8QNN.txt   [243]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\D31GFA52.txt   [269]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\GCDK4S71.txt   [275]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\IES0YDJU.txt   [241]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\L862E4G6.txt   [241]
O61 - LFC:Last File Created 09/02/2013 - 14:23:53 ---A- C:\Users\chouchou\Cookies\ZOYSYBBX.txt   [241]
O61 - LFC:Last File Created 09/02/2013 - 14:31:50 ---A- C:\Users\chouchou\Recent\ZHP.lnk   [398]
O61 - LFC:Last File Created 09/02/2013 - 14:44:21 ---A- C:\Users\chouchou\Recent\ZHPDiag (2).lnk   [596]
O61 - LFC:Last File Created 09/02/2013 - 14:44:21 ---A- C:\Users\chouchou\Recent\ZHPDiag.lnk   [772]
O61 - LFC:Last File Created 09/02/2013 - 15:54:33 ---A- C:\Users\chouchou\AppData\Local\Temp\chouchou.bmp   [31832]
O61 - LFC:Last File Created 09/02/2013 - 15:56:19 ----- C:\Users\chouchou\AppData\Local\Windows Live\uxcore_msnmsgr_00.etl   [4096]
O61 - LFC:Last File Created 09/02/2013 - 15:56:33 ---A- C:\Users\chouchou\AppData\Roaming\ArcSoft\ArcSoft Magic-i\3.0\BeautySetting.xml   [118]
O61 - LFC:Last File Created 09/02/2013 - 15:56:47 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\.lock   [152]
O61 - LFC:Last File Created 09/02/2013 - 15:56:47 ---A- C:\Users\chouchou\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Common.xcu   [856]
O61 - LFC:Last File Created 09/02/2013 - 15:57:07 ---A- C:\Users\chouchou\Cookies\93DTJGCI.txt   [147]
O61 - LFC:Last File Created 09/02/2013 - 15:57:26 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\ErrorResponse.xml   [2782]
O61 - LFC:Last File Created 09/02/2013 - 16:25:07 ---A- C:\Users\chouchou\Cookies\RYQPFSJ6.txt   [102]
O61 - LFC:Last File Created 09/02/2013 - 16:25:09 ---A- C:\Users\chouchou\AppData\Local\Temp\MessengerCache\0U7Sc9CEa4A52FPBTD69STwkJw2Fs=   [25423]
O61 - LFC:Last File Created 09/02/2013 - 16:25:14 ---A- C:\Users\chouchou\Cookies\Low\ZPII8AII.txt   [286]
O61 - LFC:Last File Created 09/02/2013 - 16:25:16 ---A- C:\Users\chouchou\Cookies\Low\W660QHK5.txt   [219]
O61 - LFC:Last File Created 09/02/2013 - 16:25:20 ---A- C:\Users\chouchou\Cookies\Low\DNUT06VV.txt   [68]
O61 - LFC:Last File Created 09/02/2013 - 16:25:20 ---A- C:\Users\chouchou\Cookies\Low\XWRKIS54.txt   [420]
O61 - LFC:Last File Created 09/02/2013 - 16:25:24 ---A- C:\Users\chouchou\Cookies\Low\R306FC8O.txt   [91]
O61 - LFC:Last File Created 09/02/2013 - 16:25:26 ---A- C:\Users\chouchou\Cookies\Low\0YRUZRDD.txt   [237]
O61 - LFC:Last File Created 09/02/2013 - 16:25:26 ---A- C:\Users\chouchou\Cookies\Low\JCP7CLXZ.txt   [420]
O61 - LFC:Last File Created 09/02/2013 - 16:25:40 ---A- C:\Users\chouchou\Cookies\Low\RDUL3B5W.txt   [565]
O61 - LFC:Last File Created 09/02/2013 - 16:25:45 ---A- C:\Users\chouchou\Cookies\Low\POWSAUII.txt   [168]
O61 - LFC:Last File Created 09/02/2013 - 16:25:50 ---A- C:\Users\chouchou\Cookies\Low\QFX38A2K.txt   [168]
O61 - LFC:Last File Created 09/02/2013 - 16:25:51 ---A- C:\Users\chouchou\Cookies\Low\LRQM1RSR.txt   [1188]
O61 - LFC:Last File Created 09/02/2013 - 16:26:16 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\parent.lock   [0]
O61 - LFC:Last File Created 09/02/2013 - 16:26:22 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\Cache\2\A0\FD924d01   [63519]
O61 - LFC:Last File Created 09/02/2013 - 16:26:26 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\popstate.dat   [64]
O61 - LFC:Last File Created 09/02/2013 - 16:27:32 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Drafts   [0]
O61 - LFC:Last File Created 09/02/2013 - 16:27:33 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Inbox.sbd\Domi   [0]
O61 - LFC:Last File Created 09/02/2013 - 16:27:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Drafts.msf   [1866]
O61 - LFC:Last File Created 09/02/2013 - 16:27:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Inbox.sbd\Domi.msf   [1879]
O61 - LFC:Last File Created 09/02/2013 - 16:28:24 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Inbox   [580948]
O61 - LFC:Last File Created 09/02/2013 - 16:28:24 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Trash   [25177417]
O61 - LFC:Last File Created 09/02/2013 - 16:28:38 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\global-messages-db.sqlite   [1376256]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\Cache\_CACHE_001_   [17396]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\Cache\_CACHE_002_   [11611]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\Cache\_CACHE_003_   [21190]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\Cache\_CACHE_MAP_   [8468]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Local\Thunderbird\Profiles\m4ghh500.default\_CACHE_CLEAN_   [1]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\Local Folders\Trash.msf   [2100]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Trash.msf   [60335]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\cert8.db   [65536]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\folderTree.json   [150]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\key3.db   [16384]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\localstore.rdf   [8397]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\panacea.dat   [3136]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\prefs.js   [9531]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\session.json   [366]
O61 - LFC:Last File Created 09/02/2013 - 16:28:39 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\virtualFolders.dat   [10]
O61 - LFC:Last File Created 09/02/2013 - 16:28:40 ---A- C:\Users\chouchou\AppData\Roaming\Thunderbird\Profiles\m4ghh500.default\Mail\pop3.live.com\Inbox.msf   [2927]
O61 - LFC:Last File Created 09/02/2013 - 16:28:50 ---A- C:\Users\chouchou\Cookies\Low\MR48W4HJ.txt   [129]
O61 - LFC:Last File Created 09/02/2013 - 16:28:57 ---A- C:\Users\chouchou\Cookies\Low\5136LVAH.txt   [345]
O61 - LFC:Last File Created 09/02/2013 - 16:29:14 ---A- C:\Users\chouchou\Cookies\Low\170Y7QNS.txt   [88]
O61 - LFC:Last File Created 09/02/2013 - 16:29:23 ---A- C:\Users\chouchou\Cookies\Low\WWTUL1VN.txt   [201]
O61 - LFC:Last File Created 09/02/2013 - 16:29:25 ---A- C:\Users\chouchou\Cookies\Low\A89RTAFU.txt   [109]
O61 - LFC:Last File Created 09/02/2013 - 16:29:38 ---A- C:\Users\chouchou\Cookies\Low\CDU5BFSO.txt   [224]
O61 - LFC:Last File Created 09/02/2013 - 16:30:45 ---A- C:\Users\chouchou\Cookies\Low\M841ATQ0.txt   [689]
O61 - LFC:Last File Created 09/02/2013 - 16:30:50 ---A- C:\Users\chouchou\Cookies\Low\LT8JV0D7.txt   [935]
O61 - LFC:Last File Created 09/02/2013 - 17:03:23 ---A- C:\Users\chouchou\Cookies\Low\ZNZA1Q96.txt   [447]
O61 - LFC:Last File Created 09/02/2013 - 17:03:24 ---A- C:\Users\chouchou\Cookies\Low\NYYBNASS.txt   [403]
O61 - LFC:Last File Created 09/02/2013 - 17:03:30 ---A- C:\Users\chouchou\Cookies\Low\8T8V05C9.txt   [484]
O61 - LFC:Last File Created 09/02/2013 - 17:03:31 ---A- C:\Users\chouchou\Cookies\Low\KSN9HNCI.txt   [1323]
O61 - LFC:Last File Created 09/02/2013 - 17:03:51 ---A- C:\Users\chouchou\Cookies\Low\RQ7H3JKQ.txt   [324]
O61 - LFC:Last File Created 09/02/2013 - 17:03:52 ---A- C:\Users\chouchou\Cookies\Low\XOWGB00J.txt   [101]
O61 - LFC:Last File Created 09/02/2013 - 17:05:12 ---A- C:\Users\chouchou\AppData\Roaming\Google\Local Search History\google%2Eweb.w   [38]
O61 - LFC:Last File Created 09/02/2013 - 17:15:52 ---A- C:\Users\chouchou\Cookies\Low\IC1BW61W.txt   [383]
O61 - LFC:Last File Created 09/02/2013 - 17:32:32 ---A- C:\Users\chouchou\Cookies\Low\16IOQJF8.txt   [465]
O61 - LFC:Last File Created 09/02/2013 - 17:32:33 ---A- C:\Users\chouchou\Cookies\Low\Z9WP35UQ.txt   [95]
O61 - LFC:Last File Created 09/02/2013 - 17:32:34 ---A- C:\Users\chouchou\Cookies\Low\7Y02UD3O.txt   [699]
O61 - LFC:Last File Created 09/02/2013 - 17:33:04 ---A- C:\Users\chouchou\Cookies\Low\3KGLFUIC.txt   [246]
O61 - LFC:Last File Created 09/02/2013 - 17:33:05 ---A- C:\Users\chouchou\Cookies\Low\EN0K635Z.txt   [196]
O61 - LFC:Last File Created 09/02/2013 - 17:33:05 ---A- C:\Users\chouchou\Cookies\Low\IFD5HXY7.txt   [89]
O61 - LFC:Last File Created 09/02/2013 - 17:33:06 ---A- C:\Users\chouchou\Cookies\Low\69W028K8.txt   [410]
O61 - LFC:Last File Created 09/02/2013 - 17:33:10 ---A- C:\Users\chouchou\Cookies\Low\4J1J5ENP.txt   [102]
O61 - LFC:Last File Created 09/02/2013 - 17:33:10 ---A- C:\Users\chouchou\Cookies\Low\M1DNN0W6.txt   [544]
O61 - LFC:Last File Created 09/02/2013 - 17:33:10 ---A- C:\Users\chouchou\Cookies\Low\NFUTT74M.txt   [100]
O61 - LFC:Last File Created 09/02/2013 - 17:33:13 ---A- C:\Users\chouchou\Cookies\Low\33EFGP42.txt   [212]
O61 - LFC:Last File Created 09/02/2013 - 17:33:14 ---A- C:\Users\chouchou\Cookies\Low\0TQ4N0AL.txt   [224]
O61 - LFC:Last File Created 09/02/2013 - 17:33:34 ---A- C:\Users\chouchou\Cookies\Low\33968FU1.txt   [120]
O61 - LFC:Last File Created 09/02/2013 - 17:33:34 ---A- C:\Users\chouchou\Cookies\Low\QZFMZ1T6.txt   [116]
O61 - LFC:Last File Created 09/02/2013 - 17:33:34 ---A- C:\Users\chouchou\Cookies\Low\XQR01F3O.txt   [122]
O61 - LFC:Last File Created 09/02/2013 - 17:35:54 ---A- C:\Users\chouchou\Cookies\Low\96ZY9NKK.txt   [416]
O61 - LFC:Last File Created 09/02/2013 - 17:35:55 ---A- C:\Users\chouchou\Cookies\Low\TFFSTR80.txt   [281]
O61 - LFC:Last File Created 09/02/2013 - 17:59:44 ---A- C:\Users\chouchou\Cookies\Low\E7DX21PF.txt   [574]
O61 - LFC:Last File Created 09/02/2013 - 18:03:53 ---A- C:\Users\chouchou\AppData\Local\Temp\eDatasecurity\FileList.txt   [74]
O61 - LFC:Last File Created 30/12/1899 - 15:52:33 --HA- C:\Users\chouchou\AppData\Local\IconCache.db   [6291456]
O61 - LFC:Last File Created 30/12/1899 - 17:32:27 -SHA- C:\Users\chouchou\AppData\Local\Historique\History.IE5\MSHist012013020920130210\index.dat   [32768]
O61 - LFC:Last File Created 30/12/1899 - 17:35:03 -SHA- C:\Users\chouchou\AppData\Local\Historique\Low\History.IE5\index.dat   [409600]
O61 - LFC:Last File Created 30/12/1899 - 17:35:03 -SHA- C:\Users\chouchou\Cookies\Low\index.dat   [32768]
O61 - LFC:Last File Created 30/12/1899 - 18:03:57 -SHA- C:\Users\chouchou\AppData\Local\Historique\History.IE5\index.dat   [3244032]
O61 - LFC:Last File Created 30/12/1899 - 18:03:57 -SHA- C:\Users\chouchou\Cookies\index.dat   [131072]
~ Scan Files in 00mn 25s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/10/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswRdr.sys (aswRdr)  .(.AVAST Software - avast! TDI Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 17/12/2007 - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (eeCtrl)  .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - 07/12/2006 - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15 (int15)  .(...) - LEGACY_INT15
O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector)  .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 06/02/2007 - C:\Windows\System32\DRIVERS\psdfilter.sys (PSDFilter)  .(.HiTRUST - PSD Filter Driver.) - LEGACY_PSDFILTER
O64 - Services: CurCS - 06/02/2007 - C:\Windows\System32\drivers\PSDNServ.sys (PSDNServ)  .(.HiTRUST - PSD Named Pipe Driver.) - LEGACY_PSDNSERV
O64 - Services: CurCS - 06/02/2007 - C:\Windows\System32\drivers\psdvdisk.sys (psdvdisk)  .(.HiTRUST - PSD Virtual Disk Driver.) - LEGACY_PSDVDISK
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 19/11/2008 - C:\Windows\system32\Drivers\sptd.sys (sptd)  .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
~ Scan Services in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [chouchou - ltsqtnul.default-1344757990394] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [68096]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.18631E58DABDE140B9FE1EA6C9BDAD8C] [SPRF][20/01/2013] (...) -- C:\Users\chouchou\AppData\Local\d3d9caps.dat   [680]
[MD5.EDC20983B38712C11A206E284A1919E4] [SPRF][08/02/2013] (.Swearware - ComboFix NSIS Installer.) -- C:\Users\chouchou\Desktop\chouchou.exe   [5030592]
[MD5.36B9EA447022701E5A407FE7BC7345F6] [SPRF][09/02/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\chouchou\Desktop\ZHPDiag2.exe   [3725660]
[MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [SPRF][21/10/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe   [2827728]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{3949DEB9-8DD8-42E4-A506-7B9F4A231291}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{A033DC2D-F311-40C6-91FC-22337523B865}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{F726BF72-BF4E-4B4F-B9FE-4CDF4E903131}" | In - None - P17 - TRUE | .(.Acer Incorporated - Acer Arcade Live.) -- C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe
O87 - FAEL: "{51674872-C1F2-4F6E-9B9C-A757F38BE2C6}" | In - None - P17 - TRUE | .(.Cyberlink - Pas de description.) -- C:\Program Files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe
O87 - FAEL: "{00717E99-5B5E-4D82-B899-5B920CE145A9}" | In - None - P17 - TRUE | .(.Cyberlink - ARA Work Process.) -- C:\Program Files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exe
O87 - FAEL: "{F90A806B-AED4-4244-AC78-EA10F3E4F0E6}" | In - None - P17 - TRUE | .(.Pas de propriétaire - DVAX2Process MFC Application.) -- C:\Program Files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exe
O87 - FAEL: "{2EACCE03-44AD-4451-AFA5-833B35CC35B9}" | In - None - P17 - TRUE | .(.Acer Incorporated - DVDivine.) -- C:\Program Files\Acer Arcade Live\Acer DVDivine\DVDivine.exe
O87 - FAEL: "{39E7738E-3D11-43B9-835D-D16D2F3B2B0D}" | In - None - P17 - TRUE | .(.Acer Incorporated - HomeMedia.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe
O87 - FAEL: "{59B339AA-E6E9-43D5-A0ED-DAC81D658E12}" | In - None - P17 - TRUE | .(.Acer Incorporated - HomeMedia Connect.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe
O87 - FAEL: "{B70C9DFF-8065-445C-8092-F386899335A3}" | In - None - P17 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O87 - FAEL: "{9F52794C-B028-4208-88E2-1D78370B9A3B}" | In - None - P17 - TRUE | .(.Acer Incorporated - VideoMagician.) -- C:\Program Files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe
O87 - FAEL: "TCP Query User{B99D458F-390C-4D6C-9099-96FC81953DB5}C:\program files\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{0EBEFA48-568C-40A8-9C7C-A137F72BD206}C:\program files\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.)
O87 - FAEL: "TCP Query User{B4A787E4-B95E-4721-A46C-38462B7BF72F}C:\program files\limewire\limewire.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.)
O87 - FAEL: "UDP Query User{AD1CFAD2-37BC-4361-806C-55CF48EF17CD}C:\program files\limewire\limewire.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.)
O87 - FAEL: "TCP Query User{1442C5F7-9A2B-4F59-AAE8-82CDE4F54CB3}C:\users\chouchou\documents\installer-13387-33-nero-showtime-french.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\chouchou\documents\installer-13387-33-nero-showtime-french.exe (.not 
O87 - FAEL: "UDP Query User{F75C5ACB-741F-4EBB-90A3-C4C8E3302B1B}C:\users\chouchou\documents\installer-13387-33-nero-showtime-french.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\chouchou\documents\installer-13387-33-nero-showtime-french.exe (.not
O87 - FAEL: "TCP Query User{1C6DD1F9-FE11-45F3-AC16-D146AE205B2C}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\logitech\desktop messenger\8876480\program\backweb-887
O87 - FAEL: "UDP Query User{AB06B3E8-D0D4-4239-94AC-1307E3D8DB8F}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\logitech\desktop messenger\8876480\program\backweb-88
O87 - FAEL: "TCP Query User{6D98297A-A38D-4597-80D3-9915B51A8FF0}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\logitech\desktop messenger\8876480\program\backweb-88
O87 - FAEL: "UDP Query User{24084CFF-5550-480F-BB8D-C4F758509723}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\logitech\desktop messenger\8876480\program\backweb-8
O87 - FAEL: "{7440E2E8-79C1-4ED1-86C8-1CC64A415B4D}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\IncrediMail\bin\ImApp.exe (.not file.)
O87 - FAEL: "{A6ECDC92-1884-4AB7-BD9D-ACEDCE79310A}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\IncrediMail\bin\ImApp.exe (.not file.)
O87 - FAEL: "{6FF53939-4AE5-4EA5-966E-DEE73CE2E6C4}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\IncrediMail\bin\IncMail.exe (.not file.)
O87 - FAEL: "{3CA54FE6-2132-49DA-9795-5A989494CAE2}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\IncrediMail\bin\IncMail.exe (.not file.)
O87 - FAEL: "{A3F3975A-E595-431F-A92E-19F7B4F32651}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{0B5B7B93-9206-47D1-B1F3-F856348DEE88}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe (.not file.)
O87 - FAEL: "TCP Query User{D96B3387-9CCF-46E2-9BBE-C21CDD3D766E}C:\program files\ares\ares.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{4D62F2F1-D454-4EEF-8801-F75340E41FF2}C:\program files\ares\ares.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{AC4234E0-9184-4614-98B3-B9ED8E8BCBF3}C:\program files\ares\ares.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{7864B814-91D5-4538-8B31-43F4525F7744}C:\program files\ares\ares.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{9210A9C5-41E4-42D2-8E90-16FDC550910A}C:\program files\limewire\limewire.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.)
O87 - FAEL: "UDP Query User{0E554BA3-4A44-4728-8CF3-815A7E925BD2}C:\program files\limewire\limewire.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.)
O87 - FAEL: "{F0D1C02C-BABD-431E-A36A-7CD89A17608F}" |In - Private - P6 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWHIPSBH\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{A83EE520-FC7B-45EC-9C7D-C362543DAE71}" |In - Private - P17 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWHIPSBH\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{A9923CAC-059D-4589-8AB0-E1FC96AA4C80}" |In - Private - P6 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Temp\SweetIMReinstall\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{AA85F81C-987B-4576-B75B-C12D57BF901D}" |In - Private - P17 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Temp\SweetIMReinstall\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{17FDDBAB-C5F0-4C1F-9B40-5729B02EAD5A}" |In - Private - P6 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6895OEK\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{805C7A70-1D60-4863-BBEA-5D8A96BF2739}" |In - Private - P17 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6895OEK\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "TCP Query User{F07BEA52-6AF2-49B5-B177-AE8604C2491D}C:\program files\java\jre6\bin\java.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\java\jre6\bin\java.exe (.not file.)
O87 - FAEL: "UDP Query User{3822ABE3-3AC0-4A09-A18A-82B87F13E43A}C:\program files\java\jre6\bin\java.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\java\jre6\bin\java.exe (.not file.)
O87 - FAEL: "TCP Query User{01478ACE-D013-4444-91EE-4305EA8ACD99}F:\age of empires 2\empires2.exe" |In - Private - P6 - TRUE | .(...) -- F:\age of empires 2\empires2.exe (.not file.)
O87 - FAEL: "UDP Query User{97C1CE4D-E2E9-4991-B8AF-F6A9D3F886C0}F:\age of empires 2\empires2.exe" |In - Private - P17 - TRUE | .(...) -- F:\age of empires 2\empires2.exe (.not file.)
O87 - FAEL: "{77202C6E-4FF0-41CB-9342-54093EA9FEFB}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{16C31ADD-ECA4-4ACD-81F3-846E29A0A21A}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{C80352CF-3517-469F-BA33-160CAF2E6B3B}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{3F8FB252-62E3-4E9A-AC56-F09721F29DF3}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{B7CC7C46-12B6-4E55-A527-5A54ADF7544D}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{E77063CC-E985-434D-A7DE-0593C4CB7DFA}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Iminent\Iminent.Messengers.exe (.not file.)
O87 - FAEL: "{52AA2818-92C6-4320-88BC-E187E48320BA}" |In - Private - P6 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Temp\is212561404\bundlesweetimsetup.exe (.not file.)
O87 - FAEL: "{DC2BFE9D-DFB9-476E-BA14-29E012CEE39A}" |In - Private - P17 - TRUE | .(...) -- C:\Users\chouchou\AppData\Local\Temp\is212561404\bundlesweetimsetup.exe (.not file.)
O87 - FAEL: "{7B8BD204-0026-43C3-B237-3976F6BF0F9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{57B543FF-9FB3-44FB-AF8E-8CB4E1764A32}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.10565 - (07/02/2013)
Clés trouvées (Keys found) : 71
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 6
Fichiers trouvés  (Files found) : 2

[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}]   =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Toolbar.Alot
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}]   =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}]   =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}]   =>Toolbar.Alot
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}]   =>Toolbar.Alot
[HKLM\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}]   =>Toolbar.Alot
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]   =>Toolbar.Alot
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]   =>Toolbar.Alot
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}]   =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}]   =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Toolbar.Alot
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}]   =>Toolbar.Alot
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Toolbar.Alot
[HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Toolbar.Alot
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{eee6c358-6118-11dc-9c72-001320c79847}]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}]   =>Adware.BHO
[HKLM\Software\Classes\Interface\{eee6c35a-6118-11dc-9c72-001320c79847}]   =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{eee6c35e-6118-11dc-9c72-001320c79847}]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}]   =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}]   =>Toolbar.Alot
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe]   =>PUP.SweetIM
[HKLM\Software\Classes\sim-packages]   =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje]   =>PUP.DealPly
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater]   =>Toolbar.Wajam
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\SweetIM]   =>PUP.SweetIM
[HKCU\Software\DealPly]   =>PUP.DealPly
[HKLM\Software\DealPly]   =>PUP.DealPly
[HKLM\Software\Classes\AppID\priam_bho.DLL]   =>Toolbar.Wajam
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKCU\Software\InstallCore]   =>Adware.InstallCore
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Classes\SWEETIE.IEToolbar]   =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKLM\Software\Classes\wajam.WajamBHO]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1]   =>Toolbar.Wajam
[HKLM\Software\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1]   =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Wajam]   =>Toolbar.Wajam
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam]   =>Toolbar.Wajam
C:\Program Files\yontoo   =>Toolbar.Alot
C:\Program Files\SweetIM   =>PUP.SweetIM
C:\Users\chouchou\AppData\Roaming\DealPly   =>PUP.DealPly
C:\Users\chouchou\AppData\LocalLow\SweetIM   =>PUP.SweetIM
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\ltsqtnul.default-1344757990394\Extensions\plugin@yontoo.com   =>Toolbar.Alot
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\t93wvpmh.default\Extensions\plugin@yontoo.com   =>Toolbar.Alot
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\ltsqtnul.default-1344757990394\SearchPlugins\sweetim.xml   =>PUP.SweetIM
C:\Users\chouchou\AppData\Roaming\Mozilla\Firefox\Profiles\t93wvpmh.default\SearchPlugins\sweetim.xml   =>PUP.SweetIM
~ Scan Additionnel in 00mn 12s



---\\ Recherche détournement de DNS routeur (O89) (None)

---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159A700C0400000000000F01FEC" . (.Microsoft Office Outlook Connector.) -- C:\Windows\Installer\{95140000-007A-040C-0000-0000000FF1CE}\OLCIcon.exe
O90 - PUC: "00006FCA9B229EC4896DC2FC53B9CA70" . (.ABBYY FineReader 6.0 Sprint.) -- C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe
O90 - PUC: "01D2271C50C8D66B1A06C7C2FF851967" . (.Catalyst Control Center Graphics Light.) -- C:\Windows\Installer\{C1722D10-8C05-B66D-A160-7C2CFF589176}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "106CEACDC537EA148BF47D290FF97B1D" . (.WOT for Internet Explorer.) -- C:\Windows\Installer\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}\ProductIcon
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Complément Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype™ 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "310EAEEA1F2951542B8731F9A196A263" . (.Acer eDataSecurity Management.) -- C:\Windows\Installer\{AEEAE013-92F1-4515-B278-139F1A692A36}\ARPPRODUCTICON.exe
O90 - PUC: "4A04C1DC6382119176E38175F22D6BA2" . (.Catalyst Control Center Graphics Full New.) -- C:\Windows\Installer\{CD1C40A4-2836-1911-673E-18572FD2B62A}\ARPPRODUCTICON.exe
O90 - PUC: "51A0A8BD6971A9842964924A97D842B9" . (.Iminent.) -- C:\Windows\Installer\{DB8A0A15-1796-489A-9246-29A4798D249B}\imbooster.ico
O90 - PUC: "55D8AB3B79352176B1C6A58894FA915F" . (.Catalyst Control Center Core Implementation.) -- C:\Windows\Installer\{B3BA8D55-5397-6712-1B6C-5A8849AF19F5}\ARPPRODUCTICON.exe
O90 - PUC: "681D37B6C5DE1BE669EEF868269642C3" . (.Catalyst Control Center Localization Danish.) -- C:\Windows\Installer\{6B73D186-ED5C-6EB1-96EE-8F866269243C}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "7135651285E7DEEC5EEB96613543244F" . (.Catalyst Control Center Localization Czech.) -- C:\Windows\Installer\{21565317-7E58-CEED-E5BE-6916533442F4}\ARPPRODUCTICON.exe
O90 - PUC: "79D3E6D2FDF13994CA57275FE94C545C" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}\fssicon.ico
O90 - PUC: "7CEBB04F4A2C00A4B942A750A5C22526" . (.Microsoft Office Live Add-in 1.5.) -- C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon
O90 - PUC: "8A5EF6FC8331F881533B3827AF138D22" . (.Skins.) -- C:\Windows\Installer\{CF6FE5A8-1338-188F-35B3-8372FA31D822}\ARPPRODUCTICON.exe
O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico
O90 - PUC: "944D1681B0955F17C22612377013CFC4" . (.ccc-utility.) -- C:\Windows\Installer\{1861D449-590B-71F5-2C62-21730731FC4C}\ARPPRODUCTICON.exe
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "B2FD9C0A5B9838449838816A28001F4B" . (.SweetIM for Messenger 3.7.) -- C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe
O90 - PUC: "B4FE2EE43D5244D438482A9BF618F155" . (.OpenOffice.org 3.2.) -- C:\Windows\Installer\{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}\soffice.exe
O90 - PUC: "B50A775126EECBB4D97BEF47F84AE42C" . (.NTI CD & DVD-Maker.) -- C:\Windows\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\ARPPRODUCTICON.exe
O90 - PUC: "B5CD061465C43C0D5CDF5FDBDAC388B2" . (.ATI Catalyst Install Manager.) -- C:\Windows\Installer\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}\ARPPRODUCTICON.exe
O90 - PUC: "C0657C912414F18488CF9C4CF75372B0" . (.150 000 Cliparts Volume 2.) -- C:\Windows\Installer\{19C7560C-4142-481F-88FC-C9C47F35270B}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- C:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
O90 - PUC: "DD7B0677229C682CBAC6E2603BC2D1F4" . (.Catalyst Control Center Graphics Full Existing.) -- C:\Windows\Installer\{7760B7DD-C922-C286-AB6C-2E06B32C1D4F}\ARPPRODUCTICON.exe
O90 - PUC: "E37341D10797F2F44A76CA4A0FAE123E" . (.Google Earth.) -- C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ARPPRODUCTICON.exe
O90 - PUC: "FAAC1EB90C13A2B654EE7716DFFE8C60" . (.ccc-core-static.) -- C:\Windows\Installer\{9BE1CAAF-31C0-6B2A-45EE-7761FDEFC806}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 |  (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 04/04/2007 266343 |  (Acer HomeMedia Connect Service) . (.CyberLink.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
SR - | Auto  28672 |  (AcerMemUsageCheckService) . (...) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
SR - | Auto 14/03/2007 569344 |  (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/10/2012 44808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto  0 |  (CLTNetCnService) . (...) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 06/02/2007 457512 |  (eDataSecurity Service) . (.HiTRSUT.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
SR - | Auto 31/01/2007 53248 |  (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
SS - | Demand 25/05/2008 1838592 |  (GoogleDesktopManager) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 30/12/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/12/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 31/01/2013 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto  116104 |  (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 17/01/2007 61440 |  (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 14/12/2012 398184 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 13/11/2006 76544 |  (MgiSvr) . (.ArcSoft, Inc..) - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
SS - | Demand 07/01/2013 115760 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto  143360 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SS - | Auto 13/07/2012 160944 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 19/03/2012 2666880 |  (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by chouchou at 09/02/2013 18:07:04

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (1769 lines in 02mn 51s)(0)