Rapport de ZHPDiag v1.34.76 par Nicolas Coolman, Update du 1/02/2013
Run by user at 3/02/2013 17:44:54
State : Version à jour.
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 18.0.1 v18.0.1 (Defaut)
GCIE: Google Chrome v24.0.1312.57

---\\ Windows Product Information
~ Langage: Français
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 24367
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1912 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 89 GB (40%) free of 222 GB

---\\ Logged in mode
~ Computer Name: USER-THINK
~ User Name: user
~ All Users Names: user, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 89 Go of 222 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Free 0 Go of 4 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  Out Of Date
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.42C671E0525618E23371D0E68282F37C] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.27/10/2012 - 07:26:55.) -- C:\Windows\System32\wininet.dll [981504]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/5617
~ Mes musiques (My Musics) : 1/216
~ Mes Videos (My Videos) : 2/256
~ Mes Favoris (My Favorites) : 1/31
~ Mes Documents (My Documents) : 2/22377
~ Mon Bureau (My Desktop) : 1/30
~ Menu demarrer (Programs) : 1/36
~ Scan Hidden Files in 01mn 41s



---\\ Processus lancés
[MD5.17DD73B0BBBB722B9BCBDD5F15223BB1] - (.Lenovo Group Limited - NumLock on screen display for ThinkPad.) -- C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe   [52600] [PID.692]
[MD5.EF12244CD9CAD4F6A538CF1A415A3AC7] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [7612960] [PID.2740]
[MD5.0BF10B23779565BC472BEEBE3B9A20D9] - (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe   [68976] [PID.2756]
[MD5.2B083A7AD8DF8698159480A3D53E8B84] - (.Lenovo Group Limited - ThinkPad FnF6 Resident Module.) -- C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe   [62752] [PID.2768]
[MD5.0B1B7568CED61ABF5FD717F28175C96A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe   [186904] [PID.2832]
[MD5.DCEDB74733F562547150CB1D205452AC] - (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe   [337184] [PID.2976]
[MD5.72D9419E4AA1C40C9E34821722D335C8] - (.Lenovo Group Limited - On screen display drawer.) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe   [67432] [PID.3044]
[MD5.697984645E02E9FA59EE09B38EAA6FC5] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [174104] [PID.3052]
[MD5.2B365FF1A4CC06813B892F92AAE4C0B7] - (.Lenovo Group Limited - ThinkPad UltraZoom.) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe   [144752] [PID.3060]
[MD5.9B93A0C3B1B838A651F62761CC33FCEC] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe   [252952] [PID.3152]
[MD5.275B5EEED69218D4E9D0B28767728E9E] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [151064] [PID.3456]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe   [0] [PID.3592]
[MD5.3B376496187AB240FAC6ECD7BD1251F6] - (.Pas de propriétaire - Message Center Plus Launcher.) -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe   [49976] [PID.3604]
[MD5.D4D3ECDA8CFD103A26780442671FA200] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe   [1594664] [PID.3648]
[MD5.C377C7EDCA831F4992D34A018B23DA07] - (.Lenovo - ThinkVantage Access Connections Wireless LA.) -- C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe   [181608] [PID.3700]
[MD5.5694C01EF1D2BE0813F7FF387F3CEEB0] - (.Lenovo - ThinkVantage Access Connections AC Tray  Mo.) -- C:\Program Files\Lenovo\Access Connections\ACTray.exe   [435560] [PID.3744]
[MD5.BF0C53DDCF44B80EBDFB51D6BAA51216] - (...) -- C:\Program Files\dvd43\DVD43_Tray.exe   [827904] [PID.3792]
[MD5.9DADF1A809ECEC86F04BDE35190D59FE] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2013\avgui.exe   [3147384] [PID.3892]
[MD5.A68E801B35F5C2DE06AD5D610178B8C6] - (.Synaptics Incorporated - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe   [128296] [PID.4392]
[MD5.F5258D184061D7F0F4FEF2686E7717E8] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe   [103720] [PID.4672]
[MD5.3B72BD3603231CB1BC4E6F6607B2BDDA] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe   [173080] [PID.4708]
[MD5.48E6868781B4E8BF4B77DBEC7694BCE8] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe   [295072] [PID.4756]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252848] [PID.4800]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe   [107816] [PID.4808]
[MD5.73165EE830627D2B974124F57209F98F] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe   [795936] [PID.5096]
[MD5.C723B02BA5BF788C9F91746BF37EACD9] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe   [271808] [PID.5104]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe   [10376704] [PID.5556]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin   [10368512] [PID.5564]
[MD5.8667D9B4FFA3ABD1EC3D61004667E1DA] - (.BitLeader - Pas de description.) -- C:\Program Files\lg_fwupdate\fwupdate.exe   [871536] [PID.1900]
[MD5.72CB29B523061FF64B3F66B8F3A5E034] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [5648896] [PID.2808]
[MD5.5EFDBEAECD69E250E5BA4A2950203CD4] - (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\system32\sdclt.exe   [1131008] [PID.4024]
~ Scan Processes Running in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.be
G0 - GCSP: Preference [User Data\Default] https://www.google.be
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\prefs.js
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\user.js
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\searchplugins\Search_Results.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\searchcom.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [user - mjizk69f.default] http://www.google.be
M2 - MFEP: prefs.js [user - mjizk69f.default\addon@freecorder.com] [] Freecorder v7.0.0.12 (.freecorder.com.)
M2 - MFEP: prefs.js [user - mjizk69f.default\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] [] Freecorder Community Toolbar v3.16.0.100 (.Conduit Ltd..)
M2 - MFEP: prefs.js [user - mjizk69f.default\{6AC85730-7D0F-4de0-B3FA-21142DD85326}] [] ColorZilla v2.8 (.Alex Sirota.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpplugin.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.8.638.) -- C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.11.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.11.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.11.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.0.282] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.0] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchrom
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.0] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.0] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvid
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=15.0.6.14] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrec
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=15.0.6.14] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.0.282] - (.RealPlayer - RealPlayer Download Plugin.) -- c:\program files\real\realplayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader - RealDownloader Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.01.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 3.13.1.11376.) -- C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.23.) -- C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: (no name) - {BFEAF3D0-307E-4F52-B64A-AF56BABE82B5} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 24



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Download and Record Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecor
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} . (.Applian Technologies Inc. - ScriptHost.) -- C:\Program Files\Freecorder extension\ScriptHost.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 
O4 - HKLM\..\Run: [TPHOTKEY] . (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe 
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] . (.Lenovo Group Limited - ThinkPad FnF6 Resident Module.) -- C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe 
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe 
O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\Program Files\ThinkPad\UTILIT~1\PWMTR32V.dll (.not file.) 
O4 - HKLM\..\Run: [Message Center Plus] . (.Pas de propriétaire - Message Center Plus Launcher.) -- C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe 
O4 - HKLM\..\Run: [AcWin7Hlpr] . (...) -- C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe 
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
O4 - HKLM\..\Run: [ACWLIcon] . (.Lenovo - ThinkVantage Access Connections Wireless LA.) -- C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe 
O4 - HKLM\..\Run: [ACTray] . (.Lenovo - ThinkVantage Access Connections AC Tray  Mo.) -- C:\Program Files\Lenovo\Access Connections\ACTray.exe 
O4 - HKLM\..\Run: [dvd43] . (...) -- C:\Program Files\dvd43\dvd43_tray.exe 
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2013\avgui.exe 
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe 
O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [LGODDFU] . (.Bitleader - Pas de description.) -- C:\Program Files\lg_fwupdate\lgfw.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe 
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-21-591723367-1614411120-1145975636-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PNGGauntlet.lnk . (...)  -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{B2D251E2-A78B-42C2-9D94-695A8CCC17E9}\pnggauntlet.ico
O4 - Global Startup: C:\Users\user\Desktop\abrViewer.NET - Raccourci.lnk . (...)  -- C:\Program Files\abrViewer.NET\Release_NET20_2.0\abrViewer.NET.exe
O4 - Global Startup: C:\Users\user\Desktop\AoA Audio Extractor.lnk . (...)  -- C:\Program Files\AoA Audio Extractor\AoAAudioExtractor.exe
O4 - Global Startup: C:\Users\user\Desktop\Audacity.lnk . (.The Audacity Team.)  -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Users\user\Desktop\AVStoDVD.lnk . (.http://sourceforge.net/projects/avstodvd.)  -- C:\Program Files\AVStoDVD\AVStoDVD.exe
O4 - Global Startup: C:\Users\user\Desktop\Dropbox.lnk . (.Dropbox, Inc..)  -- C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: C:\Users\user\Desktop\DVD Flick.lnk . (.Dennis "Exl" Meuwissen.)  -- C:\Program Files\DVD Flick\dvdflick.exe
O4 - Global Startup: C:\Users\user\Desktop\DVD2AVI - Raccourci.lnk . (...)  -- C:\Users\user\Documents\Program Setups et parfois executables\DVD2AVI.exe
O4 - Global Startup: C:\Users\user\Desktop\DVD43.lnk . (...)  -- C:\Program Files\dvd43\DVD43_Tray.exe
O4 - Global Startup: C:\Users\user\Desktop\Easy Graphic Converter 1.2.lnk . (...)  -- C:\Program Files\Easy Graphic Converter\ImageConverter.exe
O4 - Global Startup: C:\Users\user\Desktop\Easy Thumbnails.lnk . (.Fookes Software.)  -- C:\Program Files\Easy Thumbnails\EzThumbs.exe
O4 - Global Startup: C:\Users\user\Desktop\emoticons-ajwan - Raccourci.lnk . (...)  -- C:\Users\user\Pictures\Site AJWAN\Emoticons et icones\My-emoticons\emoticons-ajwan
O4 - Global Startup: C:\Users\user\Desktop\FILEminimizer Pictures.lnk . (.balesio AG.)  -- C:\Program Files\FILEminimizer Pictures\FILEminimizer.exe
O4 - Global Startup: C:\Users\user\Desktop\Free FLV Converter.lnk . (.Koyote Soft.)  -- C:\Program Files\Free FLV Converter\FreeFLVConverter.exe
O4 - Global Startup: C:\Users\user\Desktop\Google Chrome.lnk . (.Google Inc..)  -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\user\Desktop\HiJackThis.lnk . (.Trend Micro Inc..)  -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
O4 - Global Startup: C:\Users\user\Desktop\Internet Explorer Troubleshooting.url . (.Trend Micro Inc..)  -- C:\Users\user\Desktop\Internet Explorer Troubleshooting.url
O4 - Global Startup: C:\Users\user\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\Desktop\Notepad++.lnk . (.Don HO don.h@free.fr.)  -- C:\Program Files\Notepad++\notepad++.exe
O4 - Global Startup: C:\Users\user\Desktop\Play65.lnk . (.Play65.)  -- C:\Users\user\AppData\Local\Play65\Play65.exe
O4 - Global Startup: C:\Users\user\Desktop\PngGauntlet - Raccourci.lnk . (.Benjamin Hollis.)  -- C:\Program Files\PNGGauntlet\PngGauntlet.exe
O4 - Global Startup: C:\Users\user\Desktop\poedit - Raccourci.lnk . (.Vaclav Slavik.)  -- C:\Program Files\Poedit\bin\poedit.exe
O4 - Global Startup: C:\Users\user\Desktop\Scribus 1.3.3.14.lnk . (.The Scribus Team.)  -- C:\Program Files\Scribus 1.3.3.14\Scribus.exe
O4 - Global Startup: C:\Users\user\Desktop\WampServer.lnk . (.Aestan Software.)  -- C:\wamp\wampmanager.exe
O4 - Global Startup: C:\Users\user\Desktop\Windows Movie Maker 2.6.lnk . (.Microsoft Corporation.)  -- C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
O4 - Global Startup: C:\Users\user\Desktop\WM Converter.lnk . (.All Alex, Inc.)  -- C:\Program Files\WMR11\WM Converter\WM Converter.exe
O4 - Global Startup: C:\Users\user\Desktop\WM Recorder 12.1.lnk . (.All Alex,Inc.)  -- C:\Program Files\WMR11\WMR11.exe
O4 - Global Startup: C:\Users\user\Desktop\YoodaMap.lnk . (...)  -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{633A27AE-C1C4-48E7-85D4-3C34994B5331}\_DB80C12A9E00_495E_9E74_DCEEA3A22A50.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
~ Scan Global Startup in 00mn 01s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Click to Call - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.jalbum.net
O15 - Trusted Zone: [HKCU\...\Domains\www] http.jalbum.net
~ Scan IE Zone Confiance in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D707A54-31AE-421A-AA7F-1E88C063A250}: DhcpNameServer = 61.12.0.50 61.12.0.99
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD5BBB0F-0D46-4091-85CA-71E7ED662E2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9D707A54-31AE-421A-AA7F-1E88C063A250}: DhcpNameServer = 61.12.0.50 61.12.0.99
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD5BBB0F-0D46-4091-85CA-71E7ED662E2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9D707A54-31AE-421A-AA7F-1E88C063A250}: DhcpNameServer = 61.12.0.50 61.12.0.99
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD5BBB0F-0D46-4091-85CA-71E7ED662E2C}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (...) -- 
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.dll
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (AcPrfMgrSvc) . (.Lenovo - ThinkVantage Access Connections Profile Man.) - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service:  (AcSvc) . (.Lenovo - ThinkVantage Access Connections Main Servic.) - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) . (.Lenovo - ThinkPad Power Management Service.) - C:\Windows\System32\ibmpmsvc.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) . (.Lenovo Group Limited - Microphone Mute Controll Service for ThinkP.) - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: System Update (SUService) . (.Lenovo Group Limited - ThinkVantage System Update Service.) - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited - About ThinkVantage Technologies.) - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: On Screen Display (TPHKSVC) . (.Lenovo Group Limited - On screen display Fn+Fx handler.) - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
~ Scan Services in 00mn 06s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-591723367-1614411120-1145975636-1003Core.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-591723367-1614411120-1145975636-1003UA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\ROC_REG_JAN_DELETE.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SystemToolsDailyTest.job
[MD5.424877CB9D5517F980FF7BACA2EB379D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.74660C1E9139D95F4E006E8E49EA4986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-591723367-1614411120-1145975636-1003Core] (.Google Inc..) -- C:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-591723367-1614411120-1145975636-1003UA] (.Google Inc..) -- C:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.70D09D759312BA7F9CF01DE47700F8F8] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor\sessionchecker.exe
[MD5.7CF0CD380764C6D2BC6EB99D5319CD68] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor\uaclauncher.exe
[MD5.6D3D07F7B369F25E69271458DF674F9C] [APT] [PMTask] (.Lenovo Group Limited.) -- C:\Program Files\ThinkPad\Utilities\PWMIDTSV.exe
[MD5.6A8E0E72D390B95EFE3A7FFA17D5C504] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
[MD5.B7D0F1FA8926F0D58B7A000E5DAB4B3E] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
[MD5.B7D0F1FA8926F0D58B7A000E5DAB4B3E] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealUpgradeLogonTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealUpgradeScheduledTaskS-1-5-21-591723367-1614411120-1145975636-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.F0876747D83C1067BD71DAAF9F59325F] [APT] [ROC_REG_JAN_DELETE] (...) -- C:\ProgramData\AVG January 2013 Campaign\ROC.exe
[MD5.7CF0CD380764C6D2BC6EB99D5319CD68] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor\uaclauncher.exe
[MD5.1027DF7F909776789D9D1C2C30410166] [APT] [{0AD30371-9971-4905-AFA6-E96FA495CDBA}] (...) -- C:\users\user\program setups\OOo_3.3.0_Win_x86_install-wJRE_fr.exe
[MD5.C8F9B804DB9065E4EBBFC4508F6B2F8F] [APT] [{268B82BE-8D81-4E12-A9A3-6422905B25AB}] (.OpenOffice.org.) -- C:\Program Files\OpenOffice.org 3\program\scalc.exe
[MD5.C8F9B804DB9065E4EBBFC4508F6B2F8F] [APT] [{3A3BB3CC-B211-4FD4-A74E-21205995744F}] (.OpenOffice.org.) -- C:\Program Files\OpenOffice.org 3\program\scalc.exe
[MD5.C1FAE36B870F10F2038B9D1DADB38D18] [APT] [{4329E8F9-90CB-4663-918B-AF1193D34900}] (.Lenovo Group Ltd..) -- C:\Program Files\MLPS\APPS\MUIInstaller\LENMNC.exe
[MD5.44C1DE9D847FC6A27C6C1C6A2BBD5414] [APT] [{48ED6F4F-0AFC-4CBD-B468-2F6CCCAACB50}] (.The Scribus Team.) -- C:\users\user\program setups\scribus-1.3.3.14-win32-install.exe
[MD5.38A248E45366823BB566F97ABDFC1CB3] [APT] [{63553E1C-AB0D-4268-B9EC-7A1F97629D90}] (.The Scribus Team.) -- C:\Program Files\Scribus 1.3.3.14\uninst.exe
[MD5.00000000000000000000000000000000] [APT] [{89B30CD8-A337-4651-9673-C99758321662}] (...) -- C:\users\user\Desktop\graphic-converter.exe (.not file.)
[MD5.406260333000CC792300BFA43230709E] [APT] [{A013F63F-E9D6-47B0-9B55-9887DEF2A1F3}] (.Play65.) -- C:\users\user\AppData\Local\Play65\Play65.exe
[MD5.00000000000000000000000000000000] [APT] [{BC6F4ACA-9478-42D4-81DD-43B13C46B617}] (...) -- D:\STARTER\FRENCH\SETUP.exe (.not file.)
[MD5.C8F9B804DB9065E4EBBFC4508F6B2F8F] [APT] [{CEA75DAD-9820-4E4F-85E8-BAA84B1363A4}] (.OpenOffice.org.) -- C:\Program Files\OpenOffice.org 3\program\scalc.exe
[MD5.00000000000000000000000000000000] [APT] [{FECA29B4-16A5-4A0A-9425-6497D2346B28}] (...) -- C:\users\user\Desktop\Windows_Movie_Maker_2.0.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
[MD5.A0AEB27264E00B8AB92144304509FA89] [APT] [SwitchDowngrade] (.NCH Software.) -- C:\Program Files\NCH Software\Switch\switch.exe
[MD5.00000000000000000000000000000000] [APT] [SwitchReminder] (...) -- C:\Program Files\NCH Swift Sound\Switch\Switch.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [switchShakeIcon] (...) -- C:\Program Files\NCH Swift Sound\Switch\Switch.exe (.not file.)
[MD5.B392F2B44064DE5BF64DF26EDE74C829] [APT] [LaunchRnR] (.Lenovo Limited Group Corporation.) -- C:\Program Files\Lenovo\Rescue and Recovery\rrcmd.exe
~ Scan Scheduled Task in 00mn 15s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_22\bin\regutils.dll
O40 - ASIC: Macromedia Shockwave Director 8.5.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir_1168638.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\Windows\system32\Macromed\Flash\Flash10c.ocx
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - C:\Windows\System32\DRIVERS\avgidsdriverx.sys
O41 - Driver:  (AVGIDSShim) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Dri.) - C:\Windows\System32\DRIVERS\avgidsshimx.sys
O41 - Driver:  (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx86.sys
O41 - Driver:  (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdix.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\System32\DRIVERS\smiif32.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (TPPWRIF) . (.Lenovo Group Limited - Power Manager.) - C:\Windows\System32\drivers\Tppwr32v.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 38s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- AVG
O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- {731E713B-C13E-4527-B624-8A6DF2D33DAF}
O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- {7FD093C2-3493-4B17-BB15-B129A7D1DC51}
O42 - Logiciel: AVStoDVD 2.5.1 - (.MrC.) [HKLM] -- AVStoDVD
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {B7B3E9B3-FB14-4927-894B-E9124509AF5A}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.01) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AoA Audio Extractor 1.0 - (.AoAMedia.Com.) [HKLM] -- AoA Audio Extractor_is1
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Audacity 2.0.2 - (.Audacity Team.) [HKLM] -- Audacity_is1
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: BGroom - (.Pas de propriétaire.) [HKLM] -- BGroom
O42 - Logiciel: Best Free Image Converter 3.14 - (.zxt2007.com.) [HKLM] -- {E90BC81F-2928-45F1-91E2-70E901A114B0}_is1
O42 - Logiciel: Business Contact Manager for Outlook 2007 SP2 - (.Microsoft Corporation.) [HKLM] -- Business Contact Manager
O42 - Logiciel: Business Contact Manager for Outlook 2007 SP2 - (.Microsoft Corporation.) [HKLM] -- {B32C4059-6E7A-41EF-AD20-56DF1872B923}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Create Recovery Media - (.Lenovo Group Limited.) [HKLM] -- {50DC5136-21E8-48BC-97E5-1AD055F6B0B6}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DHTML Editing Component - (.Microsoft Corporation.) [HKLM] -- {2EA870FA-585F-4187-903D-CB9FFD21E2E0}
O42 - Logiciel: DVD Flick 1.3.0.7 - (.Dennis Meuwissen.) [HKLM] -- DVD Flick_is1
O42 - Logiciel: DVD43 v4.6.0 - (.Pas de propriétaire.) [HKLM] -- DVD43_is1
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: EPSON Copy Utility - (.Pas de propriétaire.) [HKLM] -- {B69CC1A5-0404-11D6-ABCB-005004C21D30}
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Photo Print - (.Pas de propriétaire.) [HKLM] -- {C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}
O42 - Logiciel: EPSON PhotoQuicker3.2 - (.Pas de propriétaire.) [HKLM] -- {B2EFE303-A594-11D5-95EB-005004BC1C65}
O42 - Logiciel: EPSON PhotoStarter3.0 - (.Pas de propriétaire.) [HKLM] -- {5983C895-DDA4-45D9-A8D1-877D5DE7693E}
O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] -- {6C11D561-620B-47DA-A693-4C597F3CDF40}
O42 - Logiciel: Easy Graphic Converter 1.2 - (.Etru Software Development.) [HKLM] -- Easy Graphic Converter 1.2_is1
O42 - Logiciel: Easy Thumbnails (Remove only) - (.Fookes Software.) [HKLM] -- Easy Thumbnails_is1
O42 - Logiciel: FFmpeg for Audacity on Windows - (.Pas de propriétaire.) [HKLM] -- FFmpeg for Audacity on Windows_is1
O42 - Logiciel: FILEminimizer Pictures - (.balesio AG.) [HKLM] -- FILEminimizer Pictures_is1
O42 - Logiciel: FileZilla Client 3.6.0.2 - (.FileZilla Project.) [HKLM] -- FileZilla Client
O42 - Logiciel: Free FLV Converter V 7.4.0 - (.Koyote Soft.) [HKLM] -- Free FLV Converter_is1
O42 - Logiciel: Freecorder 2.3 (with Skype Call Recording) - (.Pas de propriétaire.) [HKLM] -- Freecorder_1.0
O42 - Logiciel: Freecorder 7 Applications (7.0.0.48) - (.Applian Technologies.) [HKLM] -- Freecorder 7 Applications
O42 - Logiciel: Freecorder extension - (.Applian Technologies Inc..) [HKLM] -- Freecorder extension
O42 - Logiciel: Freecorder extension for Firefox - (.Applian Technologies, Inc..) [HKLM] -- Freecorder extension for Firefox
O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1
O42 - Logiciel: GPL Ghostscript - (.Artifex Software Inc..) [HKLM] -- GPL Ghostscript 9.02
O42 - Logiciel: Gmail Backup - (.Pas de propriétaire.) [HKLM] -- gmailbackup
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {B700113B-24A8-4D4C-8484-0CC944F764C8}
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM] -- {53646626-11D9-33C6-8BB1-472536192DC4}
O42 - Logiciel: Haali Media Splitter - (.Pas de propriétaire.) [HKLM] -- HaaliMkx
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM] -- {CCAFF072-4DDB-4846-963D-15F02A8E9472}
O42 - Logiciel: Intel(R) TV Wizard - (.Intel Corporation.) [HKLM] -- TVWiz
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- {20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java 7 Update 11 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217011FF}
O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}
O42 - Logiciel: KompoZer 0.8b3 - (.KompoZer.) [HKLM] -- {20aa4150-b5f4-11de-8a39-0800200c9a66}_is1
O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF
O42 - Logiciel: LAME v3.98.3 for Audacity - (.Pas de propriétaire.) [HKLM] -- LAME for Audacity_is1
O42 - Logiciel: LG CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LG CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LG CyberLink Media Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: LG CyberLink Media Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: LG CyberLink PowerBackup - (.CyberLink Corp..) [HKLM] -- {ADD5DB49-72CF-11D8-9D75-000129760D75}
O42 - Logiciel: LG ODD Auto Firmware Update - (.Pas de propriétaire.) [HKLM] -- {6179550A-3E7C-499E-BCC9-9E8113E0A285}
O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] -- LENOVO.SMIIF
O42 - Logiciel: Lenovo ThinkVantage Toolbox - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor for Windows
O42 - Logiciel: Lenovo Welcome - (.Lenovo.) [HKLM] -- Lenovo Welcome_is1
O42 - Logiciel: MKVToolNix 5.9.0 - (.Moritz Bunkus.) [HKLM] -- MKVToolNix
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Message Center Plus - (.Lenovo Group Limited.) [HKLM] -- {FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}
O42 - Logiciel: Microsoft Research AutoCollage Touch 2009 - (.Microsoft Research.) [HKLM] -- {1F8DA253-3C27-4B01-A63A-BA3533120833}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft® Office Language Pack 2007 – Nederlands (voor Office Outlook 2007 - (.Microsoft Corporation.) [HKLM] -- {4976ab7c-473f-4214-8fda-d56950327210}
O42 - Logiciel: Mobile Broadband - (.Lenovo.) [HKLM] -- {986AB50A-A527-4F6D-8E8B-87FC3F0C2DBA}
O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: On Screen Display - (.Pas de propriétaire.) [HKLM] -- OnScreenDisplay
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PNGGauntlet - (.Ben Hollis.) [HKLM] -- {B2D251E2-A78B-42C2-9D94-695A8CCC17E9}
O42 - Logiciel: Photobie -- photo editing software from Photobie Design - (.Pas de propriétaire.) [HKLM] -- Photobie
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Play65 - (.LogicEmpire.) [HKCU] -- Play65
O42 - Logiciel: Poedit - (.Vaclav Slavik.) [HKLM] -- {68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: RarZilla Free Unrar - (.Philipp Winterberg.) [HKLM] -- RarZilla Free Unrar
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows  - (.Pas de propriétaire.) [HKLM] -- EnablePS
O42 - Logiciel: Registry Patch to arrange icons in Device and Printers folder of Windows 7 - (.Pas de propriétaire.) [HKLM] -- W7DevOR
O42 - Logiciel: Rescue and Recovery - (.Lenovo Group Limited.) [HKLM] -- {B383F243-0ABC-4E56-AA30-923B8D85076E}
O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Scribus 1.3.3.14 - (.The Scribus Team.) [HKLM] -- Scribus 1.3.3.14
O42 - Logiciel: Search.com Toolbar v6.6 - (.CBS Interactive.) [HKLM] -- {2260164E-2F4F-4675-9577-42FBFEFD8B74}
O42 - Logiciel: Shockwave - (.Pas de propriétaire.) [HKLM] -- Shockwave
O42 - Logiciel: Skype™ 6.0 - (.Skype Technologies S.A..) [HKLM] -- {EA17F4FC-FDBF-4CF8-A529-2D983132D053}
O42 - Logiciel: SoundTap Streaming Audio Recorder - (.NCH Software.) [HKLM] -- SoundTap
O42 - Logiciel: Switch Sound File Converter - (.NCH Software.) [HKLM] -- Switch
O42 - Logiciel: System Update - (.Lenovo.) [HKLM] -- {25C64847-B900-48AD-A164-1B4F9B774650}
O42 - Logiciel: ThinkPad Bluetooth with Enhanced Data Rate Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] -- ThinkPad FullScreen Magnifier
O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] -- Power Management Driver
O42 - Logiciel: ThinkPad Power Manager - (.Pas de propriétaire.) [HKLM] -- {DAC01CEE-5BAE-42D5-81FC-B687E84E8405}
O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: ThinkPad UltraNav Utility - (.Lenovo.) [HKLM] -- {17CBC505-D1AE-459D-B445-3D2000A85842}
O42 - Logiciel: ThinkVantage Access Connections - (.Lenovo.) [HKLM] -- {8E537894-A559-4D60-B3CB-F4485E3D24E3}
O42 - Logiciel: ThinkVantage Active Protection System - (.Lenovo.) [HKLM] -- {46A84694-59EC-48F0-964C-7E76E9F8A2ED}
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Verizon Wireless Mobile Broadband Self Activation - (.Smith Micro Software, Inc..) [HKLM] -- {C64A877E-DF8D-4017-AA82-000A77C6D809}
O42 - Logiciel: Virtual Audio Cable 4.10 - (.Pas de propriétaire.) [HKLM] -- Virtual Audio Cable 4.10
O42 - Logiciel: WM Recorder 12.1 - (.Pas de propriétaire.) [HKLM] -- WM Recorder 12.1
O42 - Logiciel: WampServer 2.2 - (.Hervé Leclerc (HeL).) [HKLM] -- WampServer 2_is1
O42 - Logiciel: WinX DVD Ripper 5.5.9 - (.Digiarty Software, Inc..) [HKLM] -- WinX DVD Ripper_is1
O42 - Logiciel: Windows Driver Package - Intel System  (06/04/2009 1.0.0.0002) - (.Intel.) [HKLM] -- E7B58217635B8F723D4744A328A4B3237DB35FA9
O42 - Logiciel: Windows Driver Package - Intel hdc  (06/04/2009 7.0.0.1013) - (.Intel.) [HKLM] -- 1AE98C75AE2DD1284F66876FA76F46BFDF6B9D31
O42 - Logiciel: Windows Driver Package - Lenovo 1.55 (08/18/2009 1.55) - (.Lenovo.) [HKLM] -- 112AA64E0C8CC704E307FE914F7DEC1C0035598E
O42 - Logiciel: Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/10 - (.Realtek Semiconductor Corp..) [HKLM] -- 8FE0BAC9C97DE6D9A2B7BB6B689E7F9460D0624B
O42 - Logiciel: Yooda Map - (.Aldeis SARL.) [HKLM] -- {633A27AE-C1C4-48E7-85D4-3C34994B5331}
O42 - Logiciel: jAlbum - (.Jalbum AB.) [HKLM] -- {0A3B0211-68A9-417B-AE67-280357E8A134}
O42 - Logiciel: myphotobook.be - (.myphotobook GmbH.) [HKLM] -- be.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O42 - Logiciel: myphotobook.be - (.myphotobook GmbH.) [HKLM] -- {D02A3E27-0722-EC6E-975F-837C0E793D9F}
O42 - Logiciel: svBuilder - (.Airtight Interactive Inc..) [HKLM] -- svBuilder
O42 - Logiciel: svBuilder - (.Airtight Interactive Inc..) [HKLM] -- {C9CEC6F3-3944-92B4-6CCA-995182394542}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\1stpage]
[HKCU\Software\7-Zip]
[HKCU\Software\AVStoDVD]
[HKCU\Software\Addictive Software]
[HKCU\Software\Adobe]
[HKCU\Software\AnyTubeDownloader]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow\RealNetworks]
[HKCU\Software\AppDataLow\Software\Avg]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\RealNetworks]
[HKCU\Software\AppDataLow\Software\Search.com]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Audacity]
[HKCU\Software\Auslogics]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bradbury]
[HKCU\Software\BrowserTemp]
[HKCU\Software\Bugsplat]
[HKCU\Software\Bytescout]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoffeeCup Software]
[HKCU\Software\CyberLink]
[HKCU\Software\DVD43]
[HKCU\Software\EPSON]
[HKCU\Software\EZEMO]
[HKCU\Software\Evrsoft]
[HKCU\Software\Extensoft]
[HKCU\Software\Flo's Filters]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Freecorder]
[HKCU\Software\GPL Ghostscript]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IBM]
[HKCU\Software\IM Providers]
[HKCU\Software\INTEL]
[HKCU\Software\ImgBurn]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lenovo]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Lokas Ltd]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MarineCat]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\NSWB]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Oxemis]
[HKCU\Software\PC-Doctor]
[HKCU\Software\PDFCreator]
[HKCU\Software\Philipp Winterberg]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\ProgSense]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Redfield]
[HKCU\Software\Search.com]
[HKCU\Software\SkillEmpire]
[HKCU\Software\Skype]
[HKCU\Software\SourceTec]
[HKCU\Software\Synaptics]
[HKCU\Software\Trend Micro]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VFPlugin]
[HKCU\Software\Vaclav Slavik]
[HKCU\Software\WM Converter]
[HKCU\Software\WMR11]
[HKCU\Software\Widcomm]
[HKCU\Software\Winamp]
[HKCU\Software\Wsa32]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ZXT2007]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ambuhelper1]
[HKCU\Software\mkvmergeGUI]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Applian Technologies]
[HKLM\Software\Artifex]
[HKLM\Software\Avg]
[HKLM\Software\Bradbury]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Bunndle]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON Photo Print]
[HKLM\Software\EPSON]
[HKLM\Software\FFmpeg for Audacity]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Freecorder]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\GmailBackup]
[HKLM\Software\Google]
[HKLM\Software\IBM]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\L&H]
[HKLM\Software\LG Electronics]
[HKLM\Software\Lame for Audacity]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\Macserlen]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PC-Doctor]
[HKLM\Software\PDFCreator]
[HKLM\Software\Philipp Winterberg]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Python]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\Redfield]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEIKO EPSON Corp.]
[HKLM\Software\SRS Labs]
[HKLM\Software\Search.com]
[HKLM\Software\Skype]
[HKLM\Software\Smith Micro]
[HKLM\Software\Sonic]
[HKLM\Software\SourceTec]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\ThinkVantage]
[HKLM\Software\VideoLAN]
[HKLM\Software\Voice]
[HKLM\Software\Volatile]
[HKLM\Software\WMR11]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yooda]
[HKLM\Software\instinno]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/06/2011 - 23:25:31 - [3,348] ----D C:\Program Files\7-Zip
O43 - CFD: 11/11/2010 - 14:28:11 - [0,192] ----D C:\Program Files\abrViewer.NET
O43 - CFD: 27/11/2012 - 21:13:29 - [119,587] ----D C:\Program Files\Adobe
O43 - CFD: 11/11/2010 - 15:02:24 - [12,176] ----D C:\Program Files\AoA Audio Extractor
O43 - CFD: 27/11/2012 - 20:53:05 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 27/01/2013 - 17:49:32 - [110,702] ----D C:\Program Files\Applian Technologies
O43 - CFD: 14/01/2013 - 17:14:30 - [43,776] ----D C:\Program Files\Audacity
O43 - CFD: 14/12/2012 - 18:15:54 - [89,138] ----D C:\Program Files\AVG
O43 - CFD: 14/01/2013 - 16:03:11 - [4,635] ----D C:\Program Files\AviSynth 2.5
O43 - CFD: 14/01/2013 - 21:21:43 - [50,603] ----D C:\Program Files\AVStoDVD
O43 - CFD: 11/11/2010 - 13:35:46 - [4,312] ----D C:\Program Files\Best Free Image Converter
O43 - CFD: 31/01/2013 - 16:26:50 - [11,559] ----D C:\Program Files\BGroom
O43 - CFD: 29/12/2012 - 17:04:26 - [0] ----D C:\Program Files\Bradbury
O43 - CFD: 20/01/2013 - 21:42:42 - [5,023] ----D C:\Program Files\CCleaner
O43 - CFD: 29/01/2013 - 20:56:00 - [16,447] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 10/06/2010 - 12:05:47 - [5,521] ----D C:\Program Files\Cisco
O43 - CFD: 23/07/2011 - 19:27:11 - [0,573] ----D C:\Program Files\CoffeeCup Software
O43 - CFD: 30/01/2013 - 18:36:52 - [655,282] ----D C:\Program Files\Common Files
O43 - CFD: 29/01/2013 - 20:03:50 - [263,939] ----D C:\Program Files\CyberLink
O43 - CFD: 10/06/2010 - 12:00:59 - [0,879] ----D C:\Program Files\DIFX
O43 - CFD: 19/12/2012 - 15:45:17 - [37,077] ----D C:\Program Files\Digiarty
O43 - CFD: 27/04/2012 - 02:10:09 - [42,823] ----D C:\Program Files\DVD Flick
O43 - CFD: 20/07/2011 - 15:24:30 - [79,371] ----D C:\Program Files\DVD Maker
O43 - CFD: 11/11/2010 - 15:57:45 - [1,457] ----D C:\Program Files\dvd43
O43 - CFD: 11/11/2010 - 15:05:03 - [1,177] ----D C:\Program Files\Easy Graphic Converter
O43 - CFD: 26/08/2011 - 09:56:40 - [2,486] ----D C:\Program Files\Easy Thumbnails
O43 - CFD: 12/08/2011 - 14:26:00 - [171,398] ----D C:\Program Files\EPSON
O43 - CFD: 24/11/2010 - 00:19:20 - [0,007] ----D C:\Program Files\Evrsoft First Page 2006
O43 - CFD: 11/04/2011 - 00:33:38 - [0] ----D C:\Program Files\EZ Emoticons
O43 - CFD: 11/11/2010 - 15:28:26 - [19,501] ----D C:\Program Files\FFmpeg for Audacity
O43 - CFD: 1/02/2012 - 14:11:31 - [4,104] ----D C:\Program Files\FILEminimizer Pictures
O43 - CFD: 30/11/2012 - 00:35:52 - [16,769] ----D C:\Program Files\FileZilla FTP Client
O43 - CFD: 28/02/2012 - 16:31:32 - [0,659] ----D C:\Program Files\Free Download Manager
O43 - CFD: 28/02/2012 - 15:58:35 - [15,257] ----D C:\Program Files\Free FLV Converter
O43 - CFD: 11/11/2010 - 20:49:47 - [0] ----D C:\Program Files\Free Sothink DHTML Menu
O43 - CFD: 12/11/2010 - 14:37:38 - [2,617] ----D C:\Program Files\Free Sothink_Fichiers dezippes
O43 - CFD: 27/01/2013 - 17:48:53 - [2,164] ----D C:\Program Files\Freecorder extension
O43 - CFD: 23/03/2012 - 15:19:16 - [138,104] ----D C:\Program Files\GIMP-2.0
O43 - CFD: 31/10/2012 - 14:28:59 - [17,880] ----D C:\Program Files\GmailBackup
O43 - CFD: 23/09/2010 - 12:47:51 - [220,529] ----D C:\Program Files\Google
O43 - CFD: 8/07/2011 - 23:11:49 - [30,312] ----D C:\Program Files\gs
O43 - CFD: 14/01/2013 - 16:09:24 - [2,322] ----D C:\Program Files\Haali
O43 - CFD: 14/01/2013 - 16:04:48 - [2,913] ----D C:\Program Files\ImgBurn
O43 - CFD: 19/12/2012 - 13:37:38 - [94,536] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 10/06/2010 - 12:10:05 - [128,348] ----D C:\Program Files\Intel
O43 - CFD: 13/12/2012 - 03:46:41 - [5,683] ----D C:\Program Files\Internet Explorer
O43 - CFD: 10/06/2010 - 12:19:39 - [150,288] ----D C:\Program Files\InterVideo
O43 - CFD: 4/05/2012 - 04:36:58 - [104,711] ----D C:\Program Files\jAlbum
O43 - CFD: 16/01/2013 - 12:13:00 - [208,811] ----D C:\Program Files\Java
O43 - CFD: 10/06/2010 - 12:04:12 - [1,692] ----D C:\Program Files\JMicron
O43 - CFD: 1/02/2012 - 14:19:12 - [0,000] ----D C:\Program Files\JPEG Compression
O43 - CFD: 21/07/2011 - 22:00:56 - [22,826] ----D C:\Program Files\KompoZer
O43 - CFD: 11/11/2010 - 15:23:59 - [1,180] ----D C:\Program Files\Lame For Audacity
O43 - CFD: 22/09/2010 - 14:21:49 - [776,617] ----D C:\Program Files\Lenovo
O43 - CFD: 3/02/2013 - 17:45:28 - [7,511] ----D C:\Program Files\lg_fwupdate
O43 - CFD: 29/01/2013 - 14:53:32 - [12,374] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 31/01/2013 - 16:31:47 - [11,333] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 26/08/2010 - 14:20:07 - [18,884] ----D C:\Program Files\Microsoft
O43 - CFD: 20/07/2011 - 14:09:56 - [1103,979] ----D C:\Program Files\Microsoft Office
O43 - CFD: 22/09/2010 - 14:22:36 - [7,431] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 27/11/2012 - 21:21:48 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/06/2010 - 12:35:08 - [69,137] ----D C:\Program Files\Microsoft Small Business
O43 - CFD: 9/04/2011 - 05:39:42 - [206,240] ----D C:\Program Files\Microsoft SQL Server
O43 - CFD: 8/04/2011 - 13:16:49 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 10/06/2010 - 12:30:59 - [0,014] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 22/09/2010 - 14:22:45 - [3,554] ----D C:\Program Files\Microsoft Works
O43 - CFD: 17/12/2010 - 01:04:14 - [8,782] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 14/01/2013 - 16:10:59 - [48,008] ----D C:\Program Files\MKVToolNix
O43 - CFD: 10/06/2010 - 12:01:18 - [903,428] ----D C:\Program Files\MLPS
O43 - CFD: 8/07/2012 - 14:33:56 - [1,047] ----D C:\Program Files\Moozy
O43 - CFD: 4/03/2011 - 18:45:57 - [7,110] ----D C:\Program Files\Movie Maker
O43 - CFD: 4/03/2011 - 18:54:23 - [8,904] ----D C:\Program Files\Movie Maker 2.6
O43 - CFD: 19/01/2013 - 01:10:03 - [50,961] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 20/01/2013 - 11:51:47 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 05:52:30 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 26/08/2010 - 16:04:42 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 27/10/2011 - 00:04:28 - [17,184] ----D C:\Program Files\myphotobook.be
O43 - CFD: 29/01/2013 - 21:26:43 - [6,873] ----D C:\Program Files\NCH Software
O43 - CFD: 11/11/2010 - 16:08:21 - [4,092] ----D C:\Program Files\NCH Swift Sound
O43 - CFD: 25/07/2011 - 21:44:04 - [12,563] ----D C:\Program Files\Notepad++
O43 - CFD: 15/11/2012 - 14:02:09 - [288,773] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 7/07/2011 - 13:41:59 - [149,145] ----D C:\Program Files\OpenOffice.org3.3
O43 - CFD: 5/02/2012 - 16:08:53 - [114,730] ----D C:\Program Files\PC-Doctor
O43 - CFD: 24/10/2011 - 02:07:30 - [31,419] ----D C:\Program Files\PDFCreator
O43 - CFD: 31/10/2012 - 17:17:49 - [61,282] ----D C:\Program Files\Photobie
O43 - CFD: 18/06/2012 - 01:17:53 - [1,264] ----D C:\Program Files\PNGGauntlet
O43 - CFD: 8/12/2012 - 16:19:30 - [20,333] ----D C:\Program Files\Poedit
O43 - CFD: 27/11/2012 - 20:56:27 - [72,326] ----D C:\Program Files\QuickTime
O43 - CFD: 11/11/2010 - 16:02:26 - [1,760] ----D C:\Program Files\RarZilla Free Unrar
O43 - CFD: 18/12/2012 - 22:41:58 - [113,738] ----D C:\Program Files\Real
O43 - CFD: 18/12/2012 - 22:42:08 - [17,344] ----D C:\Program Files\RealNetworks
O43 - CFD: 10/06/2010 - 12:07:17 - [11,879] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 05:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 8/07/2011 - 23:15:16 - [64,653] ----D C:\Program Files\Scribus 1.3.3.14
O43 - CFD: 20/12/2012 - 17:47:36 - [0,170] ----D C:\Program Files\Search.com Toolbar
O43 - CFD: 26/11/2012 - 09:21:16 - [34,911] R---D C:\Program Files\Skype
O43 - CFD: 12/11/2010 - 14:34:44 - [0] ----D C:\Program Files\SourceTec
O43 - CFD: 20/10/2011 - 12:55:57 - [1,175] ----D C:\Program Files\svBuilder
O43 - CFD: 10/06/2010 - 12:42:06 - [20,941] ----D C:\Program Files\Synaptics
O43 - CFD: 10/06/2010 - 12:10:37 - [121,472] ----D C:\Program Files\ThinkPad
O43 - CFD: 30/01/2013 - 21:30:57 - [0,370] ----D C:\Program Files\Trend Micro
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 13/12/2012 - 01:24:10 - [0,924] ----D C:\Program Files\uTorrent
O43 - CFD: 10/06/2010 - 12:21:10 - [4,278] ----D C:\Program Files\Verizon Wireless
O43 - CFD: 11/11/2010 - 16:58:46 - [94,419] ----D C:\Program Files\VideoLAN
O43 - CFD: 3/03/2011 - 19:26:41 - [0,291] ----D C:\Program Files\Virtual Audio Cable
O43 - CFD: 20/07/2011 - 15:24:27 - [2,909] ----D C:\Program Files\Windows Defender
O43 - CFD: 10/05/2012 - 05:41:44 - [6,689] ----D C:\Program Files\Windows Journal
O43 - CFD: 20/05/2011 - 14:16:58 - [105,781] ----D C:\Program Files\Windows Live
O43 - CFD: 20/07/2011 - 15:24:30 - [5,895] ----D C:\Program Files\Windows Mail
O43 - CFD: 20/07/2011 - 15:24:29 - [6,298] ----D C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - 05:52:30 - [11,632] ----D C:\Program Files\Windows NT
O43 - CFD: 20/07/2011 - 15:24:29 - [4,213] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 20/07/2011 - 15:24:29 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 30/01/2013 - 18:36:19 - [8,896] ----D C:\Program Files\Windows Searchqu Toolbar
O43 - CFD: 20/07/2011 - 15:24:30 - [6,519] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 11/11/2010 - 16:30:51 - [31,801] ----D C:\Program Files\WMR11
O43 - CFD: 26/10/2011 - 10:44:50 - [5,617] ----D C:\Program Files\Yooda
O43 - CFD: 3/02/2013 - 17:46:49 - [11,887] ----D C:\Program Files\ZHPDiag
O43 - CFD: 27/11/2012 - 21:13:31 - [6,400] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 20/10/2011 - 10:53:04 - [37,540] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 11/11/2010 - 17:05:28 - [64,234] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 18/11/2011 - 17:04:58 - [0,082] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/06/2010 - 12:10:35 - [1,305] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 10/06/2010 - 12:05:46 - [8,646] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 10/06/2010 - 12:19:39 - [0,171] ----D C:\Program Files\Common Files\InterVideo
O43 - CFD: 16/09/2010 - 02:44:24 - [1,184] ----D C:\Program Files\Common Files\Java
O43 - CFD: 22/09/2010 - 14:20:28 - [40,206] ----D C:\Program Files\Common Files\Lenovo
O43 - CFD: 26/11/2012 - 16:47:07 - [398,298] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 12/08/2011 - 14:24:59 - [4,553] ----D C:\Program Files\Common Files\Python
O43 - CFD: 14/07/2009 - 03:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 26/11/2012 - 09:21:16 - [2,056] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 11/11/2010 - 14:46:49 - [0,630] ----D C:\Program Files\Common Files\SourceTec
O43 - CFD: 14/07/2009 - 03:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 9/11/2011 - 06:45:59 - [50,439] ----D C:\Program Files\Common Files\System
O43 - CFD: 26/08/2010 - 14:19:30 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 18/12/2012 - 22:41:56 - [0,336] ----D C:\Program Files\Common Files\xing shared
O43 - CFD: 28/01/2013 - 17:32:25 - [283,191] ----D C:\ProgramData\Adobe
O43 - CFD: 11/11/2010 - 17:05:20 - [36,792] ----D C:\ProgramData\Apple
O43 - CFD: 27/11/2012 - 20:56:07 - [25,485] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 20/01/2013 - 17:53:00 - [8,430] ----D C:\ProgramData\AVG January 2013 Campaign
O43 - CFD: 14/12/2012 - 18:21:29 - [219,047] ----D C:\ProgramData\AVG2013
O43 - CFD: 2/02/2012 - 00:55:47 - [201,758] ----D C:\ProgramData\avg9
O43 - CFD: 30/01/2013 - 19:02:35 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 20/05/2011 - 15:41:40 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 15/03/2011 - 12:39:40 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 29/01/2013 - 20:01:33 - [0,042] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 2/09/2010 - 13:22:53 - [0] ----D C:\ProgramData\Google
O43 - CFD: 10/06/2010 - 12:05:45 - [0,001] ----D C:\ProgramData\Intel
O43 - CFD: 10/06/2010 - 12:26:38 - [63,696] ----D C:\ProgramData\Lenovo
O43 - CFD: 1/09/2010 - 09:47:09 - [16,305] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 14/10/2011 - 15:08:57 - [0,023] ----D C:\ProgramData\McAfee
O43 - CFD: 14/10/2011 - 15:08:58 - [0,001] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 3/02/2013 - 17:04:05 - [119,963] ----D C:\ProgramData\MFAData
O43 - CFD: 26/11/2012 - 16:47:06 - [452,449] -S--D C:\ProgramData\Microsoft
O43 - CFD: 10/01/2013 - 01:02:06 - [0,145] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 27/04/2012 - 00:47:00 - [0,034] ----D C:\ProgramData\Mozilla
O43 - CFD: 14/01/2013 - 13:37:08 - [0,005] ----D C:\ProgramData\NCH Software
O43 - CFD: 11/11/2010 - 16:14:48 - [0] ----D C:\ProgramData\NCH Swift Sound
O43 - CFD: 29/08/2010 - 07:15:21 - [0,012] ----D C:\ProgramData\Norton
O43 - CFD: 26/08/2010 - 14:22:47 - [7,588] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 8/05/2011 - 10:06:19 - [3,196] ----D C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 30/01/2013 - 13:37:01 - [155,358] ----D C:\ProgramData\PCDr
O43 - CFD: 18/12/2012 - 22:43:13 - [3,533] ----D C:\ProgramData\Real
O43 - CFD: 18/12/2012 - 22:42:04 - [3,154] ----D C:\ProgramData\RealNetworks
O43 - CFD: 26/11/2012 - 09:21:25 - [121,354] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 16/09/2010 - 02:44:24 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 27/08/2010 - 09:09:18 - [0,000] ----D C:\ProgramData\Symantec
O43 - CFD: 27/01/2013 - 15:52:41 - [103,939] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 14/01/2013 - 11:58:10 - [0,002] ----D C:\ProgramData\Windows Genuine Advantage
O43 - CFD: 29/11/2012 - 01:30:59 - [15,094] ----D C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 28/11/2012 - 08:49:13 - [0,023] ----D C:\Users\user\AppData\Roaming\Apple Computer
O43 - CFD: 20/11/2010 - 12:42:03 - [0,000] ----D C:\Users\user\AppData\Roaming\ArchiFacile
O43 - CFD: 2/11/2012 - 03:15:49 - [6,984] ----D C:\Users\user\AppData\Roaming\Artisteer
O43 - CFD: 14/01/2013 - 17:57:09 - [0,004] ----D C:\Users\user\AppData\Roaming\Audacity
O43 - CFD: 14/12/2012 - 18:34:04 - [0,041] ----D C:\Users\user\AppData\Roaming\AVG2013
O43 - CFD: 27/10/2011 - 00:04:50 - [37,476] ----D C:\Users\user\AppData\Roaming\be.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O43 - CFD: 20/05/2011 - 15:41:40 - [0,002] ----D C:\Users\user\AppData\Roaming\Canneverbe Limited
O43 - CFD: 24/11/2010 - 00:24:33 - [0,057] ----D C:\Users\user\AppData\Roaming\CoffeeCup Software
O43 - CFD: 27/04/2012 - 00:47:01 - [0,467] ----D C:\Users\user\AppData\Roaming\Complitly
O43 - CFD: 14/01/2013 - 11:21:42 - [0,003] ----D C:\Users\user\AppData\Roaming\CyberLink
O43 - CFD: 28/05/2012 - 11:30:12 - [0,022] ----D C:\Users\user\AppData\Roaming\Digiarty
O43 - CFD: 31/01/2013 - 00:33:56 - [27,558] ----D C:\Users\user\AppData\Roaming\Dropbox
O43 - CFD: 29/01/2013 - 20:48:35 - [0,004] ----D C:\Users\user\AppData\Roaming\DVD Flick
O43 - CFD: 14/01/2013 - 19:28:13 - [0,000] ----D C:\Users\user\AppData\Roaming\dvdcss
O43 - CFD: 28/02/2012 - 16:33:43 - [0] ----D C:\Users\user\AppData\Roaming\DVDVideoSoft
O43 - CFD: 3/03/2011 - 18:47:44 - [0,000] ----D C:\Users\user\AppData\Roaming\Easeware
O43 - CFD: 8/07/2012 - 14:30:34 - [0,000] ----D C:\Users\user\AppData\Roaming\Easy MP3 Recorder
O43 - CFD: 26/08/2011 - 10:01:13 - [0,001] ----D C:\Users\user\AppData\Roaming\Easy Thumbnails
O43 - CFD: 12/08/2011 - 12:32:22 - [0,112] ----D C:\Users\user\AppData\Roaming\EPSON
O43 - CFD: 19/12/2012 - 03:58:47 - [0,001] ----D C:\Users\user\AppData\Roaming\FILEminimizerPictures
O43 - CFD: 25/01/2013 - 23:16:13 - [0,028] ----D C:\Users\user\AppData\Roaming\FileZilla
O43 - CFD: 20/10/2011 - 11:37:23 - [0,362] ----D C:\Users\user\AppData\Roaming\Flickr
O43 - CFD: 28/01/2013 - 14:23:57 - [1,359] ----D C:\Users\user\AppData\Roaming\Freecorder 7 Converter
O43 - CFD: 27/01/2013 - 18:18:25 - [0,010] ----D C:\Users\user\AppData\Roaming\Freecorder 7 Video
O43 - CFD: 19/12/2012 - 14:09:55 - [0,050] ----D C:\Users\user\AppData\Roaming\FreeFLVConverter
O43 - CFD: 11/11/2010 - 13:16:50 - [0,000] ----D C:\Users\user\AppData\Roaming\FreeImageConverter
O43 - CFD: 31/10/2012 - 14:33:26 - [0,000] ----D C:\Users\user\AppData\Roaming\Gmail Backup
O43 - CFD: 2/09/2010 - 13:25:50 - [0,001] ----D C:\Users\user\AppData\Roaming\Google
O43 - CFD: 13/10/2010 - 01:47:59 - [0] ----D C:\Users\user\AppData\Roaming\GrabPro
O43 - CFD: 23/03/2012 - 15:25:45 - [0,000] ----D C:\Users\user\AppData\Roaming\gtk-2.0
O43 - CFD: 26/08/2010 - 15:55:06 - [0] ----D C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 14/01/2013 - 16:10:16 - [0,008] ----D C:\Users\user\AppData\Roaming\ImgBurn
O43 - CFD: 27/08/2010 - 08:58:13 - [0,001] ----D C:\Users\user\AppData\Roaming\Intel
O43 - CFD: 18/07/2011 - 12:33:35 - [11,738] ----D C:\Users\user\AppData\Roaming\jAlbum
O43 - CFD: 21/07/2011 - 21:30:24 - [1,762] ----D C:\Users\user\AppData\Roaming\KompoZer
O43 - CFD: 21/07/2011 - 22:01:00 - [0,323] ----D C:\Users\user\AppData\Roaming\kompozer.net
O43 - CFD: 28/08/2010 - 15:42:50 - [0,061] ----D C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 1/09/2010 - 09:47:28 - [8,447] ----D C:\Users\user\AppData\Roaming\Malwarebytes
O43 - CFD: 21/07/2009 - 12:47:43 - [0] ----D C:\Users\user\AppData\Roaming\Media Center Programs
O43 - CFD: 26/11/2012 - 16:07:27 - [8,848] -S--D C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 14/01/2013 - 16:21:52 - [0] ----D C:\Users\user\AppData\Roaming\mkvtoolnix
O43 - CFD: 29/01/2013 - 01:21:12 - [63,469] ----D C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 29/01/2013 - 21:26:43 - [0,005] ----D C:\Users\user\AppData\Roaming\NCH Software
O43 - CFD: 11/11/2010 - 16:08:21 - [0,000] ----D C:\Users\user\AppData\Roaming\NCH Swift Sound
O43 - CFD: 26/07/2011 - 00:47:23 - [0,397] ----D C:\Users\user\AppData\Roaming\Notepad++
O43 - CFD: 11/04/2011 - 00:31:13 - [0,253] ----D C:\Users\user\AppData\Roaming\nswb
O43 - CFD: 7/07/2011 - 13:59:22 - [89,339] ----D C:\Users\user\AppData\Roaming\OpenOffice.org
O43 - CFD: 11/11/2010 - 20:39:20 - [5,132] ----D C:\Users\user\AppData\Roaming\Orbit
O43 - CFD: 21/09/2011 - 18:32:42 - [0,238] ----D C:\Users\user\AppData\Roaming\Oxemis
O43 - CFD: 8/05/2011 - 10:07:37 - [0,059] ----D C:\Users\user\AppData\Roaming\PCDr
O43 - CFD: 11/11/2010 - 13:50:25 - [0,000] ----D C:\Users\user\AppData\Roaming\Philipp Winterberg
O43 - CFD: 13/10/2010 - 01:48:08 - [0,000] ----D C:\Users\user\AppData\Roaming\ProgSense
O43 - CFD: 18/12/2012 - 22:42:39 - [70,214] ----D C:\Users\user\AppData\Roaming\Real
O43 - CFD: 18/12/2012 - 22:42:53 - [0,028] ----D C:\Users\user\AppData\Roaming\RealNetworks
O43 - CFD: 1/06/2012 - 13:04:39 - [0,001] ----D C:\Users\user\AppData\Roaming\ReMage Image Resizer
O43 - CFD: 3/02/2013 - 15:31:13 - [12,104] ----D C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 6/12/2010 - 00:14:20 - [0,001] ----D C:\Users\user\AppData\Roaming\svBuilder
O43 - CFD: 14/12/2012 - 18:21:05 - [0] ----D C:\Users\user\AppData\Roaming\TuneUp Software
O43 - CFD: 8/05/2011 - 09:34:11 - [78,431] ----D C:\Users\user\AppData\Roaming\Update
O43 - CFD: 29/01/2013 - 13:36:09 - [1,428] ----D C:\Users\user\AppData\Roaming\uTorrent
O43 - CFD: 3/02/2013 - 05:23:40 - [0,078] ----D C:\Users\user\AppData\Roaming\vlc
O43 - CFD: 14/04/2011 - 04:17:35 - [0] ----D C:\Users\user\AppData\Roaming\Windows Live Writer
O43 - CFD: 27/11/2012 - 21:12:56 - [159,558] ----D C:\Users\user\AppData\Local\Adobe
O43 - CFD: 11/11/2010 - 17:05:21 - [0] ----D C:\Users\user\AppData\Local\Apple
O43 - CFD: 5/11/2012 - 02:42:00 - [0] ----D C:\Users\user\AppData\Local\Apple Computer
O43 - CFD: 26/08/2010 - 14:18:13 - [0] ----D C:\Users\user\AppData\Local\Application Data
O43 - CFD: 11/11/2010 - 16:55:51 - [0,011] ----D C:\Users\user\AppData\Local\assembly
O43 - CFD: 14/12/2012 - 19:38:12 - [11,355] ----D C:\Users\user\AppData\Local\Avg2013
O43 - CFD: 18/06/2012 - 01:20:14 - [0,003] ----D C:\Users\user\AppData\Local\Benjamin_Hollis
O43 - CFD: 12/05/2012 - 19:42:53 - [0] ----D C:\Users\user\AppData\Local\Conduit
O43 - CFD: 29/01/2013 - 14:02:50 - [0,159] ----D C:\Users\user\AppData\Local\Diagnostics
O43 - CFD: 21/09/2011 - 18:23:57 - [10,908] ----D C:\Users\user\AppData\Local\Downloaded Installations
O43 - CFD: 19/09/2011 - 17:05:31 - [0] ----D C:\Users\user\AppData\Local\ElevatedDiagnostics
O43 - CFD: 20/10/2011 - 11:37:23 - [1,749] ----D C:\Users\user\AppData\Local\Flickr
O43 - CFD: 12/05/2012 - 14:29:17 - [419,017] ----D C:\Users\user\AppData\Local\FLVService
O43 - CFD: 28/01/2013 - 14:24:44 - [0] ----D C:\Users\user\AppData\Local\Freecorder 7 Converter
O43 - CFD: 27/01/2013 - 18:19:15 - [0] ----D C:\Users\user\AppData\Local\Freecorder 7 Video
O43 - CFD: 10/10/2011 - 22:32:28 - [439,386] ----D C:\Users\user\AppData\Local\Google
O43 - CFD: 14/01/2013 - 12:13:13 - [0] ----D C:\Users\user\AppData\Local\Help
O43 - CFD: 26/08/2010 - 14:18:13 - [0] ----D C:\Users\user\AppData\Local\Historique
O43 - CFD: 21/11/2011 - 12:28:12 - [0,014] ----D C:\Users\user\AppData\Local\Ilivid Player
O43 - CFD: 28/01/2013 - 14:23:47 - [0,008] ----D C:\Users\user\AppData\Local\Jaksta_Technologies_Pty_L
O43 - CFD: 21/07/2011 - 22:01:00 - [10,523] ----D C:\Users\user\AppData\Local\kompozer.net
O43 - CFD: 10/06/2012 - 05:26:09 - [0] ----D C:\Users\user\AppData\Local\Macromedia
O43 - CFD: 14/12/2012 - 18:12:41 - [8,719] ----D C:\Users\user\AppData\Local\MFAData
O43 - CFD: 10/06/2012 - 05:26:10 - [255,058] ----D C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 30/08/2010 - 10:27:51 - [0] ----D C:\Users\user\AppData\Local\Microsoft Help
O43 - CFD: 30/01/2013 - 13:46:51 - [0,162] ----D C:\Users\user\AppData\Local\MigWiz
O43 - CFD: 29/08/2010 - 06:02:16 - [153,684] ----D C:\Users\user\AppData\Local\Mozilla
O43 - CFD: 11/11/2010 - 16:55:52 - [0,001] ----D C:\Users\user\AppData\Local\networker
O43 - CFD: 21/11/2011 - 12:26:47 - [0] ----D C:\Users\user\AppData\Local\PackageAware
O43 - CFD: 22/09/2010 - 14:25:02 - [22,243] ----D C:\Users\user\AppData\Local\Play65
O43 - CFD: 22/12/2012 - 02:06:02 - [0,186] ----D C:\Users\user\AppData\Local\Power2Go
O43 - CFD: 29/01/2013 - 14:52:30 - [0] ----D C:\Users\user\AppData\Local\Programs
O43 - CFD: 12/11/2010 - 14:31:57 - [0] ----D C:\Users\user\AppData\Local\Sothink
O43 - CFD: 3/02/2013 - 17:44:23 - [3,927] ----D C:\Users\user\AppData\Local\Temp
O43 - CFD: 26/08/2010 - 14:18:13 - [0] ----D C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 20/10/2012 - 21:46:35 - [0,857] ----D C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 5/11/2012 - 02:42:17 - [0,082] ----D C:\Users\user\AppData\Local\Windows Live
O43 - CFD: 14/04/2011 - 04:17:44 - [0,355] ----D C:\Users\user\AppData\Local\Windows Live Writer
O43 - CFD: 11/09/2011 - 02:39:07 - [0] ----D C:\Users\user\AppData\Local\WMTools Downloaded Files
O43 - CFD: 12/05/2011 - 02:24:19 - [0] ----D C:\Users\user\AppData\Local\{0330B21A-8CF0-45FB-B02B-2711839EB83B}
O43 - CFD: 15/04/2011 - 09:41:50 - [0] ----D C:\Users\user\AppData\Local\{047527A6-B65B-40D6-B420-C6BAC1075C8B}
O43 - CFD: 19/04/2011 - 10:22:33 - [0] ----D C:\Users\user\AppData\Local\{04861B14-841C-401D-B0BE-051314D6C452}
O43 - CFD: 17/05/2011 - 11:16:09 - [0] ----D C:\Users\user\AppData\Local\{0AA755B3-33DC-4B60-B2E8-360E2E7BF1CF}
O43 - CFD: 8/05/2011 - 09:09:48 - [0] ----D C:\Users\user\AppData\Local\{0B8CDAC5-CF6A-4809-A22A-6C4DC7CD8FFA}
O43 - CFD: 13/05/2011 - 11:34:14 - [0] ----D C:\Users\user\AppData\Local\{0BABC552-97F8-411E-97D3-624FBF4D9B22}
O43 - CFD: 14/05/2011 - 08:10:59 - [0] ----D C:\Users\user\AppData\Local\{144D8284-D2DE-4609-B450-1F749BCDBA07}
O43 - CFD: 23/04/2011 - 09:31:48 - [0] ----D C:\Users\user\AppData\Local\{182C13FB-4AE8-4755-B6AF-937BEEF0F538}
O43 - CFD: 14/04/2011 - 04:18:11 - [0] ----D C:\Users\user\AppData\Local\{23DF1417-CD05-4481-9440-C400AC4C3601}
O43 - CFD: 10/04/2011 - 08:35:24 - [0] ----D C:\Users\user\AppData\Local\{2795BB52-6D4C-41CB-9604-1FD97791F85C}
O43 - CFD: 10/05/2011 - 01:43:52 - [0] ----D C:\Users\user\AppData\Local\{2B93057D-DD11-4625-A38E-AFFDEE282BDD}
O43 - CFD: 18/05/2011 - 18:54:00 - [0] ----D C:\Users\user\AppData\Local\{2FCA179B-EA10-432C-90E8-8EA3394366FE}
O43 - CFD: 11/05/2011 - 11:33:21 - [0] ----D C:\Users\user\AppData\Local\{3025D055-E480-45CB-A220-76126D9ED9E2}
O43 - CFD: 8/04/2011 - 13:44:16 - [0] ----D C:\Users\user\AppData\Local\{30FFF555-E5E7-477F-8567-08892E0F8B6D}
O43 - CFD: 28/04/2011 - 23:05:49 - [0] ----D C:\Users\user\AppData\Local\{31775FE1-1239-4729-810E-8F8147D0F075}
O43 - CFD: 10/05/2011 - 10:05:25 - [0] ----D C:\Users\user\AppData\Local\{32AE56CC-A1AB-4C17-BD8E-88765ACE5EF6}
O43 - CFD: 27/04/2012 - 01:20:29 - [0] ----D C:\Users\user\AppData\Local\{33C449BE-76AF-4FFF-821E-3202D76D5DE9}
O43 - CFD: 26/04/2011 - 08:11:21 - [0] ----D C:\Users\user\AppData\Local\{348DC728-DDD5-4497-9F88-F5627BFC862C}
O43 - CFD: 11/04/2011 - 10:19:32 - [0] ----D C:\Users\user\AppData\Local\{3609B78F-F5ED-4864-B8C3-1D5A84F62F37}
O43 - CFD: 7/05/2011 - 10:38:10 - [0] ----D C:\Users\user\AppData\Local\{3960EC28-F04E-436A-82A5-332AC71028E1}
O43 - CFD: 9/05/2011 - 10:16:23 - [0] ----D C:\Users\user\AppData\Local\{3B1996AE-60C1-4B9A-8BE9-CC298FB1D2CE}
O43 - CFD: 12/04/2011 - 08:59:00 - [0] ----D C:\Users\user\AppData\Local\{44F36087-9874-4355-8E42-5FEF2616D87A}
O43 - CFD: 9/04/2011 - 02:30:28 - [0] ----D C:\Users\user\AppData\Local\{5A2E04E1-111E-4833-BCA9-BB52046E907E}
O43 - CFD: 19/05/2011 - 08:59:44 - [0] ----D C:\Users\user\AppData\Local\{5B752913-A47D-449E-B819-48F190524611}
O43 - CFD: 4/05/2011 - 10:55:37 - [0] ----D C:\Users\user\AppData\Local\{6465C936-B4EB-4DCF-BDBF-83443F41B749}
O43 - CFD: 15/04/2011 - 09:36:12 - [0] ----D C:\Users\user\AppData\Local\{67F03FB5-01BC-4156-8E47-F7F4F491808B}
O43 - CFD: 24/04/2011 - 08:47:52 - [0] ----D C:\Users\user\AppData\Local\{70F9F315-8B60-43EA-8D12-845F3D481B25}
O43 - CFD: 5/05/2011 - 09:11:55 - [0] ----D C:\Users\user\AppData\Local\{75A2B153-6A82-4FC0-9495-818DA2F0840E}
O43 - CFD: 25/04/2011 - 08:54:55 - [0] ----D C:\Users\user\AppData\Local\{8ABECB52-987D-41AE-BB38-716B9E0CEA48}
O43 - CFD: 16/05/2011 - 22:52:08 - [0] ----D C:\Users\user\AppData\Local\{8FB19D40-C2F8-4416-B2CF-25E6D6D8F05F}
O43 - CFD: 15/05/2011 - 09:17:52 - [0] ----D C:\Users\user\AppData\Local\{A56DE7F4-4F87-4665-9094-BA9424A5E4C0}
O43 - CFD: 17/04/2011 - 09:46:32 - [0] ----D C:\Users\user\AppData\Local\{B06548DF-DEFC-49E4-9860-2C7818D23AE9}
O43 - CFD: 6/05/2011 - 22:23:29 - [0] ----D C:\Users\user\AppData\Local\{B1C3F30A-107D-4206-A2C2-546306AA188A}
O43 - CFD: 13/04/2011 - 08:30:02 - [0] ----D C:\Users\user\AppData\Local\{B1CBCACF-8B26-433B-879C-B61BBEAE5665}
O43 - CFD: 16/05/2011 - 00:19:14 - [0] ----D C:\Users\user\AppData\Local\{B204BD23-7ECE-4D61-846F-A9DEC38AFAEB}
O43 - CFD: 18/04/2011 - 09:59:11 - [0] ----D C:\Users\user\AppData\Local\{B3F9E6E7-90F1-418D-860A-FCBAE5B48508}
O43 - CFD: 22/04/2011 - 08:37:49 - [0] ----D C:\Users\user\AppData\Local\{B463E1D8-2E5A-46F0-AFD0-ADE486662C60}
O43 - CFD: 30/04/2011 - 09:04:04 - [0] ----D C:\Users\user\AppData\Local\{B91C6CE8-2A6D-46C5-91F0-3BC038021683}
O43 - CFD: 16/04/2011 - 07:14:52 - [0] ----D C:\Users\user\AppData\Local\{C18F4E2D-55C9-493B-92F9-B417941B0D87}
O43 - CFD: 3/05/2011 - 01:10:12 - [0] ----D C:\Users\user\AppData\Local\{C7561CD8-2465-4B9F-BC2B-9AF48BEC221A}
O43 - CFD: 20/04/2011 - 19:00:02 - [0] ----D C:\Users\user\AppData\Local\{E3B11E20-1AEF-426E-94A8-BA98135202FF}
O43 - CFD: 18/04/2011 - 22:09:43 - [0] ----D C:\Users\user\AppData\Local\{F5783A4A-080D-404E-B1F9-7AC0EF729CA0}
O43 - CFD: 26/04/2011 - 22:18:15 - [0] ----D C:\Users\user\AppData\Local\{F6F6FF0A-3479-429F-842F-B3A7D34BA675}
O43 - CFD: 27/04/2011 - 20:48:27 - [0] ----D C:\Users\user\AppData\Local\{FEC97B02-D63E-4222-BCE7-7230BD9341FA}
O43 - CFD: 27/04/2012 - 00:50:26 - [0,014] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 13:53:36 - [0,000] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/01/2013 - 16:03:10 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
O43 - CFD: 14/01/2013 - 21:21:42 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVStoDVD
O43 - CFD: 29/01/2013 - 19:59:09 - [0,005] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
O43 - CFD: 2/11/2012 - 15:46:39 - [0,002] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 12/01/2013 - 02:59:44 - [0,002] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/01/2013 - 16:09:24 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 30/01/2013 - 21:30:57 - [0,003] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
O43 - CFD: 22/09/2010 - 14:25:04 - [0,001] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/07/2011 - 21:43:58 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2/09/2010 - 02:13:48 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play65
O43 - CFD: 8/07/2011 - 23:15:16 - [0,000] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scribus 1.3.3.14
O43 - CFD: 15/11/2012 - 14:07:07 - [0,001] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 11/11/2010 - 16:24:48 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Recorder 12.1
O43 - CFD: 26/10/2011 - 10:44:53 - [0,003] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yooda
~ Scan Program Folder in 01mn 30s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.757B8941F43FE05B55331FF98CAB9147] - 3/02/2013 - 17:41:21 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.C756130463679FD9DAA95AB5CB7CC481] - 3/02/2013 - 17:41:22 ---A- . (...) -- C:\Windows\setupact.log   [560]
O44 - LFC:[MD5.DABABFA9C203120366CB9C36A1FE74FD] - 3/02/2013 - 17:45:17 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1355287]
O44 - LFC:[MD5.08C588B0A538F63D54C0A84295B7D4A7] - 3/02/2013 - 17:45:22 ---A- . (...) -- C:\Windows\lgfwup.ini   [337]
O44 - LFC:[MD5.7752619457598CF057C4CC02A0867029] - 9/01/2013 - 19:05:41 ---A- . (.Microsoft - Système de classement CERO.) -- C:\Windows\System32\cero.rs   [55296]
O44 - LFC:[MD5.DDD1C4AB9A9DAE6D4092C4C95E714650] - 9/01/2013 - 19:05:41 ---A- . (.Microsoft - Système de classement ESRB.) -- C:\Windows\System32\esrb.rs   [51712]
O44 - LFC:[MD5.CBC69A055EF410CBD65593E4808B6DB4] - 9/01/2013 - 19:05:41 ---A- . (.Microsoft - Système de classement OFLC.) -- C:\Windows\System32\oflc.rs   [23552]
O44 - LFC:[MD5.72035C97983745E742D71E9A8EF70BBB] - 9/01/2013 - 19:05:41 ---A- . (.Microsoft - Système de classement PEGI en Finlande.) -- C:\Windows\System32\pegi-fi.rs   [20480]
O44 - LFC:[MD5.A067A19A91C2AA0198F9BD01A5CEF5C6] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classement GRB.) -- C:\Windows\System32\grb.rs   [21504]
O44 - LFC:[MD5.4F5C56DBF076D5BBB1D22B37BF281396] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classement PEGI au Portugal.) -- C:\Windows\System32\pegi-pt.rs   [20480]
O44 - LFC:[MD5.5109C45498BC709C8A7E016D5FFCCAC2] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classement PEGI.) -- C:\Windows\System32\pegi.rs   [20480]
O44 - LFC:[MD5.9B7D7F4D1F79E8B7D727BE94B1630D59] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\pegibbfc.rs   [44544]
O44 - LFC:[MD5.9EDCFA23CC081E38C86CA309D0F7E3DC] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classement USK.) -- C:\Windows\System32\usk.rs   [30720]
O44 - LFC:[MD5.41CE7975CAD7BCF92538D2C452239523] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classification COB-AU.) -- C:\Windows\System32\cob-au.rs   [40960]
O44 - LFC:[MD5.27828AAA24AA46F11036954ADE355C1C] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classification DJCTQ.) -- C:\Windows\System32\djctq.rs   [15360]
O44 - LFC:[MD5.A704E750245D5D4EE4A23E99A00F27D5] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classification FPB.) -- C:\Windows\System32\fpb.rs   [46592]
O44 - LFC:[MD5.ED59143843560B5EDB543C2A48CB9E4B] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de classification OFLC-NZ.) -- C:\Windows\System32\oflc-nz.rs   [45568]
O44 - LFC:[MD5.6EC618588447B82EA8D88719EE46F725] - 9/01/2013 - 19:05:43 ---A- . (.Microsoft - Système de notation CSRR.) -- C:\Windows\System32\csrr.rs   [43520]
O44 - LFC:[MD5.2729A8C07B94B7A80824F7C6E269BBFD] - 30/01/2013 - 21:01:49 ---A- . (...) -- C:\Windows\IE9_main.log   [2732]
O44 - LFC:[MD5.283CF171090BCF432BA9417BFD0B26B6] - 30/01/2013 - 20:00:37 ---A- . (...) -- C:\Windows\PFRO.log   [3172]
O44 - LFC:[MD5.0C86ECD57691D796EFF5D8A7D03A98F9] - 30/01/2013 - 18:36:56 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat   [109]
O44 - LFC:[MD5.E28F929ED69EFFEA6842E8D950ABE864] - 30/01/2013 - 12:58:28 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1681110]
O44 - LFC:[MD5.D29A60AE13B1A415CF76473E5BF3BF7E] - 30/01/2013 - 12:58:28 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [124144]
O44 - LFC:[MD5.BDC62AB963F3F8BC5DE2F1138A206D65] - 30/01/2013 - 12:58:28 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [148510]
O44 - LFC:[MD5.E31E867A2A0A56461CECAD56A3718E95] - 30/01/2013 - 12:58:28 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [662950]
O44 - LFC:[MD5.B71FBACA6609ED387BA3FA74B93A1179] - 30/01/2013 - 12:58:28 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [751422]
O44 - LFC:[MD5.B625188B17933ECFE482C7BCA1193D24] - 29/01/2013 - 21:28:31 ---A- . (...) -- C:\Windows\Submeo Uninstall Log.txt   [5124]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/01/2013 - 15:33:36 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.680CE43141FB1F432CD375063450E0C0] - 28/01/2013 - 17:32:14 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [697864]
O44 - LFC:[MD5.72AC0DB22D016619E0AD3F9C411B9738] - 28/01/2013 - 17:32:14 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [74248]
O44 - LFC:[MD5.D93993A2D716A5BF633C76BE4FD11217] - 19/01/2013 - 19:26:06 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll   [94112]
O44 - LFC:[MD5.55263AAAFF7419530F4C2B897267D2A8] - 19/01/2013 - 19:26:05 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [780192]
O44 - LFC:[MD5.87AC3175FA9C5FD5BAD55654C4E381F8] - 19/01/2013 - 19:26:05 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe   [174496]
O44 - LFC:[MD5.94FFE355A61070D2B4B83D05F1BE4FEB] - 19/01/2013 - 19:26:05 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe   [174496]
O44 - LFC:[MD5.87A4FFD3F0A67740EA638884460D1A3A] - 19/01/2013 - 19:26:05 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe   [261024]
O44 - LFC:[MD5.053E986A84F5EE271D38896B8079157D] - 19/01/2013 - 19:26:05 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npdeployJava1.dll   [859552]
O44 - LFC:[MD5.F2FEFDFE5DF0486979D040678A0A0084] - 16/01/2013 - 12:13:00 ---A- . (...) -- C:\Windows\System32\jupdate-1.7.0_11-b21.log   [4538]
O44 - LFC:[MD5.A7F9A4181C73EB0D68EC0453D4B71A05] - 10/01/2013 - 06:39:31 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [480560]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:17:39 ---A- . (...) -- C:\Windows\System32\locale.nls   [420064]
~ Scan Files in 00mn 08s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.22680B59E022F20C6D69B031BAEBBB84] - 1/02/2013 - 00:01:49 ---A- - C:\Windows\Prefetch\DXPSERVER.EXE-02DD8117.pf
O45 - LFCP:[MD5.5398A9A4E4413230213270DF7D638F19] - 1/02/2013 - 00:02:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-28BF826E.pf
O45 - LFCP:[MD5.26E3F331B3AB926EEEECA3C4B9B3FD03] - 1/02/2013 - 00:03:25 ---A- - C:\Windows\Prefetch\MMC.EXE-F5DC4F82.pf
O45 - LFCP:[MD5.6B4CB7847D7E9A2D9EA4AC57E0874303] - 1/02/2013 - 08:21:49 ---A- - C:\Windows\Prefetch\PCDRSYSINFOBLUETOOTH.P5X-481F8996.pf
O45 - LFCP:[MD5.0208A7A7E79B9D39499A2CC68583E056] - 1/02/2013 - 10:31:10 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
O45 - LFCP:[MD5.A629C53086418DD2035CBECF2C12DB65] - 2/02/2013 - 02:32:22 ---A- - C:\Windows\Prefetch\DISPLAYSWITCH.EXE-A8217868.pf
O45 - LFCP:[MD5.20F910A7F9BA8AF0AD599FAC645FB3C2] - 2/02/2013 - 13:16:24 ---A- - C:\Windows\Prefetch\ACWIN7HLPR.EXE-3D1C3E1D.pf
O45 - LFCP:[MD5.76B73486178E04004A97669AD043AF43] - 2/02/2013 - 13:16:27 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.6892BC90605E82EE8014B7E55F914B33] - 2/02/2013 - 13:16:29 ---A- - C:\Windows\Prefetch\AVGDIAGEX.EXE-A8198F94.pf
O45 - LFCP:[MD5.3272C616C5255C070D18FA5EB9E91558] - 2/02/2013 - 13:16:36 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:[MD5.A0F33F17139D3B9263C7B76162914D4C] - 2/02/2013 - 13:17:27 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.59B99F1F3654ED4E2A2FAFEF091E2126] - 2/02/2013 - 13:20:37 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-591723367-1614411120-1145975636-1003.db
O45 - LFCP:[MD5.DD0F2905549D8D227DBB07254F499AE1] - 2/02/2013 - 13:20:37 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-591723367-1614411120-1145975636-1003.db
O45 - LFCP:[MD5.96723816FADD9634DA4C9EFECB4BB3C5] - 2/02/2013 - 17:45:23 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf
O45 - LFCP:[MD5.20FF15B4C904C925E3FFC8516C5B435C] - 2/02/2013 - 19:13:38 ---A- - C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf
O45 - LFCP:[MD5.4570A5072F0FCF3B02DEE7A845CDF4D7] - 2/02/2013 - 19:15:31 ---A- - C:\Windows\Prefetch\PLAY65.EXE-35553588.pf
O45 - LFCP:[MD5.EB695C8198BD0601F78989291CC1D21F] - 2/02/2013 - 19:15:36 ---A- - C:\Windows\Prefetch\NTVDM.EXE-F6564EE5.pf
O45 - LFCP:[MD5.3CCEF7745EF9903290A045CC1D14A521] - 2/02/2013 - 19:15:42 ---A- - C:\Windows\Prefetch\PLAY65.EXE-4473ED11.pf
O45 - LFCP:[MD5.CFE27F97DDB5B90DD064BD8400EDB2A0] - 2/02/2013 - 20:01:20 ---A- - C:\Windows\Prefetch\REALSCHED.EXE-DDDCD145.pf
O45 - LFCP:[MD5.E5FF219AB3E81B0AB8CE531CF27CB4EE] - 2/02/2013 - 20:54:36 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.1A98C95989A86F23AB458C9231068076] - 28/01/2013 - 05:58:11 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.4330B4C91EE9DB34D8B3D1ED52AAB6DB] - 3/02/2013 - 05:04:58 ---A- - C:\Windows\Prefetch\MSFEEDSSYNC.EXE-6E6FBDF4.pf
O45 - LFCP:[MD5.1BE5105709C658FE3CC657398C8B3759] - 3/02/2013 - 05:25:15 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.31675EAEDC437ECC90363BA9DF38DE2A] - 3/02/2013 - 11:00:39 ---A- - C:\Windows\Prefetch\GETADMIN.EXE-C9958C3D.pf
O45 - LFCP:[MD5.7A5AFC0DE2647761B3C48FC841ADAB4E] - 3/02/2013 - 11:00:39 ---A- - C:\Windows\Prefetch\GETODD.EXE-DBC31DAB.pf
O45 - LFCP:[MD5.E978762A5422CB77AAF9BFD8DD294147] - 3/02/2013 - 11:00:40 ---A- - C:\Windows\Prefetch\BUYER.EXE-AD37D4F3.pf
O45 - LFCP:[MD5.5FB6258F690835F88DF30EAAA8F1BD6F] - 3/02/2013 - 11:00:42 ---A- - C:\Windows\Prefetch\GETODDMODEL.EXE-B89D3F18.pf
O45 - LFCP:[MD5.3F72FA981B54AF032D9188A35152C438] - 3/02/2013 - 11:00:49 ---A- - C:\Windows\Prefetch\FWUPDATE.EXE-3B3D4768.pf
O45 - LFCP:[MD5.41BBD3AC6B7EC394A71C97F093640A5E] - 3/02/2013 - 11:00:50 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf
O45 - LFCP:[MD5.91E03E596CACF3329D321A7F3A94485A] - 3/02/2013 - 11:00:58 ---A- - C:\Windows\Prefetch\RECORDINGMANAGER.EXE-A711D8FE.pf
O45 - LFCP:[MD5.A1DBE12F00F59CB4076F6735D8A6A641] - 3/02/2013 - 11:04:11 ---A- - C:\Windows\Prefetch\AVGSRMAX.EXE-AFDE43E9.pf
O45 - LFCP:[MD5.4EC065A58C4BB0D2CA24376BE9C0D178] - 3/02/2013 - 11:11:33 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.D8DAFF28DC69B68B82ABEDA437D72DE8] - 3/02/2013 - 11:11:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A3E35360.pf
O45 - LFCP:[MD5.11EF424BFCB56252A45F3DDBE556D29A] - 3/02/2013 - 11:13:01 ---A- - C:\Windows\Prefetch\UACLAUNCHER.EXE-B29ED6AC.pf
O45 - LFCP:[MD5.5BC55626478E50C0F071531A72066913] - 3/02/2013 - 11:13:11 ---A- - C:\Windows\Prefetch\PCDRCUI.EXE-C67D6807.pf
O45 - LFCP:[MD5.A328E558842124B530499887349A7BE9] - 3/02/2013 - 11:13:20 ---A- - C:\Windows\Prefetch\DETWANHW.EXE-CB236554.pf
O45 - LFCP:[MD5.691FA3F3475AEAD9F7E5F2B5C26719D1] - 3/02/2013 - 11:13:25 ---A- - C:\Windows\Prefetch\PCDRSYSINFOSMBIOS2.P5X-A47C2AEB.pf
O45 - LFCP:[MD5.73DD4D2F7CFF615F8FF47643DD696A01] - 3/02/2013 - 11:13:27 ---A- - C:\Windows\Prefetch\PCDRSYSINFOCSMI.P5X-587B5B5C.pf
O45 - LFCP:[MD5.3FEF637B492C8E3F9ACB83799EE4854D] - 3/02/2013 - 11:13:29 ---A- - C:\Windows\Prefetch\PCDRSYSINFOCPU_X86.P5X-A5B2A351.pf
O45 - LFCP:[MD5.BE337E4FCAEAC5FE01779771739A5D91] - 3/02/2013 - 11:13:31 ---A- - C:\Windows\Prefetch\PCDRSYSINFOCOMMUNICATION.P5X-80DE76A6.pf
O45 - LFCP:[MD5.EB9A9DEE001C0EA6CEF58AB05B28BDA5] - 3/02/2013 - 11:13:31 ---A- - C:\Windows\Prefetch\PCDRSYSINFOSTORAGE.P5X-5ED5ACC9.pf
O45 - LFCP:[MD5.31B81EEA0637BE60C3AB1B3226FB137E] - 3/02/2013 - 11:13:33 ---A- - C:\Windows\Prefetch\PCDRSYSINFOPERIPHERAL.P5X-AE26FACC.pf
O45 - LFCP:[MD5.26B2C61FA95C471EF1E0A378A9370BF2] - 3/02/2013 - 11:13:35 ---A- - C:\Windows\Prefetch\PCDRSYSINFODIRECT.P5X-03BB6E1F.pf
O45 - LFCP:[MD5.2C34B64320144D622A3D845A210E2F89] - 3/02/2013 - 11:13:35 ---A- - C:\Windows\Prefetch\PCDRSYSINFOSOFTWARE.P5X-2F41B9A7.pf
O45 - LFCP:[MD5.D90B1DACF5E8EFA15707DAA9E87BDE9B] - 3/02/2013 - 11:13:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-CF2B07FC.pf
O45 - LFCP:[MD5.368400C3F0D24927641EEFA6D11B2485] - 3/02/2013 - 11:14:04 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.64E2398953FD8DB71901AEB81BA0805B] - 3/02/2013 - 11:14:04 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.71E377BE02CA4D6494D7508F56E9531A] - 3/02/2013 - 11:14:06 ---A- - C:\Windows\Prefetch\TVT_FINGERPRINT_INFO.EXE-E5243664.pf
O45 - LFCP:[MD5.0B1BB082249B24B99AD75B730E29F1E9] - 3/02/2013 - 11:15:02 ---A- - C:\Windows\Prefetch\APPUPDATER.EXE-85C1F260.pf
O45 - LFCP:[MD5.2BA78D2C8EE79B3DE3F7791145EFF2E4] - 3/02/2013 - 11:15:06 ---A- - C:\Windows\Prefetch\GOOGLETALKPLUGIN.EXE-2864CCA3.pf
O45 - LFCP:[MD5.B594B871DF1A396EC70C34D719070D2C] - 3/02/2013 - 11:15:06 ---A- - C:\Windows\Prefetch\WMIAPSRV.EXE-29F35ED0.pf
O45 - LFCP:[MD5.6C187720B07AC92A9CA5E5B4CE961DDF] - 3/02/2013 - 11:15:14 ---A- - C:\Windows\Prefetch\PCDRREALTIME.P5X-55B02898.pf
O45 - LFCP:[MD5.FEC3A49E082A3D40E0A5ADE2A9B511EB] - 3/02/2013 - 11:15:14 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf
O45 - LFCP:[MD5.D2F760AAD491A69ABEABFF9C740F9E26] - 3/02/2013 - 11:16:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
O45 - LFCP:[MD5.BE7980F0C5D5FFFC85656F2A2B4E5A53] - 3/02/2013 - 14:43:16 ---A- - C:\Windows\Prefetch\MESSAGECENTERPLUS.EXE-733E0F5D.pf
O45 - LFCP:[MD5.2D6B9701506FB01BB54A1EA7F8EDA98A] - 3/02/2013 - 15:42:11 ---A- - C:\Windows\Prefetch\BGROOM.EXE-DF6113F2.pf
O45 - LFCP:[MD5.8D86804F4CF859A6F8A2F33CDAD788BE] - 3/02/2013 - 15:42:12 ---A- - C:\Windows\Prefetch\BGROOMLOBBY.EXE-2F8AC5A2.pf
O45 - LFCP:[MD5.A8D40B3912D40E8981016CA5601B3B23] - 3/02/2013 - 17:03:25 ---A- - C:\Windows\Prefetch\AVGMFAPX.EXE-79669D86.pf
O45 - LFCP:[MD5.A61CAB8675D3CA65E765E8632F2D7082] - 3/02/2013 - 17:04:13 ---A- - C:\Windows\Prefetch\AVGCSRVX.EXE-E74F9E10.pf
O45 - LFCP:[MD5.0D4A446800367595290AB406457B727C] - 3/02/2013 - 17:04:16 ---A- - C:\Windows\Prefetch\FIXCFG.EXE-F7D1BD57.pf
O45 - LFCP:[MD5.414098EF7DCAFDE9B2D177D174003C16] - 3/02/2013 - 17:16:25 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.519E3D67AAF99F8098AC9971956B6B18] - 3/02/2013 - 17:26:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-ECAD9571.pf
O45 - LFCP:[MD5.316331F5CE1CFFBEDFDC9F4FABC46284] - 3/02/2013 - 17:26:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.0DDC6CC041153EB9BB4C1FEF74568C6A] - 3/02/2013 - 17:29:46 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.3FD56C55A56DAB29F62B3DB20594E722] - 3/02/2013 - 17:29:47 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.247A487D41FCFBF289F7FF30704A12B9] - 3/02/2013 - 17:29:47 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.8FCF261F53AFEDCBFF0993298A966683] - 3/02/2013 - 17:29:47 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.7BC112D6DA7EE2FCEECC686BD79B2701] - 3/02/2013 - 17:37:05 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.E0F65E65555F2434C0E047649A23036E] - 3/02/2013 - 17:37:07 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
O45 - LFCP:[MD5.91E83648963BA129B73758CA034A888F] - 3/02/2013 - 17:37:52 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
O45 - LFCP:[MD5.2C3032C750E9890EDF9F1108E00FC0D6] - 3/02/2013 - 17:39:18 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.DB19C836BE9B2CD51BD7B77612049052] - 3/02/2013 - 17:42:20 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-DAED8DEA.pf
O45 - LFCP:[MD5.3187E719DD54E2B9EE505E02441D092A] - 3/02/2013 - 17:42:20 ---A- - C:\Windows\Prefetch\SVCGUIHLPR.EXE-CDFBF53D.pf
O45 - LFCP:[MD5.3B8B1E91BC42765516E95D0055386331] - 3/02/2013 - 17:42:43 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.5073F06F2E6508C8B81C3C7A5790CD75] - 3/02/2013 - 17:43:45 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.A3E2FE5F7E04DD079DF848EFDA22BFB6] - 3/02/2013 - 17:43:47 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf
O45 - LFCP:[MD5.892453FEFF8DEC1E0ACF2592D9E048B6] - 3/02/2013 - 17:43:48 ---A- - C:\Windows\Prefetch\BTWDINS.EXE-084145FD.pf
O45 - LFCP:[MD5.4E2EFE80F30D0CFF32501FF2AB5D5BF8] - 3/02/2013 - 17:43:56 ---A- - C:\Windows\Prefetch\IVIREGMGR.EXE-8051C7DF.pf
O45 - LFCP:[MD5.06248F111E300259FDF2EC67AF524F57] - 3/02/2013 - 17:43:57 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.930B8EA6765F75C2F3C0DE272F1E549D] - 3/02/2013 - 17:43:58 ---A- - C:\Windows\Prefetch\SQLWRITER.EXE-7FC57290.pf
O45 - LFCP:[MD5.FC1BD0C90494AC3276616C3B08545A11] - 3/02/2013 - 17:43:59 ---A- - C:\Windows\Prefetch\SUSERVICE.EXE-404C13E6.pf
O45 - LFCP:[MD5.764DABADC37E945F2A17D75E4A7B3B3E] - 3/02/2013 - 17:44:00 ---A- - C:\Windows\Prefetch\TVT_REG_MONITOR_SVC.EXE-5094650E.pf
O45 - LFCP:[MD5.F4DF15866ECC510505B69E4E92B10148] - 3/02/2013 - 17:44:02 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
O45 - LFCP:[MD5.1EA43227ECA681C9EA1AD8DDA036126D] - 3/02/2013 - 17:44:10 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.4A9453211B4235568502ADAB835C0D9D] - 3/02/2013 - 17:44:15 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-802CB357.pf
O45 - LFCP:[MD5.3C85103BBA4F47F99E44F4A11CE6C250] - 3/02/2013 - 17:44:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.FADB7EC4D07C260B14B6F1704ED1C8FA] - 3/02/2013 - 17:44:34 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.FCA8AE580626BD94590B81B35368754B] - 3/02/2013 - 17:44:50 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.61C4C0EBF6A84509967D30345F127116] - 3/02/2013 - 17:45:14 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.EF772748B14EFFDB52718E7D59B6F34F] - 3/02/2013 - 17:45:34 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.B7D2687F677312FEFDAD3FBFB489A086] - 3/02/2013 - 17:45:44 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.754185B487DBF654AF573DDB004DFDF9] - 3/02/2013 - 17:46:55 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.709ABA902B824DA8DB81C77F7ED93B1B] - 3/02/2013 - 17:46:55 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.0725BCED0DCE32A65131DD423DA6670A] - 3/02/2013 - 17:47:08 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
O45 - LFCP:[MD5.0E902D867523655CED48269DC76FBE7C] - 3/02/2013 - 17:48:33 ---A- - C:\Windows\Prefetch\AVGCMGR.EXE-6E8FF5A7.pf
O45 - LFCP:[MD5.E218C8618356E5DA8762CF0B5DD73CD4] - 3/02/2013 - 17:48:46 ---A- - C:\Windows\Prefetch\REALPLAY.EXE-A09C7945.pf
O45 - LFCP:[MD5.633CE98FE922D6DF99F223FA851485F5] - 30/01/2013 - 19:36:21 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-719325FF.pf
O45 - LFCP:[MD5.0F30870C8B9A2F50AB6A939868DB795A] - 30/01/2013 - 19:36:21 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.24DF4F09C59E4F8ED79086C467BC9D41] - 30/01/2013 - 19:36:21 ---A- - C:\Windows\Prefetch\QTTASK.EXE-A6BC4AB2.pf
O45 - LFCP:[MD5.5F24B8F6AD61A028D862249A1BA38C03] - 30/01/2013 - 19:42:44 ---A- - C:\Windows\Prefetch\AD-REMOVER_AD_REMOVER_2010_2.-3EDF4A55.pf
O45 - LFCP:[MD5.BC5079542D88A95F2072F4DB545A2975] - 30/01/2013 - 19:43:12 ---A- - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf
O45 - LFCP:[MD5.8C9283CB3288833E86C56BAE6CE2B9B3] - 30/01/2013 - 19:43:35 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-86E0E9B9.pf
O45 - LFCP:[MD5.39578742E728856CCEFD45519C014E8A] - 30/01/2013 - 19:43:59 ---A- - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf
O45 - LFCP:[MD5.3EB70B241F297256D27EEC9CB0D888B9] - 30/01/2013 - 19:58:11 ---A- - C:\Windows\Prefetch\AD-REMOVER_AD_REMOVER_2010_2.-C3DDEF6B.pf
O45 - LFCP:[MD5.118D5558C9EB0242B1D09CCCC214359E] - 30/01/2013 - 19:58:15 ---A- - C:\Windows\Prefetch\ADR.EXE-883A0D40.pf
O45 - LFCP:[MD5.A16242846010657566A01031ACA39242] - 30/01/2013 - 19:58:15 ---A- - C:\Windows\Prefetch\AU_.EXE-5F83D128.pf
O45 - LFCP:[MD5.F2ED18271DDD279F0465209568203BC5] - 30/01/2013 - 19:58:15 ---A- - C:\Windows\Prefetch\UN-ADR.EXE-CA750078.pf
O45 - LFCP:[MD5.9F9ABA8F6FD0F9A11DC1F271AF44C286] - 30/01/2013 - 20:01:27 ---A- - C:\Windows\Prefetch\ACTRAY.EXE-36EFBC16.pf
O45 - LFCP:[MD5.E11F7E434C936B98E0603B526DBFDB17] - 30/01/2013 - 20:01:27 ---A- - C:\Windows\Prefetch\APSDAEMON.EXE-6E0EB72B.pf
O45 - LFCP:[MD5.C3C90925A01A203BA91FFFF2DAB73EBF] - 30/01/2013 - 20:01:27 ---A- - C:\Windows\Prefetch\DVD43_TRAY.EXE-13740D2B.pf
O45 - LFCP:[MD5.273828F375659DA84B81B21CD835824C] - 30/01/2013 - 20:01:27 ---A- - C:\Windows\Prefetch\SYNTPLPR.EXE-FA172972.pf
O45 - LFCP:[MD5.4F7B70C5770B418E50792912D2CD9728] - 30/01/2013 - 20:07:01 ---A- - C:\Windows\Prefetch\DELFIX-10.0.EXE-D5223592.pf
O45 - LFCP:[MD5.80163C5E3F42C2F47AE178508968B40A] - 30/01/2013 - 20:07:02 ---A- - C:\Windows\Prefetch\PING.EXE-7E94E73E.pf
O45 - LFCP:[MD5.858E740007F0C12F88D601A784E66C66] - 30/01/2013 - 20:36:36 ---A- - C:\Windows\Prefetch\PROPERTYSYNC.EXE-E428B1FE.pf
O45 - LFCP:[MD5.38FC25BCAA722EE80686EFC87633551A] - 30/01/2013 - 20:38:11 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-EEE13F6D.pf
O45 - LFCP:[MD5.FF5019C68845EDBC69C72B906AA8C4D1] - 30/01/2013 - 20:45:09 ---A- - C:\Windows\Prefetch\IE9-WINDOWS7-X86-ENU.EXE-DEEB38C2.pf
O45 - LFCP:[MD5.A5999645259C258A94C57E8D64C0B7A7] - 30/01/2013 - 20:45:09 ---A- - C:\Windows\Prefetch\IENRCORE.EXE-56FA453F.pf
O45 - LFCP:[MD5.2895E4AA17F028878B0DB742E4E0155B] - 30/01/2013 - 21:03:05 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:[MD5.1D2C1AE08D6BCA9CB24F792B60E78DA4] - 30/01/2013 - 21:03:09 ---A- - C:\Windows\Prefetch\SCSERVER.EXE-01390C45.pf
O45 - LFCP:[MD5.B767EB98BDCBF9A513413B5B1FFF0230] - 30/01/2013 - 21:03:25 ---A- - C:\Windows\Prefetch\FLASHUTIL10C.EXE-1A30AEBE.pf
O45 - LFCP:[MD5.C6CE2749C39570A17F428E207ADDA1B3] - 30/01/2013 - 21:25:25 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-68334A07.pf
O45 - LFCP:[MD5.07B65E0D6CA5DC98FCA4E405DE735805] - 30/01/2013 - 21:28:19 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf
O45 - LFCP:[MD5.6E72AB6421846F091361FBDEE703EBE7] - 30/01/2013 - 21:31:33 ---A- - C:\Windows\Prefetch\HIJACKTHIS.EXE-9FD56571.pf
O45 - LFCP:[MD5.092D06289615AC684FE08D851206A66B] - 31/01/2013 - 00:28:31 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FDF6FDE7.pf
O45 - LFCP:[MD5.02E547776C7D156BEFEE36CFD104E820] - 31/01/2013 - 00:33:24 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf
O45 - LFCP:[MD5.AB690DF5DF74D102DAAA398040439408] - 31/01/2013 - 00:33:26 ---A- - C:\Windows\Prefetch\DROPBOX.EXE-0B495C8D.pf
O45 - LFCP:[MD5.AC3AC1634BB93EFECB41F3EEC971B12C] - 31/01/2013 - 00:34:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-771921FE.pf
O45 - LFCP:[MD5.4CBB3E7E2C4FA218B3F52D582FAF98C5] - 31/01/2013 - 00:48:07 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf
O45 - LFCP:[MD5.14BF09DB7C8D680821C755E7BD86C6CF] - 31/01/2013 - 09:10:32 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.8823C386D6046B00CBC67C96B8E663E7] - 31/01/2013 - 16:08:11 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-2E417C47.pf
O45 - LFCP:[MD5.7B78C54C947F1A6F325BF6BBFD6A5F90] - 31/01/2013 - 16:31:46 ---A- - C:\Windows\Prefetch\MCCHSVC.EXE-2510A423.pf
O45 - LFCP:[MD5.E37E0296CA229E7B9A248E6619922D25] - 31/01/2013 - 16:31:47 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-43549036.pf
O45 - LFCP:[MD5.F2C78A1D2004EB6901CAD6E475A25D53] - 31/01/2013 - 16:31:49 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.F8D7F323B1A73FC14B44CE41EF6A99A1] - 31/01/2013 - 16:31:50 ---A- - C:\Windows\Prefetch\SECURITYSCAN_INNER.EXE-AFE9E053.pf
O45 - LFCP:[MD5.F5713960C22B9D31A4C9AF0C20C88153] - 31/01/2013 - 16:31:50 ---A- - C:\Windows\Prefetch\SECURITYSCAN_RELEASE.EXE-A2FE9EFD.pf
O45 - LFCP:[MD5.D8AC8433A93543B4C4023A52CE14935E] - 31/01/2013 - 16:32:01 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-E6F5E725.pf
O45 - LFCP:[MD5.D55AEFD8F2E17A96E7A57972D9142E22] - 31/01/2013 - 16:32:01 ---A- - C:\Windows\Prefetch\SSSCHEDULER.EXE-A75B19C7.pf
O45 - LFCP:[MD5.1031207BC599DE77CFA05C8F32D3A73A] - 31/01/2013 - 16:32:30 ---A- - C:\Windows\Prefetch\MCCHSVC.EXE-DDC50F01.pf
O45 - LFCP:[MD5.FA22627042E9CB79891A3D558594CD44] - 31/01/2013 - 16:33:25 ---A- - C:\Windows\Prefetch\CONTENTDATS.EXE-82493AF7.pf
O45 - LFCP:[MD5.5AA769240182E2F29360420CCD0F1F36] - 31/01/2013 - 17:16:51 ---A- - C:\Windows\Prefetch\UNAVOSD.EXE-3C61E006.pf
~ Scan Prefetcher in 00mn 02s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\Windows\System32\ACGina.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{80310e12-747e-11df-a5d2-806e6f6e6963}\AutoRun\command. (.Lenovo Group Limited - Lenovo Factory Backup Partition Information.) -- Q:\LenovoQDrive.exe
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="L3CODECA.ACM" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\L3CODECA.ACM
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"L3CODECA.ACM"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\L3CODECA.ACM
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ----- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ----- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 1/02/2013 - 16:40:53 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89866900 floriion_fran330 01Feb2013-1537.bgf   [1151]
O61 - LFC:Last File Created 1/02/2013 - 16:47:03 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89867004 floriion_fran330 01Feb2013-1540.bgf   [1587]
O61 - LFC:Last File Created 1/02/2013 - 16:52:52 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89867223 floriion_fran330 01Feb2013-1547.bgf   [1624]
O61 - LFC:Last File Created 1/02/2013 - 16:57:30 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89867409 floriion_fran330 01Feb2013-1553.bgf   [1313]
O61 - LFC:Last File Created 1/02/2013 - 17:00:39 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89867550 floriion_fran330 01Feb2013-1557.bgf   [659]
O61 - LFC:Last File Created 1/02/2013 - 19:02:37 ---A- C:\Users\user\AppData\Local\Temp\CR_81C71.tmp\SETUP_PATCH.PACKED.7Z   [1193]
O61 - LFC:Last File Created 1/02/2013 - 19:02:39 ---A- C:\Users\user\AppData\Local\Google\Chrome\Application\24.0.1312.57\Installer\setup.exe   [1607120]
O61 - LFC:Last File Created 1/02/2013 - 19:05:16 ---A- C:\Users\user\AppData\Local\Google\Chrome\Application\24.0.1312.57\Installer\chrome.7z   [112326370]
O61 - LFC:Last File Created 1/02/2013 - 19:05:18 ---A- C:\Users\user\AppData\Local\Google\Chrome\Application\VisualElementsManifest.xml   [396]
O61 - LFC:Last File Created 2/02/2013 - 21:51:40 ---A- C:\Users\user\AppData\Local\Avg2013\log\avgidpagentmonitor.log.1   [65573]
O61 - LFC:Last File Created 27/05/2012 - 15:17:46 ---A- C:\Users\user\program setups\WiziWYG_1.0.6_4374\_INST32I.EX_   [300178]
O61 - LFC:Last File Created 3/02/2013 - 00:37:50 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89919837 clauseba_fran330 02Feb2013-2329.bgf   [1899]
O61 - LFC:Last File Created 3/02/2013 - 00:45:33 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89920171 chatless_fran330 02Feb2013-2339.bgf   [1462]
O61 - LFC:Last File Created 3/02/2013 - 00:51:07 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89920368 devine7_fran330 02Feb2013-2346.bgf   [1326]
O61 - LFC:Last File Created 3/02/2013 - 00:54:25 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89920505 devine7_fran330 02Feb2013-2351.bgf   [1102]
O61 - LFC:Last File Created 3/02/2013 - 01:01:04 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89920662 fran330_ivanovDV68 02Feb2013-2355.bgf   [1205]
O61 - LFC:Last File Created 3/02/2013 - 01:07:20 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89920794 fran330_ivanovDV68 03Feb2013-0001.bgf   [1371]
O61 - LFC:Last File Created 3/02/2013 - 01:19:27 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89921018 blotgobber_fran330 03Feb2013-0009.bgf   [1697]
O61 - LFC:Last File Created 3/02/2013 - 01:27:45 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89921315 samsunlum55_fran330 03Feb2013-0021.bgf   [1592]
O61 - LFC:Last File Created 3/02/2013 - 01:31:48 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89921435 samsunlum55_fran330 03Feb2013-0027.bgf   [1284]
O61 - LFC:Last File Created 3/02/2013 - 01:37:23 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89921527 samsunlum55_fran330 03Feb2013-0031.bgf   [1537]
O61 - LFC:Last File Created 3/02/2013 - 10:58:34 ---A- C:\Users\user\AppData\Roaming\Dropbox\shellext\l\510e34c9   [124]
O61 - LFC:Last File Created 3/02/2013 - 11:00:31 ---A- C:\Users\user\AppData\Local\Temp\au-descriptor-1.7.0_13-b20.xml   [8794]
O61 - LFC:Last File Created 3/02/2013 - 11:00:42 ---A- C:\Users\user\AppData\Local\Temp\~DF3025D5D9174CC57C.TMP   [16384]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\audio_recorder-hover.png   [4417]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\audio_recorder-normal.png   [3951]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\audio_recorder-pressed.png   [3866]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\converter-hover.png   [4079]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\converter-normal.png   [3609]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\converter-pressed.png   [3538]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\go_ad_free-hover.png   [4913]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\go_ad_free-normal.png   [4398]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\go_ad_free-pressed.png   [4346]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\help-hover.png   [3642]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\help-normal.png   [3217]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\help-pressed.png   [3152]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\media_player-hover.png   [4784]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\media_player-normal.png   [4325]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\media_player-pressed.png   [4244]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\menu_header.png   [8163]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\mp3_editor-normal.png   [3654]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\screen_recorder-hover.png   [4944]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\screen_recorder-normal.png   [4486]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\screen_recorder-pressed.png   [4370]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\seperator.png   [1066]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\video_recorder-hover.png   [4625]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\video_recorder-normal.png   [4158]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\video_recorder-pressed.png   [4077]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\video_search-hover.png   [4984]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\video_search-normal.png   [4516]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\video_search-pressed.png   [4432]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\youtube-hover.png   [5833]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\youtube-normal.png   [5356]
O61 - LFC:Last File Created 3/02/2013 - 11:00:51 ---A- C:\Users\user\AppData\Local\Temp\youtube-pressed.png   [5220]
O61 - LFC:Last File Created 3/02/2013 - 11:00:53 ---A- C:\Users\user\AppData\Local\Temp\mp3_editor-pressed.png   [14294]
O61 - LFC:Last File Created 3/02/2013 - 11:01:04 ---A- C:\Users\user\AppData\Local\Temp\mp3_editor-hover.png   [14294]
O61 - LFC:Last File Created 3/02/2013 - 11:01:31 ---A- C:\Users\user\AppData\Roaming\Dropbox\shellext\l\510e357b   [144]
O61 - LFC:Last File Created 3/02/2013 - 11:03:17 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\keyval.db   [40960]
O61 - LFC:Last File Created 3/02/2013 - 11:03:17 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\keyval.db-journal   [33344]
O61 - LFC:Last File Created 3/02/2013 - 11:14:15 ---A- C:\Users\user\AppData\Roaming\AVG2013\cfgall\userawacs.cfg   [42964]
O61 - LFC:Last File Created 3/02/2013 - 11:22:07 ---A- C:\Users\user\AppData\Roaming\Skype\shared_dynco\dc.db   [1744896]
O61 - LFC:Last File Created 3/02/2013 - 11:22:07 ---A- C:\Users\user\AppData\Roaming\Skype\shared_dynco\dc.db-journal   [1149632]
O61 - LFC:Last File Created 3/02/2013 - 12:05:21 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\chatsync\00\00f52d5bfe9b3c92.dat   [1942]
O61 - LFC:Last File Created 3/02/2013 - 15:29:35 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\msn.db   [53248]
O61 - LFC:Last File Created 3/02/2013 - 15:29:35 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\msn.db-journal   [33344]
O61 - LFC:Last File Created 3/02/2013 - 15:30:32 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\dc.db   [659456]
O61 - LFC:Last File Created 3/02/2013 - 15:31:12 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\bistats.db   [69632]
O61 - LFC:Last File Created 3/02/2013 - 15:31:12 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\bistats.db-journal   [33344]
O61 - LFC:Last File Created 3/02/2013 - 15:31:12 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\config.xml   [18277]
O61 - LFC:Last File Created 3/02/2013 - 15:31:12 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\httpfe\cookies.dat   [125]
O61 - LFC:Last File Created 3/02/2013 - 15:31:12 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\main.db   [4513792]
O61 - LFC:Last File Created 3/02/2013 - 15:31:12 ---A- C:\Users\user\AppData\Roaming\Skype\fran330\main.db-journal   [287792]
O61 - LFC:Last File Created 3/02/2013 - 15:31:13 ---A- C:\Users\user\AppData\Roaming\Skype\shared.xml   [61393]
O61 - LFC:Last File Created 3/02/2013 - 15:53:14 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89942838 abulibabuli_fran330 03Feb2013-1449.bgf   [1175]
O61 - LFC:Last File Created 3/02/2013 - 15:59:11 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89943008 abulibabuli_fran330 03Feb2013-1453.bgf   [1586]
O61 - LFC:Last File Created 3/02/2013 - 16:04:41 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89943203 abulibabuli_fran330 03Feb2013-1459.bgf   [1557]
O61 - LFC:Last File Created 3/02/2013 - 16:07:57 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89943320 abulibabuli_fran330 03Feb2013-1504.bgf   [1102]
O61 - LFC:Last File Created 3/02/2013 - 16:14:09 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89943488 abulibabuli_fran330 03Feb2013-1508.bgf   [1431]
O61 - LFC:Last File Created 3/02/2013 - 16:17:24 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89943724 abulibabuli_fran330 03Feb2013-1514.bgf   [1086]
O61 - LFC:Last File Created 3/02/2013 - 16:25:49 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89943805 abulibabuli_fran330 03Feb2013-1517.bgf   [2037]
O61 - LFC:Last File Created 3/02/2013 - 16:30:10 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89944120 abulibabuli_fran330 03Feb2013-1525.bgf   [1459]
O61 - LFC:Last File Created 3/02/2013 - 16:37:24 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89944342 Rainbow21_fran330 03Feb2013-1530.bgf   [1632]
O61 - LFC:Last File Created 3/02/2013 - 16:47:52 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89944698 belintanu_fran330 03Feb2013-1540.bgf   [1451]
O61 - LFC:Last File Created 3/02/2013 - 16:53:29 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89944978 belintanu_fran330 03Feb2013-1547.bgf   [1262]
O61 - LFC:Last File Created 3/02/2013 - 16:55:13 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89945204 Totos002_fran330 03Feb2013-1555.bgf   [174]
O61 - LFC:Last File Created 3/02/2013 - 17:03:50 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89945252 GeorgeDRG_fran330 03Feb2013-1556.bgf   [1410]
O61 - LFC:Last File Created 3/02/2013 - 17:09:13 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89945537 GeorgeDRG_fran330 03Feb2013-1603.bgf   [1141]
O61 - LFC:Last File Created 3/02/2013 - 17:20:50 ---A- C:\Users\user\AppData\Roaming\Dropbox\shellext\l\510e8e62   [148]
O61 - LFC:Last File Created 3/02/2013 - 17:21:00 ---A- C:\Users\user\AppData\Local\Temp\3HBNM3B6.exe.part   [3876312]
O61 - LFC:Last File Created 3/02/2013 - 17:41:26 ---A- C:\Users\user\AppData\Roaming\Dropbox\shellext\l\510e9336   [124]
O61 - LFC:Last File Created 3/02/2013 - 17:41:56 ---A- C:\Users\user\AppData\Roaming\OpenOffice.org\3\.lock   [140]
O61 - LFC:Last File Created 3/02/2013 - 17:41:57 ---A- C:\Users\user\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu   [253444]
O61 - LFC:Last File Created 3/02/2013 - 17:42:20 ---A- C:\Users\user\AppData\Local\Temp\~DF7DFC3530AD4727F5.TMP   [16384]
O61 - LFC:Last File Created 30/12/1899 - 17:39:06 --HA- C:\Users\user\AppData\Local\IconCache.db   [4206162]
O61 - LFC:Last File Created 31/01/2013 - 00:33:29 ---A- C:\Users\user\AppData\Roaming\Dropbox\host.db   [69]
O61 - LFC:Last File Created 31/01/2013 - 00:33:29 ---A- C:\Users\user\AppData\Roaming\Dropbox\host.dbx   [201]
O61 - LFC:Last File Created 31/01/2013 - 00:33:29 ---A- C:\Users\user\AppData\Roaming\Dropbox\unlink.db   [232]
O61 - LFC:Last File Created 31/01/2013 - 00:33:32 ---A- C:\Users\user\AppData\Roaming\Dropbox\config.dbx   [7168]
O61 - LFC:Last File Created 31/01/2013 - 00:33:32 ---A- C:\Users\user\AppData\Roaming\Dropbox\filecache.dbx   [32768]
O61 - LFC:Last File Created 31/01/2013 - 00:33:56 ---A- C:\Users\user\AppData\Roaming\Dropbox\photo.dbx   [13312]
O61 - LFC:Last File Created 31/01/2013 - 11:34:02 ---A- C:\Users\user\AppData\Local\Avg2013\log\avgdiagex.log.1   [65650]
O61 - LFC:Last File Created 31/01/2013 - 14:17:55 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822053 nayatu_fran330 31Jan2013-1311.bgf   [1272]
O61 - LFC:Last File Created 31/01/2013 - 14:22:30 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822253 nayatu_fran330 31Jan2013-1318.bgf   [831]
O61 - LFC:Last File Created 31/01/2013 - 14:27:44 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822410 GeorgeDRG_fran330 31Jan2013-1323.bgf   [1147]
O61 - LFC:Last File Created 31/01/2013 - 14:32:00 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822536 GeorgeDRG_fran330 31Jan2013-1327.bgf   [1183]
O61 - LFC:Last File Created 31/01/2013 - 14:37:04 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822654 giusca_fran330 31Jan2013-1332.bgf   [1120]
O61 - LFC:Last File Created 31/01/2013 - 14:41:27 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822803 giusca_fran330 31Jan2013-1337.bgf   [1417]
O61 - LFC:Last File Created 31/01/2013 - 14:47:17 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89822924 giusca_fran330 31Jan2013-1341.bgf   [1324]
O61 - LFC:Last File Created 31/01/2013 - 14:53:07 ---A- C:\Users\user\Documents\BGroomSaved Files\fran330\89823129 diesel108_fran330 31Jan2013-1348.bgf   [995]
O61 - LFC:Last File Created 31/01/2013 - 19:20:56 ---A- C:\Users\user\AppData\Local\Avg2013\log\krnlapi.log.1   [1024016]
~ Scan Files in 04mn 27s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.34 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 22/10/2012 - C:\Windows\System32\DRIVERS\avgidsdriverx.sys (AVGIDSDriver)  .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - LEGACY_AVGIDSDRIVER
O64 - Services: CurCS - 15/10/2012 - C:\Windows\System32\DRIVERS\avgidshx.sys (AVGIDSHX)  .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHX
O64 - Services: CurCS - 21/09/2012 - C:\Windows\System32\DRIVERS\avgidsshimx.sys (AVGIDSShim)  .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Dri.) - LEGACY_AVGIDSSHIM
O64 - Services: CurCS - 2/10/2012 - C:\Windows\System32\DRIVERS\avgldx86.sys (Avgldx86)  .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX86
O64 - Services: CurCS - 21/09/2012 - C:\Windows\System32\DRIVERS\avglogx.sys (Avglogx)  .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGX
O64 - Services: CurCS - 15/11/2012 - C:\Windows\System32\DRIVERS\avgmfx86.sys (Avgmfx86)  .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX86
O64 - Services: CurCS - 14/09/2012 - C:\Windows\System32\DRIVERS\avgrkx86.sys (Avgrkx86)  .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX86
O64 - Services: CurCS - 21/09/2012 - C:\Windows\System32\DRIVERS\avgtdix.sys (AvgTdiX)  .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIX
O64 - Services: CurCS - 12/05/2008 - C:\Windows\System32\DRIVERS\smiif32.sys (lenovo.smi)  .(.Lenovo Group Limited - SMI Driver for Lenovo system.) - LEGACY_LENOVO.SMI
O64 - Services: CurCS - 18/04/2007 - C:\Windows\System32\drivers\regi.sys (regi)  .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 2/03/2010 - C:\Windows\System32\drivers\Tppwr32v.sys (TPPWRIF)  .(.Lenovo Group Limited - Power Manager.) - LEGACY_TPPWRIF
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933..clientLogIsEnabled", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.AppTrackingLastCheckTime", "Thu Aug 16 2012 03:13:44 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.BrowserCompStateIsOpen_129681785283868963", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.BrowserCompStateIsOpen_129686665230467549", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.CTID", "CT1060933");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.CommunitiesChangesLastCheckTime", "0");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.CurrentServerDate", "27-1-2013");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DSChangedManually", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DSInstall", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DSProtectChoice", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DSProtectCount", 1);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DialogsGetterLastCheckTime", "Sat Jan 26 2013 22:41:41 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.EnableClickToSearchBox", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.EnableSearchHistory", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.EnableSearchSuggest", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.FirstServerDate", "27-4-2012");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.FirstTime", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.FirstTimeFF3", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.FirstTimeHiddenVer", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.FixPageNotFoundErrors", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.GroupingInvalidateCache", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.GroupingLastCheckTime", "0");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.GroupingLastServerUpdateTime", "0");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.HPInstall", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.HPProtectChoice", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.HPProtectCount", 1);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.HomepageBeforeUnload", "https://www.google.be/");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.Initialize", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.InstallationId", "ConduitNSISIntegration");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.InstallationType", "ConduitNSISIntegration");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.InstalledDate", "Fri Apr 27 2012 01:47:15 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.InvalidateCache", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsGrouping", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsInitSetupIni", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsMulticommunity", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsOpenThankYouPage", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.IsProtectorsInit", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LanguagePackLastCheckTime", "Sat Jan 26 2013 21:52:47 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LastLogin_3.12.2.3", "Thu May 31 2012 02:54:04 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LastLogin_3.13.0.6", "Sun Jul 15 2012 17:48:57 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LastLogin_3.14.1.0", "Wed Aug 22 2012 00:51:27 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LastLogin_3.15.1.0", "Wed Nov 07 2012 02:10:39 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LastLogin_3.16.0.100", "Sun Jan 27 2013 17:50:59 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LastLogin_3.16.0.3", "Mon Dec 31 2012 18:05:34 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.LatestVersion", "3.16.0.100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.Locale", "en-us");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.MCDetectTooltipShow", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.OriginalFirstVersion", "3.12.2.3");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioIsPodcast", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioLastCheckTime", "Sun Jan 27 2013 17:53:10 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioLastUpdateIPServer", "0");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioMediaID", "21504191");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioMediaType", "Media Player");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioShrinked", "expanded");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioStationName", "KFOG");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.RadioStationURL", "http://live.cumulusstreaming.com/KFOG-FM");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SHRINK_TOOLBAR", 1);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SavedHomepage", "http://www.google.be/");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchBackToDefaultEngine", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sat Jan 26 2013 23:36:04 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchInNewTabUserEnabled", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchProtectorEnabled", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SearchProtectorToolbarDisabled", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ServiceMapLastCheckTime", "Sat Jan 26 2013 18:11:34 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SettingsLastCheckTime", "Sun Jan 27 2013 17:53:09 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.SettingsLastUpdate", "1359295845");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.TBHomePageUrl", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Mon Aug 13 2012 03:18:41 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1331805997");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.TrusteLinkUrl", "http://trust.conduit.com/CT1060933");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.UserID", "UN06463050762407337");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.alertChannelId", "15651");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.appApproved.129272674122038321", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.approveUntrustedApps", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.autoDisableScopes", -1);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.autocompletepro_enable", "31");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.autocompletepro_enable_auto", "30");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.cbcountry_000", "4245");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.cbfirsttime", "4672692041707220323720323031322030313A34373A333320474D542B30323030");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.printitgreenstatus", "74727565");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.shoppingapp.gk.exipres", "576564204D617920303220323031322030313A34373A323420474D542B30323030")[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.backendstorage.shoppingapp.gk.geolocation", "62656C6769756D");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.components.1000080", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.components.129677514212584059", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.components.129681785283868963", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.components.129686665230467549", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Thu Aug 09 2012 10:41:21 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.initDone", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.myStuffEnabled", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.navigateToUrlOnSearch", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129032145384800518,12903214824761[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.revertSettingsEnabled", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.searchProtectorEnableByLogin", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.testingCtid", "");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sun Jan 27 2013 05:23:57 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sat Aug 04 2012 10:04:59 GMT+0200");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.usageEnabled", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CT1060933.usagesFlag", 2);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"6933b5d33aeaceac3199ae57[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", "\"1324192924\"");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "C5ZJe6gL80JBW5Cu[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "mfQ70fvlD2zuBxSBj[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "k9un27OkAvkwB2Zm[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "FqddrIU7eyJgaaLyHDe[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"")[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"")[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"")[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"")[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.100", "\"0343677cfb1cd1:0\"[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"")[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933", "\"0697a2066791d3f9dfa6c97658[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"9ce20764f6490af2030db94adc2fbe[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\user\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\mjizk69f.defa[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.MiniIPageGadgetPosition. http://storage.conduit.com/gadgets/LiveTV.html?source=http://groupemsix.vo.ll[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.MiniIPageGadgetPosition.http://freecorder.com/fc6/gadget/video.html", "246x257");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://freecorder.com/fc6/gadget/video.html", "833x245");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q[...]
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.globalUserId", "0af42704-9579-4a12-a54c-13a2ec9d4067");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jan 27 2013 16:05:55 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.alertEnabled", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jan 27 2013 16:05:55 GMT+0100");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.notifications.userId", "ae321dfd-569d-4e2a-9a31-fa31d362d39c");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.originalHomepage", "http://www.google.be/");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("CommunityToolbar.originalSearchEngine", "Google");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}");
O69 - SBI: prefs.js [user - mjizk69f.default] user_pref("browser.search.order.1", "Search Results");
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {29C60D86-657E-406D-BBBE-3153601E6DCF} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {F7514A6D-4D7A-4103-B524-9C3C6DE67B8B} [DefaultScope] - (Search.com) - http://t2-3.search.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [674304]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [149504]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.2EF0A846C5CC449FAA7949DE71E83F1C] [SPRF][29/11/2012] (...) -- C:\Users\user\AppData\LocalLow\dt.dat   [27520]
[MD5.490E2C122CF9F7126FEBBC62ED547716] [SPRF][20/11/2010] (...) -- C:\Users\user\Desktop\ArchiFacile.exe   [543232]
[MD5.4C99EE7518551F1B5881F230B8E1AB7E] [SPRF][3/02/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\Desktop\ZHPDiag2.exe   [3876312]
[MD5.7C5B2630C7B36B944F2CB181D59005E5] [SPRF][4/03/2011] (.Audacity Team - Audacity 1.3 Beta (Unicode) Setup.) -- C:\Program Files\audacity-win-unicode-1.3.12.exe   [11873890]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{7104A176-7B04-496F-84A4-6E4AFC794041}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{DD00819A-311A-4520-8014-5B5A974FB4B2}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{49740798-B466-4CEA-A3D6-ED6C19E23E4A}C:\program files\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "UDP Query User{6814B4E2-0FED-4A0D-BCBC-69870CFC3BCE}C:\program files\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "TCP Query User{C0FE6CBE-C5C6-4668-ACB1-ACE699885049}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{AAEF06EC-4EE9-4352-A12B-CA8F75132086}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{F3603EDC-1F36-4C1B-A68D-82D21FDCEB8F}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{24ED3C20-A79D-4FDD-BAF4-D0FC8EB6D8E1}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{F127265A-D4FC-47C5-99EB-E124E38CFE7A}C:\program files\jalbum\jalbum.exe" | In - Private - P6 - TRUE | .(.Jalbum AB - jAlbum.) -- C:\program files\jalbum\jalbum.exe
O87 - FAEL: "UDP Query User{F64111A8-FAA1-45A8-A89D-9B1240CCAF95}C:\program files\jalbum\jalbum.exe" | In - Private - P17 - TRUE | .(.Jalbum AB - jAlbum.) -- C:\program files\jalbum\jalbum.exe
O87 - FAEL: "TCP Query User{7A494D95-533C-4E3F-AB65-9A6161ED4117}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" | In - Private - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
O87 - FAEL: "UDP Query User{4C4C4BC4-A686-4CB9-9DE1-BC2EAC644745}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" | In - Private - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
O87 - FAEL: "{DAEA4BCD-8D2E-486F-B130-F36FF0D03F9E}" | In - Private - P6 - TRUE | .(.Google - Google Talk Plugin.) -- C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
O87 - FAEL: "{50DB3634-C616-47B1-87EC-F7D45B784D14}" | In - Private - P17 - TRUE | .(.Google - Google Talk Plugin.) -- C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
O87 - FAEL: "{3A450047-FAD4-44CB-BC4F-4A742449784E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
O87 - FAEL: "{5E114B8D-82D2-4A96-A5F5-9164C7088766}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
O87 - FAEL: "{B8F03799-D1A6-4FD5-8844-A4D7006F10B2}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
O87 - FAEL: "{5F09DF07-D07D-4551-89C5-3277C197AB67}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
O87 - FAEL: "{B23660F9-A76E-4E45-A186-A971E577C9D6}" | In - Public - P6 - TRUE | .(.Google - Google Talk Plugin.) -- C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
O87 - FAEL: "{A7387CD6-5DD3-4E8A-AD04-AEBC298B14BA}" | In - Public - P17 - TRUE | .(.Google - Google Talk Plugin.) -- C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
O87 - FAEL: "{9A1A76E4-AFB9-48DE-93C5-5ABF3CE58B34}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{68D8CA61-E9DB-479A-9DDF-3A2A8E848A74}C:\program files\photobie\photobie.exe" | In - Private - P6 - TRUE | .(.Photobie Design - Photobie Design Studio.) -- C:\program files\photobie\photobie.exe
O87 - FAEL: "UDP Query User{C01487A2-A37B-46B2-94E6-B65DF06522D3}C:\program files\photobie\photobie.exe" | In - Private - P17 - TRUE | .(.Photobie Design - Photobie Design Studio.) -- C:\program files\photobie\photobie.exe
O87 - FAEL: "{DF9FF267-EAFA-4BA6-A8DC-52B3A4E212F8}" | In - Public - P17 - TRUE | .(.Photobie Design - Photobie Design Studio.) -- C:\program files\photobie\photobie.exe
O87 - FAEL: "{0416ACA9-BD51-4171-A02D-D41E742DC941}" | In - Public - P6 - TRUE | .(.Photobie Design - Photobie Design Studio.) -- C:\program files\photobie\photobie.exe
O87 - FAEL: "{BD6BA395-F011-42AC-8BA6-85A67EECD688}" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{8A36B692-4EAA-42B3-92AB-EEFED6047B8D}" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{8D43515D-C034-4897-BFFC-2C684835BED9}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{B2A9B60D-C69D-4B00-84AD-0E1418843B6E}" | In - Public - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Installer Application.) -- C:\Program Files\AVG\AVG2013\avgmfapx.exe
O87 - FAEL: "{E8F2AAA4-9195-4EC1-934C-1046E5A11E29}" | In - Public - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Installer Application.) -- C:\Program Files\AVG\AVG2013\avgmfapx.exe
O87 - FAEL: "TCP Query User{335713FF-EBF4-4482-8328-70DE21A2B1B8}C:\program files\java\jre7\bin\java.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{23E83107-F449-426E-8BF5-AF052498C834}C:\program files\java\jre7\bin\java.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "{17EC94E4-B807-4C1B-B7BF-8A7D120E7111}" | In - Public - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "{4B275489-6341-4C59-9339-F3A5639F819C}" | In - Public - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "{A37D60B7-3D66-45A6-834A-43B3875E4C7F}" | In - Public - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
O87 - FAEL: "{816AFFB8-0F02-4563-9A1A-8BB50B9302CA}" | In - Public - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
O87 - FAEL: "{EE5D145C-581D-4DF2-A2CB-3785718579B2}" | In - Public - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Diagnostics.) -- C:\Program Files\AVG\AVG2013\avgdiagex.exe
O87 - FAEL: "{45870EE4-132F-48A0-8DED-E479EED47ED2}" | In - Public - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Diagnostics.) -- C:\Program Files\AVG\AVG2013\avgdiagex.exe
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.10502 - (1/02/2013)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 8
Fichiers trouvés  (Files found) : 2

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Agent
[HKCU\Software\ambuhelper1]   =>Adware.Moozy
C:\Program Files\Moozy   =>Adware.Moozy
C:\Program Files\Windows Searchqu Toolbar   =>Adware.Bandoo
C:\ProgramData\AVG January 2013 Campaign   =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\Conduit   =>Toolbar.Conduit
C:\Users\user\AppData\LocalLow\Conduit   =>Toolbar.Conduit
C:\Users\user\AppData\LocalLow\searchquband   =>Adware.Bandoo
C:\Users\user\AppData\LocalLow\searchqutoolbar   =>Adware.Bandoo
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\searchqutoolbar   =>Adware.Bandoo
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\SearchPlugins\conduit.xml   =>Toolbar.Conduit
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mjizk69f.default\SearchPlugins\SearchResults.xml   =>Toolbar.Agent
~ Scan Additionnel in 00mn 09s



---\\ Recherche détournement de DNS routeur (O89) (None)

---\\ Product Upgrade Codes (O90)
O90 - PUC: "00002105501100000000000000F01FEC" . (.Microsoft Office 2007 Primary Interop Assemblies.) -- C:\Windows\Installer\{50120000-1105-0000-0000-0000000FF1CE}\misc.exe,6
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "0C7EC0FA4E3A37D489B82B1978CEE6A9" . (.QuickTime.) -- C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\Installer.ico
O90 - PUC: "143D939A40A5A0E4BB55E3563B6834D2" . (.Microsoft Office Small Business Connectivity Components.) -- C:\Windows\Installer\{A939D341-5A04-4E0A-BB55-3E65B386432D}\ARPPRODUCTICON.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "270FFACCBDD4648469D3510FA2E84927" . (.Intel(R) PROSet/Wireless WiFi Software.) -- C:\Windows\Installer\{CCAFF072-4DDB-4846-963D-15F02A8E9472}\ARPPRODUCTICON.exe
O90 - PUC: "342F383BCBA065E4AA0329B3D85870E6" . (.Rescue and Recovery.) -- C:\Program Files\Lenovo\Rescue and Recovery\rnr_gui.exe,1
O90 - PUC: "352AD8F172C310B46AA3AB5333218033" . (.Microsoft Research AutoCollage Touch 2009.) -- C:\Windows\Installer\{1F8DA253-3C27-4B01-A63A-BA3533120833}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "38E1FB04BE028D11795C00905C206085" . (.Power2Go.) -- C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe
O90 - PUC: "3B9E3B7B41BF729498B49E215490FAA5" . (.Adobe Flash Player 10 ActiveX.) -- c:\Windows\Installer\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}\ARPPRODUCTICON.exe
O90 - PUC: "3f3fe3bafd20ef74da986200a42e4926" . (.Module linguistique de Microsoft Office 2007 – French/Français (pour Office Outlook 2007 avec le Gestionnaire de contacts professionnels SP1).) -- C:\Windows\Installer\{ab3ef3f3-02df-47fe-ad89-26004ae2946
O90 - PUC: "42C6FBF1DF1C10144AB2C065F4E9E897" . (.PowerStarter.) -- C:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "487EA05EEBAFAD641A8FB7B665CD2BE2" . (.Microsoft Office Suite Activation Assistant.) -- C:\Windows\Installer\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}\ARPPRODUCTICON.exe
O90 - PUC: "49648A64CE950F8469C4E7679E8F2ADE" . (.ThinkVantage Active Protection System.) -- C:\Windows\Installer\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}\ARPPRODUCTICON.exe
O90 - PUC: "498735E8955A06D43BBC4F84E5D3423E" . (.ThinkVantage Access Connections.) -- C:\Windows\Installer\{8E537894-A559-4D60-B3CB-F4485E3D24E3}\ARPPRODUCTICON.exe
O90 - PUC: "4A94D9E94FD183147BBDD5788A3980E8" . (.ThinkPad Bluetooth with Enhanced Data Rate Software.) -- C:\Windows\Installer\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}\ARPPRODUCTICON.exe
O90 - PUC: "4ACBE7FAFAF98CD4D8907658B48BD443" . (.RealDownloader.) -- C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\AddRemoveProgramsIcon
O90 - PUC: "56023d36d54082344a95d6c465452080" . (.Microsoft Office Language Pack 2007 – Deutsch (für Office Outlook 2007 mit Business Contact Manager SP1).) -- C:\Windows\Installer\{63d32065-045d-4328-a459-6d4c56540208}\ARPIcon.ico
O90 - PUC: "6315CD058E12CB84795EA10D556F0B6B" . (.Create Recovery Media.) -- C:\Program Files\Lenovo\Factory Recovery\recovburncd.exe,0
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.01) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "72B17402207D8EF4D8CE7020CCC8A058" . (.WinDVD.) -- C:\Windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\ARPPRODUCTICON.exe
O90 - PUC: "74846C52009BDA841A46B1F4B9776405" . (.System Update.) -- c:\Windows\Installer\{25C64847-B900-48AD-A164-1B4F9B774650}\ARPPRODUCTICON.exe
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "7DDFFFA258DE09A4C825D59ABECDB9F8" . (.Microsoft SQL Server 2005 Express Edition (MSSMLBIZ).) -- c:\Windows\Installer\{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}\ARPIcon.ico
O90 - PUC: "82D6625F2B0E0314FB5CEE51A55D41CD" . (.Apple Application Support.) -- C:\Windows\Installer\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}\WinInstall.ico
O90 - PUC: "90404A0900063D11C8EF10054038389C" . (.Microsoft Office 2003 Web Components.) -- C:\Windows\Installer\{90A40409-6000-11D3-8CFE-0150048383C9}\misc.exe,6
O90 - PUC: "9504C23BA7E6FE14DA0265FD81279B32" . (.Business Contact Manager for Outlook 2007 SP2.) -- C:\Windows\Installer\{B32C4059-6E7A-41EF-AD20-56DF1872B923}\ARPIcon.ico
O90 - PUC: "98B4807E0E963B641A81F8990D9688DC" . (.Microsoft SQL Server VSS Writer.) -- c:\Windows\Installer\{E7084B89-69E0-46B3-A118-8F99D06988CD}\ARPIco
O90 - PUC: "A05BA689725AD6F4E8B878CFF3C0D2AB" . (.Mobile Broadband.) -- C:\Windows\Installer\{986AB50A-A527-4F6D-8E8B-87FC3F0C2DBA}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "B3A133DF5A7F13C48B4DFD14C358FAA7" . (.Message Center Plus.) -- C:\Program Files\Lenovo\Message Center Plus\MessageCenterPlus.exe,0
O90 - PUC: "C040820900063D11C8EF00054038389C" . (.Microsoft Office XP Professional avec FrontPage.) -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe,6
O90 - PUC: "c7ba6794f3744124f8ad5d9605232701" . (.Microsoft® Office Language Pack 2007 – Nederlands (voor Office Outlook 2007 met Business Contact Manager SP1).) -- C:\Windows\Installer\{4976ab7c-473f-4214-8fda-d56950327210}\ARPIcon.ico
O90 - PUC: "C9335768C821DD4438FBA0D5A6DB2879" . (.ThinkVantage System Update.) -- c:\Program Files\Lenovo\System Update\Tvsu.exe
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "CF4F71AEFBDF8FC45A92D28913230D35" . (.Skype™ 6.0.) -- C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "E4610622F4F25764597724BFEFDFB847" . (.Search.com Toolbar v6.6.) -- C:\Windows\Installer\{2260164E-2F4F-4675-9577-42FBFEFD8B74}\ARPPRODUCTICON.exe
O90 - PUC: "E778A46CD8FD7104AA2800A0776C8D90" . (.Verizon Wireless Mobile Broadband Self Activation.) -- C:\Windows\Installer\{C64A877E-DF8D-4017-AA82-000A77C6D809}\ARPPRODUCTICON.exe
O90 - PUC: "E876D35FF83217A4792480BB76479ECD" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{F53D678E-238F-4A71-9742-08BB6774E9DC}\fssicon.ico
O90 - PUC: "EE3C5F35DE50038499B4052B0F5DF0EC" . (.Microsoft SQL Server Setup Support Files (English).) -- c:\Windows\Installer\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}\ARPIcon.ico
O90 - PUC: "F23D07676EAD94E4C8B83B0FB8B56168" . (.Microsoft SQL Server Native Client.) -- c:\Windows\Installer\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}\ARPIco
O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico
~ Scan Files in 00mn 00s



---\\ MyComputer Name Space (O92)
O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
~ Scan MNS in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 1/03/2010 124264 |  (AcPrfMgrSvc) . (.Lenovo.) - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
SR - | Auto 1/03/2010 259432 |  (AcSvc) . (.Lenovo.) - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 28/01/2013 251400 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 15/11/2012 5814904 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2013\avgidsagent.exe
SR - | Auto 22/10/2012 196664 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
SR - | Auto 2/07/2009 582944 |  (btwdins) . (.Broadcom Corporation..) - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
SR - | Auto 21/09/2009 858384 |  (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 22/12/2009 136120 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 7/08/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 18/08/2009 38176 |  (IBMPMSVC) . (.Lenovo.) - C:\Windows\System32\ibmpmsvc.exe
SR - | Auto 5/01/2007 112152 |  (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - | Auto 3/07/2009 45424 |  (LENOVO.MICMUTE) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
SS - | Demand 26/10/2012 234776 |  (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.313\McCHSvc.exe
SS - | Demand 19/01/2013 115608 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 2/03/2010 75112 |  (Power Manager DBC Service) . (.Lenovo.) - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
SR - | Auto  38608 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 21/09/2009 473360 |  (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 22/09/2010 249136 |  (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Auto 9/11/2012 160944 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 10/02/2010 28672 |  (SUService) . (.Lenovo Group Limited.) - c:\Program Files\Lenovo\System Update\SUService.exe
SR - | Auto 28/08/2009 1019904 |  (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited.) - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
SS - | Demand 30/12/1899 0 | C:\Windows\System32\TPHDEXLG.exe (TPHDEXLGSVC) . (.Lenovo..) - c:\System32\TPHDEXLG.exe
SR - | Auto 15/07/2009 62320 |  (TPHKSVC) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
SS - | Demand 4/09/2009 1474560 |  (TVT Backup Service) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
SS - | Demand 26/09/2011 18432 |  (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
SS - | Demand  8158720 |  (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 03s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by user at 3/02/2013 17:56:06

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll dvd43llh.sys iaStor.sys 
C:\Windows\System32\DRIVERS\dvd43llh.sys RIF DVD For Free
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x83039BC5] -> \Device\Harddisk0\DR0[0x868EB9B0]
3 CLASSPNP[0x891C159E] -> ntkrnlpa!IofCallDriver[0x83039BC5] -> [0x85B318B0]
5 ACPI[0x88AAD3D4] -> ntkrnlpa!IofCallDriver[0x83039BC5] -> \Device\Ide\IAAStorageDevice-1[0x85ACF028]
kernel: MBR read successfully
user & kernel MBR OK 
copy of MBR has been found in sector 8 !
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by user at 3/02/2013 17:56:08

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (2124 lines in 11mn 13s)(0)