Rapport de ZHPDiag v2013.5.9.75 par Nicolas Coolman, Update du 07/05/2013
Run by natilyas at 10/05/2013 23:36:52
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540
GCIE: Google Chrome v26.0.1410.64 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ System Optimizer
CCleaner v4.01  =>Piriform Ltd

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3834 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 223 GB (77%) free of 288 GB

---\\ Logged in mode
~ Computer Name: SONY-VAIO
~ User Name: natilyas
~ All Users Names: natilyas, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\natilyas\AppData\Roaming\
~ %Desktop% : C:\Users\natilyas\Desktop\
~ %Favorites% : C:\Users\natilyas\Favorites\
~ %LocalAppData% : C:\Users\natilyas\AppData\Local\
~ %StartMenu% : C:\Users\natilyas\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 223 Go of 288 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 27 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/444
~ Mes Videos (My Videos) : 2/6
~ Mes Favoris (My Favorites) : 1/36
~ Mes Documents (My Documents) : 2/263
~ Mon Bureau (My Desktop) : 2/147
~ Menu demarrer (Programs) : 1/24
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4767304] [PID.2536]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe   [81016] [PID.4856]
[MD5.5397E32E882C0148CEC13D9EACFB7157] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe   [222208] [PID.3032]
[MD5.5092AA3E1FEA13BE699136751DC50DCB] - (.ArcSoft, Inc. - ArcSoft Magic-i Visual Effects.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe   [401408] [PID.2880]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe   [207424] [PID.3296]
[MD5.26EECFB26116C14AEA848D46B1F073A4] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7270400] [PID.3732]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [45248] [PID.1232]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65192] [PID.1792]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe   [360224] [PID.2844]
[MD5.CB5B94EE1775FA4CD6B133F1745003C6] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe   [217456] [PID.3004]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe   [7168] [PID.2420]
[MD5.0949E8607FEFA7739715810170025083] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe   [120176] [PID.2116]
[MD5.D347D3ABE070AA09C22FC37121555D52] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe   [44736] [PID.2772]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe   [113152] [PID.2304]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [aaaaojmikegpiepcfdkkjaplodkpfmlo] Ask Toolbar v.7.15.23.42079 (Désactivé)  =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [aaaapoomnboffjcgcebabolakmhbblbk] Ask Toolbar v.7.15.4.0 (Désactivé)  =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Chrome Web Store v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [bhmmomiinigofkjcapegjjndpbikblnp] WOT v.1.4.11, (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] Adblock Plus v.1.4, (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.8.0.1483, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 16 Scanned in 00mn 55s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll
~ Firefox Browser: 1 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 15 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 2



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WOT Helper [64Bits] - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} . (...) -- C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Simple Adblock - Simple Adblock Module.) -- C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
~ BHO: 8 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: WOT [64Bits] - [HKLM]{71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files (x86)\WOT\WOT.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.) 
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe 
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe 
O4 - GS\SendTo: Evernote for VAIO.lnk . (.Evernote Corp., 333 W Evelyn Ave. Mountain - Evernote for Windows.)  -- C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe 
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe 
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
O4 - GS\Desktop: 7-Zip File Manager.lnk . (...)  -- C:\Program Files (x86)\7-Zip\7zFM.exe (.not file.)
O4 - GS\Desktop: Capture avatar futur - Raccourci.lnk . (...)  -- C:\Users\natilyas\Pictures\Capture avatar futur.PNG 
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop: Microsoft Visual Basic 2010 Express.lnk . (.Microsoft Corporation - Microsoft Visual Basic 2010 Express.)  -- C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\vbexpress.exe 
O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.)  -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 
O4 - GS\Desktop: SecurityCheck - Raccourci.lnk . (...)  -- C:\Users\natilyas\Downloads\SecurityCheck.exe
O4 - GS\Desktop: SXCU - Raccourci.lnk . (...)  -- C:\Users\natilyas\Downloads\SXCU.exe
O4 - GS\Desktop: ToolsDiag_x64 - Raccourci.lnk . (...)  -- C:\Users\natilyas\Downloads\ToolsDiag_x64.exe
O4 - GS\Desktop: ZHPDiag2 - Raccourci.lnk . (.Nicolas Coolman - ZHPDiag.)  -- C:\Users\natilyas\Downloads\ZHPDiag2.exe 
~ Global Startup:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E513C40-6160-4BE9-BA05-FD1C1164374C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{30625CBE-05E0-49E4-8016-F1FA70204A25}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E513C40-6160-4BE9-BA05-FD1C1164374C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{30625CBE-05E0-49E4-8016-F1FA70204A25}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E513C40-6160-4BE9-BA05-FD1C1164374C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{30625CBE-05E0-49E4-8016-F1FA70204A25}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wot [64Bits] - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files\WOT\WOT.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Roxio Upnp Server 10 (Roxio Upnp Server 10) . (.Sonic Solutions - RoxioUpnpService10 Module.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) . (.Sony Corporation - VAIO Care Performance Service.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: CamMonitor (uCamMonitor) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VSNService (VSNService) . (.Sony Corporation - VAIO Smart Network Service.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
~ Services: 11 Scanned in 00mn 05s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1078]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1082]
[MD5.479901C99FA62D1C3261B7ACB1228DAD] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [256904]
[MD5.AB3C4A3667AEAD147F175721D8719B78] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [250248]
[MD5.42BC01952E1ED3152DDE0C0C9C2012D4] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3545880]  =>Piriform Ltd
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [135664]
[MD5.00000000000000000000000000000000] [APT] [{9EA36A56-9032-4D98-8023-EA752BECCA38}] (...) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe (.not file.)   [0]  =>P2P.BitTorrent
[MD5.1A6639A8A0835C105AE21211BEB3BBD2] [APT] [VAIO Gate] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe   [2357408]
~ Scheduled Task: 13 Scanned in 00mn 05s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: AMD USB Filter Driver - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {987B04C4-B5AC-4AD6-A7E9-8D681085B850}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {FED99701-A3A5-CE6B-4D04-DECF94784B89}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.02) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Alps Pointing-device for VAIO - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: ArcSoft Magic-i Visual Effects 2 - (.ArcSoft.) [HKLM][64Bits] -- {7BB90344-0647-468E-925A-7F69F7983421}
O42 - Logiciel: ArcSoft WebCam Companion 3 - (.ArcSoft.) [HKLM][64Bits] -- {DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner  =>Piriform Ltd
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {9EAC0E21-510E-4259-A9C6-F5D5B8969036}
O42 - Logiciel: Evernote - (.Evernote Corp..) [HKLM][64Bits] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4}
O42 - Logiciel: Gestion de l’alimentation de VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {803E4FA5-A940-4420-B89D-A8BC2E160247}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: Lecture à distance avec PlayStation®3 - (.Sony Corporation.) [HKLM][64Bits] -- {07441A52-E208-478A-92B7-5C337CA8C131}
O42 - Logiciel: LibreOffice 4.0.2.2 - (.The Document Foundation.) [HKLM][64Bits] -- {1062AD6C-80F4-4BC6-AB7C-A28892B497B8}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Media Gallery - (.Your Company Name.) [HKLM][64Bits] -- {115B60D5-BBDB-490E-AF2E-064D37A3CE01}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Help Viewer 1.0 Language Pack - FRA
O42 - Logiciel: Move Media Player - (.Move Networks.) [HKCU][64Bits] -- Move Media Player
O42 - Logiciel: MusicStation - (.Omnifone.) [HKLM][64Bits] -- {AB259D46-F851-41B0-9AFA-AED8998AD68A}
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM][64Bits] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
O42 - Logiciel: Outil de restauration de données VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM][64Bits] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM][64Bits] -- {339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {133D3F07-D558-46CE-80E8-F4D75DBBAD63}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {22008CF9-2B54-4022-AFD8-3B7D42C89E6B}
O42 - Logiciel: Paramètres de contrôle du contenu VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {06C05B90-2127-4933-8ABA-61833BDE13FA}
O42 - Logiciel: Paramètres des fonctions d'origine VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {04EAE65A-CDCF-480F-B754-5C3A9364239C}
O42 - Logiciel: Prise en charge du transfert VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}
O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: Roxio Central Audio - (.Roxio.) [HKLM][64Bits] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Central Copy - (.Roxio.) [HKLM][64Bits] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Central Core - (.Roxio.) [HKLM][64Bits] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Central Data - (.Roxio.) [HKLM][64Bits] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Central Tools - (.Roxio.) [HKLM][64Bits] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Easy Media Creator 10 LJ - (.Roxio.) [HKLM][64Bits] -- {537BF16E-7412-448C-95D8-846E85A1D817}
O42 - Logiciel: Roxio Easy Media Creator Home - (.Roxio.) [HKLM][64Bits] -- {FE51662F-D8F6-43B5-99D9-D4894AF00F83}
O42 - Logiciel: SOHLib Merge Module - (.Sony Corporation.) [HKLM][64Bits] -- {4A221E47-E361-45C3-886A-7B2D7AD0E5AA}
O42 - Logiciel: Service Pack 1 pour SQL Server 2008 (KB968369) (64-bit) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB968369
O42 - Logiciel: Setting Utility Series - (.Sony Corporation.) [HKLM][64Bits] -- {A7DA438C-2E43-4C20-BFDA-C1F4A6208558}
O42 - Logiciel: Setup_VEP_x64 - (.Sony Corporation.) [HKLM][64Bits] -- {7BF099BD-10EE-4B04-A195-CAE2742C943E}
O42 - Logiciel: Setup_msm_VCMS_x64 - (.Sony Corporation.) [HKLM][64Bits] -- {1C6B6716-84AC-412A-A296-247D41EBB7FB}
O42 - Logiciel: Setup_msm_VOFS_x64 - (.Sony Corporation.) [HKLM][64Bits] -- {C69A835B-67A5-4542-AD24-FE36E3140BA9}
O42 - Logiciel: Simple Adblock - (.Simple Adblock.) [HKLM][64Bits] -- {B4920103-09F6-4AD2-B150-CFC4474D2DDC}
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Sony Home Network Library - (.Sony Corporation.) [HKLM][64Bits] -- {A6B90666-2A1F-49E8-A40E-27EAAD11C096}
O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM][64Bits] -- {2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
O42 - Logiciel: VAIO - Media Gallery - (.Sony Corporation.) [HKLM][64Bits] -- {D9670A80-DED7-44FE-9B8C-94CEA3F7E035}
O42 - Logiciel: VAIO - PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}
O42 - Logiciel: VAIO - PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}
O42 - Logiciel: VAIO Care - (.Sony Corporation.) [HKLM][64Bits] -- {36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM][64Bits] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO DVD Menu Data - (.Sony Corporation.) [HKLM][64Bits] -- {596BED91-A1D8-4DF1-8CD1-1C777F7588AC}
O42 - Logiciel: VAIO Entertainment Platform - (.Sony Corporation.) [HKLM][64Bits] -- {0489D044-6386-4BDF-9F98-577D60CF79DD}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM][64Bits] -- {C7477742-DDB4-43E5-AC8D-0259E1E661B1}
O42 - Logiciel: VAIO Gate - (.Sony Corporation.) [HKLM][64Bits] -- {A7C30414-2382-4086-B0D6-01A88ABA21C3}
O42 - Logiciel: VAIO Gate Default - (.Sony Corporation.) [HKLM][64Bits] -- {B7546697-2A80-4256-A24B-1C33163F535B}
O42 - Logiciel: VAIO Manual - (.Sony Corporation.) [HKLM][64Bits] -- {C6E893E7-E5EA-4CD5-917C-5443E753FCBD}
O42 - Logiciel: VAIO Media plus - (.Sony Corporation.) [HKLM][64Bits] -- {8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}
O42 - Logiciel: VAIO Media plus Opening Movie - (.Sony Corporation.) [HKLM][64Bits] -- {9238E8A4-BEBA-43A3-B926-769BDBF194C5}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM][64Bits] -- {6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO Premium Partners - (.Sony Europe.) [HKLM][64Bits] -- VAIO Premium Partners
O42 - Logiciel: VAIO Smart Network - (.Sony Corporation.) [HKLM][64Bits] -- {0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}
O42 - Logiciel: VAIO Wallpaper Contents - (.Sony Corporation.) [HKLM][64Bits] -- {D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}
O42 - Logiciel: VAIO screensaver - (.Sony Europe.) [HKLM][64Bits] -- VAIO screensaver
O42 - Logiciel: VMp MergeModule x64 - (.Default Company Name.) [HKLM][64Bits] -- {5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}
O42 - Logiciel: VU5x64 - (.Sony Corporation .) [HKLM][64Bits] -- {6B7DE186-374B-4873-AEC1-7464DA337DD6}
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {9D12A8B5-9D41-4465-BF11-70719EB0CD02}
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}
O42 - Logiciel: Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {D60023FA-3DF1-4537-93DD-13024CC4E366}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: WOT for Internet Explorer - (.WOT Services Oy.) [HKLM][64Bits] -- {DCAEC601-735C-41AE-B84F-D792F09FB7D1}
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405) - (.Broadcom.) [HKLM][64Bits] -- 930E4792BDAEAFB62A9514EE7578775658A5D07C
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM][64Bits] -- 3BA80AB4C7E9F8497C115C844953A3D4BEB84D21
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
~ Logic: 129 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Against Intuition]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArcSoft]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EasyBits]
[HKCU\Software\Evernote]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore]  =>PUP.InstallCore
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Settings]
[HKCU\Software\Skype]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SpecItems]
[HKCU\Software\SysInternals]
[HKCU\Software\The Document Foundation]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Widcomm]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\7-Zip]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Alps]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\ArcSoft]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Debug]
[HKLM\Software\Wow6432Node\DelFix]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\LibreOffice]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Roxio]
[HKLM\Software\Wow6432Node\SimpleAdblock]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Sony Corporation]
[HKLM\Software\Wow6432Node\Sony]
[HKLM\Software\Wow6432Node\SymNRT]
[HKLM\Software\Wow6432Node\The Document Foundation]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\illiminable]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 150 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/03/2013 - 01:24:56 - [119,658] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 21/08/2010 - 23:31:07 - [0,077] ----D C:\Program Files (x86)\AMD
O43 - CFD: 21/08/2010 - 23:59:06 - [130,535] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 21/08/2010 - 23:30:17 - [85,859] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 18/04/2013 - 01:11:22 - [207,208] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 21/08/2010 - 23:34:15 - [76,595] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 26/11/2012 - 15:31:34 - [0] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 04/07/2011 - 19:50:50 - [368,260] ----D C:\Program Files (x86)\Google
O43 - CFD: 09/03/2012 - 00:25:16 - [479,586] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 09/04/2013 - 20:52:01 - [4,896] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 18/04/2013 - 01:10:22 - [122,327] ----D C:\Program Files (x86)\Java
O43 - CFD: 05/04/2013 - 11:48:16 - [308,751] ----D C:\Program Files (x86)\LibreOffice 4.0
O43 - CFD: 27/04/2013 - 17:20:31 - [13,304] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 22/08/2010 - 00:03:33 - [0,216] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 25/12/2012 - 16:00:20 - [0] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 27/06/2012 - 21:27:36 - [23,064] ----D C:\Program Files (x86)\Microsoft SDKs
O43 - CFD: 13/03/2013 - 20:40:45 - [40,835] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 27/06/2012 - 21:41:00 - [37,652] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 22/08/2010 - 00:04:55 - [7,493] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 21/08/2010 - 23:43:12 - [0,639] ----D C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 27/06/2012 - 21:46:27 - [224,788] ----D C:\Program Files (x86)\Microsoft Visual Studio 10.0
O43 - CFD: 27/06/2012 - 21:41:09 - [0,201] ----D C:\Program Files (x86)\Microsoft Visual Studio 9.0
O43 - CFD: 27/06/2012 - 21:40:26 - [1,248] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/06/2011 - 18:04:32 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 06/03/2011 - 12:44:47 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 18/12/2012 - 19:52:24 - [7,658] ----D C:\Program Files (x86)\MusicStation
O43 - CFD: 24/12/2012 - 01:13:21 - [0,000] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 21/08/2010 - 23:30:36 - [14,620] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [58,609] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/08/2010 - 23:49:18 - [6,615] ----D C:\Program Files (x86)\Roxio
O43 - CFD: 08/04/2013 - 12:23:59 - [18,060] R---D C:\Program Files (x86)\Skype
O43 - CFD: 26/05/2011 - 22:44:49 - [724,212] ----D C:\Program Files (x86)\Sony
O43 - CFD: 21/08/2010 - 23:58:58 - [11,185] ----D C:\Program Files (x86)\Sony Corporation
O43 - CFD: 21/08/2010 - 23:24:40 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 21/08/2010 - 23:49:46 - [124,257] ----D C:\Program Files (x86)\VAIO screensavers
O43 - CFD: 27/11/2012 - 01:47:21 - [6,503] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 22/08/2010 - 09:10:04 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 22/08/2010 - 00:05:45 - [132,568] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 22/08/2010 - 00:03:10 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 25/04/2011 - 13:28:53 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 25/04/2011 - 13:28:53 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 25/04/2011 - 13:28:53 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 25/04/2011 - 13:28:53 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 25/04/2011 - 13:28:53 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 14/03/2013 - 16:11:31 - [1,342] ----D C:\Program Files (x86)\WOT
O43 - CFD: 10/05/2013 - 23:37:58 - [16,689] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 03/03/2013 - 01:25:07 - [6,274] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 21/08/2010 - 23:34:59 - [12,454] ----D C:\Program Files (x86)\Common Files\ArcSoft
O43 - CFD: 21/08/2010 - 23:34:57 - [3,111] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 18/04/2013 - 01:11:22 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 18/12/2012 - 19:51:01 - [31,810] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 21/08/2010 - 23:49:19 - [4,583] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 21/08/2010 - 23:49:19 - [40,487] ----D C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/03/2013 - 16:04:33 - [1,783] ----D C:\Program Files (x86)\Common Files\Simple Adblock
O43 - CFD: 08/04/2013 - 12:23:59 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 21/08/2010 - 23:49:19 - [1,393] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 25/04/2011 - 19:07:58 - [53,252] ----D C:\Program Files (x86)\Common Files\Sony Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 08/11/2011 - 20:35:01 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 21/08/2010 - 23:59:57 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 09/04/2013 - 22:42:00 - [284,661] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 17/04/2011 - 20:07:09 - [1,613] ----D C:\ProgramData\ArcSoft
O43 - CFD: 18/04/2013 - 01:11:26 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 22/08/2010 - 00:08:48 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 16/07/2012 - 17:10:31 - [43,253] ----D C:\ProgramData\AVAST Software
O43 - CFD: 01/03/2011 - 18:53:59 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 04/07/2011 - 13:05:58 - [12,667] ----D C:\ProgramData\Easybits GO
O43 - CFD: 21/08/2010 - 23:34:11 - [0,107] ----D C:\ProgramData\Evernote
O43 - CFD: 01/03/2011 - 18:53:59 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 04/07/2011 - 17:58:49 - [0,503] ----D C:\ProgramData\Google
O43 - CFD: 21/10/2012 - 00:38:38 - [15,901] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 01/03/2011 - 18:53:59 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 13/01/2013 - 16:41:03 - [262,946] -S--D C:\ProgramData\Microsoft
O43 - CFD: 30/06/2011 - 18:08:03 - [0,000] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 01/03/2011 - 18:53:59 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 08/04/2013 - 12:24:05 - [171,490] ----D C:\ProgramData\Skype
O43 - CFD: 01/07/2011 - 13:49:16 - [5,985] ----D C:\ProgramData\Skype Extras
O43 - CFD: 21/08/2010 - 23:49:26 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 27/01/2013 - 20:11:12 - [1323,913] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 15/01/2013 - 20:24:59 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 21/08/2010 - 23:49:34 - [6,253] ----D C:\ProgramData\Uninstall
O43 - CFD: 29/06/2012 - 09:51:19 - [19,705] ----D C:\ProgramData\VS
O43 - CFD: 17/06/2012 - 12:14:02 - [5,614] ----D C:\Users\natilyas\AppData\Roaming\Adobe
O43 - CFD: 23/03/2013 - 01:18:04 - [2,943] ----D C:\Users\natilyas\AppData\Roaming\ArcSoft
O43 - CFD: 01/03/2011 - 18:58:17 - [0] ----D C:\Users\natilyas\AppData\Roaming\ATI
O43 - CFD: 04/07/2011 - 12:49:24 - [0,061] ----D C:\Users\natilyas\AppData\Roaming\go
O43 - CFD: 04/03/2011 - 23:45:57 - [0] ----D C:\Users\natilyas\AppData\Roaming\Google
O43 - CFD: 01/03/2011 - 18:56:12 - [0] ----D C:\Users\natilyas\AppData\Roaming\Identities
O43 - CFD: 05/04/2013 - 11:55:25 - [4,466] ----D C:\Users\natilyas\AppData\Roaming\LibreOffice
O43 - CFD: 04/03/2011 - 23:46:09 - [0,001] ----D C:\Users\natilyas\AppData\Roaming\Macromedia
O43 - CFD: 21/10/2012 - 00:39:19 - [0] ----D C:\Users\natilyas\AppData\Roaming\Malwarebytes
O43 - CFD: 13/04/2010 - 20:09:46 - [0] ----D C:\Users\natilyas\AppData\Roaming\Media Center Programs
O43 - CFD: 02/05/2013 - 00:46:38 - [5,631] -S--D C:\Users\natilyas\AppData\Roaming\Microsoft
O43 - CFD: 28/06/2012 - 02:30:59 - [0] ----D C:\Users\natilyas\AppData\Roaming\Microsoft Corporation
O43 - CFD: 09/10/2012 - 11:31:49 - [5,384] ----D C:\Users\natilyas\AppData\Roaming\Move Networks
O43 - CFD: 18/12/2012 - 19:51:08 - [0,001] ----D C:\Users\natilyas\AppData\Roaming\newfolder3
O43 - CFD: 04/07/2011 - 20:23:03 - [21,744] ----D C:\Users\natilyas\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/05/2013 - 23:18:20 - [5,072] ----D C:\Users\natilyas\AppData\Roaming\Skype
O43 - CFD: 02/10/2011 - 23:35:22 - [3,954] ----D C:\Users\natilyas\AppData\Roaming\Sony Corporation
O43 - CFD: 17/04/2011 - 14:45:16 - [0] ----D C:\Users\natilyas\AppData\Roaming\Windows Live Writer
O43 - CFD: 17/06/2012 - 12:14:02 - [31,898] ----D C:\Users\natilyas\AppData\Local\Adobe
O43 - CFD: 01/03/2011 - 18:54:15 - [0] ----D C:\Users\natilyas\AppData\Local\Application Data
O43 - CFD: 05/03/2011 - 17:52:42 - [0,001] ----D C:\Users\natilyas\AppData\Local\ArcSoft
O43 - CFD: 01/03/2011 - 18:58:17 - [0,056] ----D C:\Users\natilyas\AppData\Local\ATI
O43 - CFD: 26/04/2013 - 11:48:28 - [1,026] ----D C:\Users\natilyas\AppData\Local\Diagnostics
O43 - CFD: 25/04/2011 - 18:55:13 - [8,545] ----D C:\Users\natilyas\AppData\Local\Downloaded Installations
O43 - CFD: 19/12/2012 - 22:02:31 - [0] ----D C:\Users\natilyas\AppData\Local\ElevatedDiagnostics
O43 - CFD: 19/04/2011 - 19:12:47 - [0] ----D C:\Users\natilyas\AppData\Local\Evernote
O43 - CFD: 04/07/2011 - 18:06:12 - [455,132] ----D C:\Users\natilyas\AppData\Local\Google
O43 - CFD: 01/03/2011 - 18:54:15 - [0] ----D C:\Users\natilyas\AppData\Local\Historique
O43 - CFD: 12/03/2013 - 20:28:36 - [217,848] ----D C:\Users\natilyas\AppData\Local\Microsoft
O43 - CFD: 02/04/2011 - 01:26:51 - [0,319] ----D C:\Users\natilyas\AppData\Local\Microsoft Games
O43 - CFD: 30/06/2011 - 17:48:57 - [0,069] ----D C:\Users\natilyas\AppData\Local\Microsoft Help
O43 - CFD: 18/12/2012 - 19:51:08 - [0,002] ----D C:\Users\natilyas\AppData\Local\Omnifone_Ltd
O43 - CFD: 28/01/2013 - 16:10:07 - [0] ----D C:\Users\natilyas\AppData\Local\Programs
O43 - CFD: 26/05/2011 - 22:54:46 - [0,002] ----D C:\Users\natilyas\AppData\Local\Sony Corporation
O43 - CFD: 10/05/2013 - 23:36:33 - [0,012] ----D C:\Users\natilyas\AppData\Local\Temp
O43 - CFD: 01/03/2011 - 18:54:15 - [0] ----D C:\Users\natilyas\AppData\Local\Temporary Internet Files
O43 - CFD: 29/06/2012 - 19:14:27 - [0,059] ----D C:\Users\natilyas\AppData\Local\VirtualStore
O43 - CFD: 17/04/2011 - 14:45:19 - [0,356] ----D C:\Users\natilyas\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 06:54:32 - [0,012] R---D C:\Users\natilyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 14:31:34 - [0,000] R---D C:\Users\natilyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\natilyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/12/2012 - 01:08:44 - [0,005] ----D C:\Users\natilyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 11/07/2012 - 14:31:34 - [0,000] R---D C:\Users\natilyas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 134 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9F06243ABCB89C70E0C331C61D871FA7] - 10/05/2013 - 22:33:00 ---A- . (...) -- C:\ToolsDiag.txt   [6]
O44 - LFC:[MD5.35F1AC739CEEFF316EA55717BF03A2D8] - 10/05/2013 - 21:50:53 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1840662]
O44 - LFC:[MD5.8FDC0BB43AE4FFDE39697B3E3580111F] - 10/05/2013 - 19:43:14 ---A- . (...) -- C:\Windows\setupact.log   [1288]
O44 - LFC:[MD5.B21DE95C65DC31FEDE110B5096CE0BD4] - 10/05/2013 - 19:43:13 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.EFD3FD9742ACD4795DEEC4F2A5C826D8] - 02/05/2013 - 01:06:08 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\SysNative\MpSigStub.exe   [278800]
O44 - LFC:[MD5.EFD3FD9742ACD4795DEEC4F2A5C826D8] - 02/05/2013 - 01:06:08 RSHAD . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe   [278800]
O44 - LFC:[MD5.4775F68D693264DD12FA8D0F7E46C1BA] - 01/05/2013 - 11:11:22 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1849364]
O44 - LFC:[MD5.59F960DFCBFAEA74616FE2C7B8944AA5] - 01/05/2013 - 11:11:22 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [146570]
O44 - LFC:[MD5.D7BB396F34CCC632291D90B4188BCB43] - 01/05/2013 - 11:11:22 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [174282]
O44 - LFC:[MD5.1E3D7E099AAC0AB455FDC95BFE81D109] - 01/05/2013 - 11:11:22 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [718548]
O44 - LFC:[MD5.AD2D3A53A19704D5428CF7105A5020B0] - 01/05/2013 - 11:11:22 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [811706]
O44 - LFC:[MD5.4775F68D693264DD12FA8D0F7E46C1BA] - 01/05/2013 - 11:11:22 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1849364]
O44 - LFC:[MD5.59F960DFCBFAEA74616FE2C7B8944AA5] - 01/05/2013 - 11:11:22 RSHAD . (...) -- C:\Windows\System32\perfc009.dat   [146570]
O44 - LFC:[MD5.D7BB396F34CCC632291D90B4188BCB43] - 01/05/2013 - 11:11:22 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat   [174282]
O44 - LFC:[MD5.1E3D7E099AAC0AB455FDC95BFE81D109] - 01/05/2013 - 11:11:22 RSHAD . (...) -- C:\Windows\System32\perfh009.dat   [718548]
O44 - LFC:[MD5.AD2D3A53A19704D5428CF7105A5020B0] - 01/05/2013 - 11:11:22 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat   [811706]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/04/2013 - 11:06:45 ---A- . (...) -- C:\Windows\setuperr.log   [0]
~ Files: 17 Scanned in 00mn 05s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.37A0687FC3AC0D85D3788CB639CA27DF] - 03/05/2013 - 10:48:06 ---A- - C:\Windows\Prefetch\MPAS-D.EXE-BAAEB6D7.pf
O45 - LFCP:[MD5.8D33FC68A764D1BB82F8F12BB93C284D] - 03/05/2013 - 10:48:06 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-3E062F17.pf
O45 - LFCP:[MD5.C1BCB6E155D05BC58726B17367F92B5C] - 03/05/2013 - 12:05:47 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-03D3FB87.pf
O45 - LFCP:[MD5.886C9912A0CF87B68850B7DE95204B48] - 03/05/2013 - 12:05:55 ---A- - C:\Windows\Prefetch\MBAM.EXE-493D9B94.pf
O45 - LFCP:[MD5.6A8C3EC0A0AA4BA810044E6A008B84CF] - 03/05/2013 - 20:08:47 ---A- - C:\Windows\Prefetch\MSPAINT.EXE-6406C4A1.pf
O45 - LFCP:[MD5.F27887E294C67DB40EEFB9A552E7AB15] - 03/05/2013 - 23:40:22 ---A- - C:\Windows\Prefetch\SNIPPINGTOOL.EXE-B23F9DB3.pf
O45 - LFCP:[MD5.F1E6F61BAFB54A420C6012854ECF5E3C] - 03/05/2013 - 23:40:23 ---A- - C:\Windows\Prefetch\WISPTIS.EXE-467FEFF4.pf
O45 - LFCP:[MD5.DFE97B8B0EA1820BE32891D58DC90468] - 04/05/2013 - 15:29:11 ---A- - C:\Windows\Prefetch\AITAGENT.EXE-08FB63FE.pf
O45 - LFCP:[MD5.893949376DFEF28C8E4AC392C4A25ABC] - 04/05/2013 - 23:46:22 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-81A2FDE2.pf
O45 - LFCP:[MD5.3BCD10F70C8F3AFF34127E867F447B9C] - 05/05/2013 - 00:08:55 ---A- - C:\Windows\Prefetch\MSCONFIG.EXE-690F60C3.pf
O45 - LFCP:[MD5.DE88CA6FFF7825D0172C57A3B93FC437] - 05/05/2013 - 00:13:47 ---A- - C:\Windows\Prefetch\MMC.EXE-B4EE34F3.pf
O45 - LFCP:[MD5.C4E08554E14CE1AE38025AAEA63A2A7E] - 05/05/2013 - 15:42:35 ---A- - C:\Windows\Prefetch\VESMGRSUB.EXE-E0B47857.pf
O45 - LFCP:[MD5.64D955531DDA088527EF46C87BE5E14D] - 05/05/2013 - 18:01:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6D8A88AD.pf
O45 - LFCP:[MD5.2FA717C4DF40F226EEC64C48B8DD330C] - 05/05/2013 - 18:01:12 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-1CF42BC6.pf
O45 - LFCP:[MD5.86AF656F982C70AD350B54AA5CCD0716] - 05/05/2013 - 18:01:12 ---A- - C:\Windows\Prefetch\VSNCLIENT.EXE-E61BB47A.pf
O45 - LFCP:[MD5.B0187D5E973805DFB3C17881ED264EE4] - 05/05/2013 - 18:01:12 ---A- - C:\Windows\Prefetch\VSNSERVICE.EXE-F4985EFC.pf
O45 - LFCP:[MD5.AE9E1CFD93D914F919DAF60FF9DAAE2F] - 05/05/2013 - 18:02:44 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-F6E20E14.pf
O45 - LFCP:[MD5.105817A7296D8AB1C38A19C9006207E3] - 05/05/2013 - 18:08:54 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-3C4E5BEC.pf
O45 - LFCP:[MD5.6DA5A1EED168B82472BC217C2D6647B4] - 05/05/2013 - 19:52:38 ---A- - C:\Windows\Prefetch\AGCP.EXE-F854F4BA.pf
O45 - LFCP:[MD5.B9037ACF45EB42142C022EBF375DCBCB] - 06/05/2013 - 11:51:54 ---A- - C:\Windows\Prefetch\CCLEANER64.EXE-4469D777.pf  =>Piriform Ltd
O45 - LFCP:[MD5.A23C68B3DE0C0FD3557BD82D5A4FEC89] - 06/05/2013 - 17:43:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0D53616E.pf
O45 - LFCP:[MD5.A6260E128903320E43138D09F6770010] - 06/05/2013 - 18:51:52 ---A- - C:\Windows\Prefetch\POWERCFG.EXE-954C9186.pf
O45 - LFCP:[MD5.9DAE50F8A1FCBD2608F42AC0A2F68B71] - 06/05/2013 - 20:34:19 ---A- - C:\Windows\Prefetch\CSC.EXE-0E09149C.pf
O45 - LFCP:[MD5.FA0F0042536D6480CD8FBABA0BB10949] - 06/05/2013 - 20:34:19 ---A- - C:\Windows\Prefetch\CVTRES.EXE-F4BA0E72.pf
O45 - LFCP:[MD5.E1F94D9A0921379542E0BB7C938ACD1E] - 06/05/2013 - 20:34:21 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-B3171AA1.pf
O45 - LFCP:[MD5.210D10ED6B17FE28CA410F450906B6CE] - 06/05/2013 - 20:34:21 ---A- - C:\Windows\Prefetch\W32TM.EXE-C4E0F88E.pf
O45 - LFCP:[MD5.50D513E553BD9E988FD5A98945BC8C5A] - 06/05/2013 - 20:34:31 ---A- - C:\Windows\Prefetch\PING.EXE-4A8A6853.pf
O45 - LFCP:[MD5.B89AC7404E2AE14EE8B7C893E58CA1D5] - 06/05/2013 - 23:34:45 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-4C8500BA.pf
O45 - LFCP:[MD5.F5043571CE8FDF8AD050330714DFF1C1] - 07/05/2013 - 15:40:13 ---A- - C:\Windows\Prefetch\SDCLT.EXE-94EAE077.pf
O45 - LFCP:[MD5.DB4688FB2363FC6591A6773469E0B6EF] - 07/05/2013 - 15:43:03 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.149.1143.0.EXE-FA19247D.pf
O45 - LFCP:[MD5.AC41F5403E18727BDB78F518E503C160] - 07/05/2013 - 15:43:06 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-28DF9DA3.pf
O45 - LFCP:[MD5.024C5247724A1ABA9A2A4234D7D0A3D4] - 07/05/2013 - 22:22:58 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-51CCB287.pf
O45 - LFCP:[MD5.DC7A251DDE61C1F89187F457B48CF5EE] - 09/05/2013 - 10:10:59 ---A- - C:\Windows\Prefetch\PMBDEVICEINFOPROVIDER.EXE-90F24A20.pf
O45 - LFCP:[MD5.13FF48EBCC02076EB8A3671B1F781B15] - 09/05/2013 - 10:10:59 ---A- - C:\Windows\Prefetch\SQLWRITER.EXE-4169D6DD.pf
O45 - LFCP:[MD5.A4815598AEF47713FD5A9848C30F0C48] - 09/05/2013 - 10:10:59 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-4ED41433.pf
O45 - LFCP:[MD5.A69F46820C1CC25FD6518A5C4CD7CAEE] - 09/05/2013 - 10:10:59 ---A- - C:\Windows\Prefetch\UCAMMONITOR.EXE-C92C4283.pf
O45 - LFCP:[MD5.24B3520AA6500433E272751DD298D943] - 09/05/2013 - 10:10:59 ---A- - C:\Windows\Prefetch\VESMGR.EXE-7CFFCEB5.pf
O45 - LFCP:[MD5.22691BD861CA704A1C87E02779745797] - 09/05/2013 - 13:25:37 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-3D9E8D72.pf
O45 - LFCP:[MD5.5E49B5B65998B06A491FAD7D62C404EE] - 09/05/2013 - 13:25:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-67EC2DA7.pf
O45 - LFCP:[MD5.4F6DC0EA2F1901FB76B390A797AEBD87] - 09/05/2013 - 20:16:15 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-57576C25.pf
O45 - LFCP:[MD5.6DAB308D2F7BC3D55CCD8CF3992CC887] - 09/05/2013 - 20:25:41 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-CE8E6DA8.pf
O45 - LFCP:[MD5.18A0720E17DC9218825E8665A85ED8F8] - 09/05/2013 - 20:25:47 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-8F477773.pf
O45 - LFCP:[MD5.52DCDAD1EE07E9736D660453BA5D2149] - 09/05/2013 - 20:25:47 ---A- - C:\Windows\Prefetch\EULA.EXE-4770E28E.pf
O45 - LFCP:[MD5.DE26E8236E59289F716F0D648D49EE01] - 09/05/2013 - 20:25:49 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-7DD93B84.pf
O45 - LFCP:[MD5.89296F918BDB6BBE20FA48EFA424BB1B] - 10/05/2013 - 00:27:59 ---A- - C:\Windows\Prefetch\WUAPP.EXE-79F5B9BE.pf
O45 - LFCP:[MD5.98F31669B43F6FBB356D790A4B054669] - 10/05/2013 - 10:43:41 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.2E3E9CC6FC2C4EA71385302A960B00BB] - 10/05/2013 - 10:43:49 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-BE6307C0.pf
O45 - LFCP:[MD5.E839E191CC24B51A8BDB12B7D7C6E91A] - 10/05/2013 - 10:43:50 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-B597A9D1.pf
O45 - LFCP:[MD5.E3E42099F9D459219AF845EBC545D102] - 10/05/2013 - 10:43:54 ---A- - C:\Windows\Prefetch\CCC.EXE-6C5FA59C.pf
O45 - LFCP:[MD5.610B0C0FD37D3B103C399FF665ECEE5A] - 10/05/2013 - 10:46:28 ---A- - C:\Windows\Prefetch\UPDATER.EXE-A8C477C0.pf
O45 - LFCP:[MD5.DD12C71D6CA5F7A14FF4BA04E1B6D68E] - 10/05/2013 - 10:46:50 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
O45 - LFCP:[MD5.F94235A14D232DE56F040F8982C06A19] - 10/05/2013 - 10:47:49 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-5D573F0E.pf
O45 - LFCP:[MD5.6452096AD89CB2D9EB91EFD3FF795135] - 10/05/2013 - 10:48:05 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.149.1380.0.EXE-8080525C.pf
O45 - LFCP:[MD5.ADAFB30BF2044680FF70F7A3E3B6EA98] - 10/05/2013 - 10:48:07 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-B566326F.pf
O45 - LFCP:[MD5.8104D7CB8DDA82ED3C5C664367A6D6F6] - 10/05/2013 - 10:48:07 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-5D0450B3.pf
O45 - LFCP:[MD5.2B257A685117142EB92F8CF91D5092C2] - 10/05/2013 - 11:48:27 ---A- - C:\Windows\Prefetch\SC.EXE-6C4D4413.pf
O45 - LFCP:[MD5.4D379C38AE060D6F9A8EB7370E517039] - 10/05/2013 - 11:48:30 ---A- - C:\Windows\Prefetch\NET.EXE-A0964F30.pf
O45 - LFCP:[MD5.5E64B40FE16FF9C7C53A47FF1E6F9FB1] - 10/05/2013 - 11:48:30 ---A- - C:\Windows\Prefetch\NET1.EXE-509326A5.pf
O45 - LFCP:[MD5.BDFC51C016F00A84A8520B4AE1C6B223] - 10/05/2013 - 13:14:47 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.72886B6656F446C753F5FA2661691825] - 10/05/2013 - 13:17:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6FD72002.pf
O45 - LFCP:[MD5.9FD12F9AD3B81DA3B285A56DE7B1BB58] - 10/05/2013 - 13:40:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7FB5A65F.pf
O45 - LFCP:[MD5.A56B1B2BEA6DB5223A9625DFC6EC58E6] - 10/05/2013 - 13:40:07 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.9E180FD51E4BBF8B8645857AD0F4F280] - 10/05/2013 - 13:40:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6E1A6101.pf
O45 - LFCP:[MD5.B7958AB621A790B4740D83BED73AB9BE] - 10/05/2013 - 13:41:08 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.1871EA30352FBF398042117B220D615A] - 10/05/2013 - 13:56:10 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4285739795-3724253545-72333326-1000.db
O45 - LFCP:[MD5.816319E2E3E8C4305F7368D419E88A94] - 10/05/2013 - 13:56:10 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4285739795-3724253545-72333326-1000.db
O45 - LFCP:[MD5.0EEF527A548FA7A2227BFD3C6DF9C442] - 10/05/2013 - 14:08:27 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-F639BD7E.pf
O45 - LFCP:[MD5.A4D01D9EBB42860215750A29F7FCA435] - 10/05/2013 - 14:08:36 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.94BA68DD5B3CB2EA57BEF0042FA11961] - 10/05/2013 - 19:44:39 ---A- - C:\Windows\Prefetch\APMSGFWD.EXE-67B78FB7.pf
O45 - LFCP:[MD5.A24609039DB0DCEADC9C82C60CA8C824] - 10/05/2013 - 19:44:39 ---A- - C:\Windows\Prefetch\APNTEX.EXE-32BDD4AA.pf
O45 - LFCP:[MD5.0B099A414D9544B4CAFA96FB8E41164B] - 10/05/2013 - 19:44:39 ---A- - C:\Windows\Prefetch\APVFB.EXE-2F577785.pf
O45 - LFCP:[MD5.0C58081007AF9437CFE985437549DB24] - 10/05/2013 - 19:44:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-EDA5A3D2.pf
O45 - LFCP:[MD5.9F95C45CEBD67B565A220175844242A6] - 10/05/2013 - 19:44:51 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf
O45 - LFCP:[MD5.D1DA5E93FFF9C281AEC421A1D9EEB1A9] - 10/05/2013 - 19:44:54 ---A- - C:\Windows\Prefetch\AVAST.SETUP-0144B743.pf
O45 - LFCP:[MD5.C2594CE3BC5932D10C93CE27D246652A] - 10/05/2013 - 19:45:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-2E02FDCA.pf
O45 - LFCP:[MD5.0150367D17A1ABB54860C35AE27A5F81] - 10/05/2013 - 19:45:37 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-90230411.pf
O45 - LFCP:[MD5.646A36CAA9F55154992073A470F7E2D0] - 10/05/2013 - 19:45:58 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-16B291C4.pf
O45 - LFCP:[MD5.49479AE924D90DFE1BA9B0759F239184] - 10/05/2013 - 19:45:58 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-8CE1A322.pf
O45 - LFCP:[MD5.E6295145E9385BFDCC537C1DA969CE39] - 10/05/2013 - 19:45:59 ---A- - C:\Windows\Prefetch\ROXIOUPNPSERVICE10.EXE-F36925CD.pf
O45 - LFCP:[MD5.4F9BFAE2B773E7E7740A03F1D171F744] - 10/05/2013 - 19:46:09 ---A- - C:\Windows\Prefetch\VCPERFSERVICE.EXE-8C630ED1.pf
O45 - LFCP:[MD5.D61DA4B7C8A55E8060C745A8F6F7528A] - 10/05/2013 - 19:46:13 ---A- - C:\Windows\Prefetch\LISTENER.EXE-DC284414.pf
O45 - LFCP:[MD5.91D8DF8CDC69053A53607B9F88DEDDFD] - 10/05/2013 - 19:46:24 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-F31BDE28.pf
O45 - LFCP:[MD5.E47D304F8EB6BCC44EAE6F68A77BBC8E] - 10/05/2013 - 19:47:55 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf
O45 - LFCP:[MD5.63571E1657B74EE823C26A001FC7D3D3] - 10/05/2013 - 19:48:32 ---A- - C:\Windows\Prefetch\VCSYSTRAY.EXE-6744AB5E.pf
O45 - LFCP:[MD5.AD344094BC588A8BA4594F2AA7748BF0] - 10/05/2013 - 19:48:34 ---A- - C:\Windows\Prefetch\VCSERVICE.EXE-13D30248.pf
O45 - LFCP:[MD5.33A7A105D6E1C7C517B261416CFCBA35] - 10/05/2013 - 19:48:37 ---A- - C:\Windows\Prefetch\VCAGENT.EXE-99920ED6.pf
O45 - LFCP:[MD5.99332854A1AD6D96C0CB1DA161725A97] - 10/05/2013 - 19:48:38 ---A- - C:\Windows\Prefetch\VDSLDR.EXE-50179B50.pf
O45 - LFCP:[MD5.1C9D9EA75407E8376FB8C54B7791404A] - 10/05/2013 - 19:48:41 ---A- - C:\Windows\Prefetch\VDS.EXE-2FCA9D16.pf
O45 - LFCP:[MD5.4B8A8589A0707DFB2CE5956319716A8C] - 10/05/2013 - 19:49:02 ---A- - C:\Windows\Prefetch\ACTIVATION.EXE-91A34A7B.pf
O45 - LFCP:[MD5.F8D7F44283C731F69BB3351A63AF4318] - 10/05/2013 - 19:51:53 ---A- - C:\Windows\Prefetch\IELOWUTIL.EXE-EE8999C6.pf
O45 - LFCP:[MD5.046A7A8CD47C95B929E36E6E86065045] - 10/05/2013 - 19:56:20 ---A- - C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf
O45 - LFCP:[MD5.A3F32FDC9C8E98F79A6C64E8FEE4350F] - 10/05/2013 - 19:56:31 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D2A040D5.pf
O45 - LFCP:[MD5.E516A33F787A415EDC6C38676BCFE198] - 10/05/2013 - 20:31:01 ---A- - C:\Windows\Prefetch\LAUNCAPP.EXE-8D01CA61.pf
O45 - LFCP:[MD5.36E94736C5812E754AA1C44EFFC1D39C] - 10/05/2013 - 20:31:07 ---A- - C:\Windows\Prefetch\CHECKUPDATE.AC-963CEF19.pf
O45 - LFCP:[MD5.88E17FB632138F0E75697B5F4697DDC7] - 10/05/2013 - 20:31:12 ---A- - C:\Windows\Prefetch\MAGIC-I VISUAL EFFECTS.EXE-0579030C.pf
O45 - LFCP:[MD5.DCDDDC065285FFCA5A9DAF9BD26A436F] - 10/05/2013 - 20:31:15 ---A- - C:\Windows\Prefetch\ACDAEMON.EXE-04C25D3A.pf
O45 - LFCP:[MD5.0825B4527DE1A38632465F2484DD7259] - 10/05/2013 - 20:31:15 ---A- - C:\Windows\Prefetch\ACSERVICE.EXE-85DBD14B.pf
O45 - LFCP:[MD5.4B83AA5FC3A02F6A288ED71A6E3FFAD0] - 10/05/2013 - 20:39:34 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-425BC49B.pf
O45 - LFCP:[MD5.AF212C46A6A0A6FEDC0F755D0F1517FA] - 10/05/2013 - 20:48:34 ---A- - C:\Windows\Prefetch\SELFHEALUPDATE.EXE-6123CF79.pf
O45 - LFCP:[MD5.EFF11ACC60892160ADA2BEBDAE289DD9] - 10/05/2013 - 20:48:40 ---A- - C:\Windows\Prefetch\ADMLOAD.EXE-BC3F26C0.pf
O45 - LFCP:[MD5.53CE21F32278EAF2C131BCAB4A101502] - 10/05/2013 - 22:00:31 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-A0F5E092.pf
O45 - LFCP:[MD5.C01FDEE6F6A35127041FE166D6EC6EA4] - 10/05/2013 - 22:04:54 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.5A4363EF5B82D3677C6C270556A75C08] - 10/05/2013 - 22:04:54 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.FDD7C7B23D95EED59FEAE0E5E17818BC] - 10/05/2013 - 22:04:54 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.6E5B1D496B6071A85DDFBC822987A644] - 10/05/2013 - 22:04:54 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.F523022337323F4C7FA6417FC4CE5B8F] - 10/05/2013 - 22:14:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf
O45 - LFCP:[MD5.1EA7D1DA39AD58B7A9D7788EEB4AFD90] - 10/05/2013 - 22:14:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf
O45 - LFCP:[MD5.43D11AC664A181A27508AE813DCE8708] - 10/05/2013 - 22:15:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-0129C0B2.pf
O45 - LFCP:[MD5.64BB0DC7A6531042E08F38BDC358B2E3] - 10/05/2013 - 22:17:30 ---A- - C:\Windows\Prefetch\CONTROL.EXE-6EA5489A.pf
O45 - LFCP:[MD5.B02B965EC2B253B1E67EA00D0E59C856] - 10/05/2013 - 22:17:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-D9DCD0F3.pf
O45 - LFCP:[MD5.6761662FA60C21E484C42EDEF2C0E264] - 10/05/2013 - 22:18:18 ---A- - C:\Windows\Prefetch\SKYPE.EXE-A716A034.pf
O45 - LFCP:[MD5.8CBC846636E1EDDEEF4ACE67F051D3A1] - 10/05/2013 - 22:22:27 ---A- - C:\Windows\Prefetch\MSFEEDSSYNC.EXE-BDDD8ED1.pf
O45 - LFCP:[MD5.05E6E8E2D04419757AAC763D2F51C319] - 10/05/2013 - 22:27:47 ---A- - C:\Windows\Prefetch\CHROME.EXE-5349D2D7.pf
O45 - LFCP:[MD5.B25184D344CEBDF14B21DFCA954B2C6E] - 10/05/2013 - 22:28:02 ---A- - C:\Windows\Prefetch\CTFMON.EXE-43603594.pf
O45 - LFCP:[MD5.D6AE33FB5592601A20411FD4DFFECBDB] - 10/05/2013 - 22:28:32 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-2C9109F9.pf
O45 - LFCP:[MD5.867C1365DE07088BCC70B9FE1E90372E] - 10/05/2013 - 22:29:11 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-AB22E9A6.pf
O45 - LFCP:[MD5.D903D9EE5774EF76502E81C0DAAC7144] - 10/05/2013 - 22:32:18 ---A- - C:\Windows\Prefetch\TOOLSDIAG_X64.EXE-B888B225.pf
O45 - LFCP:[MD5.F4BCE73F19D273E3E53D120CE03A7E9D] - 10/05/2013 - 22:33:00 ---A- - C:\Windows\Prefetch\CMD.EXE-0BD30981.pf
O45 - LFCP:[MD5.15F7A3448AC9CB334DE066F0874C6C03] - 10/05/2013 - 22:33:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A010D183.pf
O45 - LFCP:[MD5.D898BE28E0CE2901109508581C3B37CD] - 10/05/2013 - 22:33:06 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf
O45 - LFCP:[MD5.76AB4385010BE481A61C541E0094AC16] - 10/05/2013 - 22:33:08 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf
O45 - LFCP:[MD5.B986F3553E410C2D957B44A6402389FC] - 10/05/2013 - 22:33:08 ---A- - C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf
O45 - LFCP:[MD5.BF96EF758C1796A9036ACF42F1FE9A0A] - 10/05/2013 - 22:33:10 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf
O45 - LFCP:[MD5.E8DFB3B23098D6C3F52DF761A4FA9DFF] - 10/05/2013 - 22:35:07 ---A- - C:\Windows\Prefetch\CONSENT.EXE-40419367.pf
O45 - LFCP:[MD5.0FA2907DB5549A1B935CBC10A6172503] - 10/05/2013 - 22:35:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf
O45 - LFCP:[MD5.5FBC88482F206932A4EF35D697756E6B] - 10/05/2013 - 22:35:17 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-B77A3947.pf
O45 - LFCP:[MD5.3E2BDDFF4D98355F646504CB3D91F017] - 10/05/2013 - 22:35:17 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-996F5BE0.pf
O45 - LFCP:[MD5.FAC05907B85EC7262B6ACD1025863E90] - 10/05/2013 - 22:35:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf
O45 - LFCP:[MD5.4C423EEEDBF8D104B1415202D4484607] - 10/05/2013 - 22:35:37 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf
O45 - LFCP:[MD5.5F138758FABDEA61F364542A01941A59] - 10/05/2013 - 22:35:37 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
O45 - LFCP:[MD5.EEA7517D3E73831D3BC2EBD7C2156507] - 10/05/2013 - 22:36:41 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-257D8644.pf
O45 - LFCP:[MD5.B9CEAB556451C9FE3405FE3793AC683B] - 10/05/2013 - 22:36:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-960426D8.pf
O45 - LFCP:[MD5.4E0C9D3B2AEF19CEB908C99994519F6F] - 10/05/2013 - 22:36:51 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-6A1D0894.pf
O45 - LFCP:[MD5.A11736D54D3165798011C1420F10CD1D] - 10/05/2013 - 22:36:59 ---A- - C:\Windows\Prefetch\CONHOST.EXE-0C6456FB.pf
O45 - LFCP:[MD5.EC0ECDB50D3B25E82D72EC72A5644FB3] - 10/05/2013 - 22:36:59 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-FCD9ABA9.pf
O45 - LFCP:[MD5.BF39F375073E8DA06166F63A8E392A15] - 10/05/2013 - 22:37:02 ---A- - C:\Windows\Prefetch\PV.EXE-0748338F.pf
O45 - LFCP:[MD5.1BB0FDEA3DD88A4201D212F7EEC7C56C] - 10/05/2013 - 22:37:03 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-96070FE0.pf
O45 - LFCP:[MD5.E0618700A91E76266002E863981E7374] - 10/05/2013 - 22:37:03 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-39F97B2D.pf
O45 - LFCP:[MD5.39925976D491F17C68258C49283E942A] - 10/05/2013 - 22:38:00 ---A- - C:\Windows\Prefetch\CMD.EXE-6D6290C5.pf
~ Prefetcher: 139 Scanned in 00mn 02s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\NortonOnlineBackupReminder  [Key] . (...) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PMBVolumeWatcher  [Key] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
~ SMSR Keys: 4 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
~ Drivers:  Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 08/05/2013 - 15:24:36 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Bookmarks   [3969]
O61 - LFC: 08/05/2013 - 15:24:36 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak   [3969]
O61 - LFC: 08/05/2013 - 16:29:03 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\chatsync\e3\e398b2a90c9eb918.dat   [3474]
O61 - LFC: 08/05/2013 - 21:45:52 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage   [3072]
O61 - LFC: 08/05/2013 - 21:45:52 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage-journal   [3608]
O61 - LFC: 09/05/2013 - 20:16:38 ---A- C:\Users\natilyas\Downloads\matlab.pdf   [663316]
O61 - LFC: 10/05/2013 - 00:28:23 --HA- C:\Users\natilyas\AppData\Local\IconCache.db   [6064662]
O61 - LFC: 10/05/2013 - 10:48:31 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.google.fr_0.localstorage   [3072]
O61 - LFC: 10/05/2013 - 10:48:32 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 10/05/2013 - 12:35:08 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage   [3072]
O61 - LFC: 10/05/2013 - 12:35:08 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal   [3608]
O61 - LFC: 10/05/2013 - 13:52:19 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [20480]
O61 - LFC: 10/05/2013 - 13:52:19 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [12824]
O61 - LFC: 10/05/2013 - 19:43:54 ---A- C:\Users\natilyas\AppData\Local\ATI\ACE\Manifest.Bin   [26869]
O61 - LFC: 10/05/2013 - 19:43:54 ---A- C:\Users\natilyas\AppData\Local\ATI\ACE\Manifest.xml   [19492]
O61 - LFC: 10/05/2013 - 19:45:34 ---A- C:\Users\natilyas\AppData\Roaming\Skype\shared_dynco\dc.db   [2215936]
O61 - LFC: 10/05/2013 - 19:45:34 ---A- C:\Users\natilyas\AppData\Roaming\Skype\shared_dynco\dc.db-journal   [1096280]
O61 - LFC: 10/05/2013 - 19:45:50 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\eas.db   [49152]
O61 - LFC: 10/05/2013 - 19:45:50 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\eas.db-journal   [37448]
O61 - LFC: 10/05/2013 - 19:47:17 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\keyval.db   [40960]
O61 - LFC: 10/05/2013 - 19:47:17 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\keyval.db-journal   [33344]
O61 - LFC: 10/05/2013 - 19:48:32 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\V7RUJ987\s.ytimg.com\videostats.sol   [275]
O61 - LFC: 10/05/2013 - 19:48:34 ---A- C:\Users\natilyas\AppData\Roaming\Sony Corporation\VAIO Gate\TrackingCOMData.xml   [218]
O61 - LFC: 10/05/2013 - 19:50:00 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage   [3072]
O61 - LFC: 10/05/2013 - 19:50:00 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal   [3608]
O61 - LFC: 10/05/2013 - 19:50:30 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\msn.db   [40960]
O61 - LFC: 10/05/2013 - 19:50:30 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\msn.db-journal   [33344]
O61 - LFC: 10/05/2013 - 20:31:03 ---A- C:\Users\natilyas\AppData\Local\ArcSoft\Connection Service\ADSystem\ADPresentFile.xml   [92]
O61 - LFC: 10/05/2013 - 20:31:05 ---A- C:\Users\natilyas\AppData\Local\ArcSoft\Connection Service\anref.txt   [3]
O61 - LFC: 10/05/2013 - 20:55:24 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\chatsync\70\702916de9c994121.dat   [8920]
O61 - LFC: 10/05/2013 - 21:10:10 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 10/05/2013 - 21:10:14 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old   [151]
O61 - LFC: 10/05/2013 - 21:10:14 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001333.sst   [146]
O61 - LFC: 10/05/2013 - 21:10:20 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\LOG.old   [151]
O61 - LFC: 10/05/2013 - 21:10:22 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [788]
O61 - LFC: 10/05/2013 - 21:15:26 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Last Tabs   [3602]
O61 - LFC: 10/05/2013 - 21:15:27 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Last Session   [10156]
O61 - LFC: 10/05/2013 - 21:50:48 ---A- C:\Users\natilyas\AppData\Local\ATI\ACE\Profiles.xml   [12130]
O61 - LFC: 10/05/2013 - 21:56:30 ---A- C:\Users\natilyas\AppData\Roaming\ArcSoft\Magic-i Visual Effects\2.0.1\WebCamSetting.xml   [118]
O61 - LFC: 10/05/2013 - 22:16:15 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 10/05/2013 - 22:16:15 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000588   [1088]
O61 - LFC: 10/05/2013 - 22:16:16 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [148]
O61 - LFC: 10/05/2013 - 22:16:16 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT   [16]
O61 - LFC: 10/05/2013 - 22:16:16 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-005843   [142]
O61 - LFC: 10/05/2013 - 22:16:16 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Web Data   [311296]
O61 - LFC: 10/05/2013 - 22:16:16 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [16384]
O61 - LFC: 10/05/2013 - 22:16:17 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\CURRENT   [16]
O61 - LFC: 10/05/2013 - 22:16:17 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-005793   [88]
O61 - LFC: 10/05/2013 - 22:16:18 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG   [151]
O61 - LFC: 10/05/2013 - 22:16:18 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001335.sst   [470]
O61 - LFC: 10/05/2013 - 22:16:18 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 10/05/2013 - 22:16:18 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001334   [275]
O61 - LFC: 10/05/2013 - 22:16:25 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 10/05/2013 - 22:16:28 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\LOG   [151]
O61 - LFC: 10/05/2013 - 22:16:28 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [274]
O61 - LFC: 10/05/2013 - 22:16:48 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies   [6144]
O61 - LFC: 10/05/2013 - 22:16:48 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal   [4640]
O61 - LFC: 10/05/2013 - 22:18:04 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\dc.db   [86016]
O61 - LFC: 10/05/2013 - 22:18:19 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\config.xml   [8182]
O61 - LFC: 10/05/2013 - 22:18:19 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\httpfe\cookies.dat   [2]
O61 - LFC: 10/05/2013 - 22:18:20 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\bistats.db   [94208]
O61 - LFC: 10/05/2013 - 22:18:20 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\bistats.db-journal   [37448]
O61 - LFC: 10/05/2013 - 22:18:20 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\main.db   [991232]
O61 - LFC: 10/05/2013 - 22:18:20 ---A- C:\Users\natilyas\AppData\Roaming\Skype\natilyas\main.db-journal   [205712]
O61 - LFC: 10/05/2013 - 22:18:20 ---A- C:\Users\natilyas\AppData\Roaming\Skype\shared.xml   [69477]
O61 - LFC: 10/05/2013 - 22:20:25 ---A- C:\Users\natilyas\Downloads\Non confirmé 226268.crdownload   [897747]
O61 - LFC: 10/05/2013 - 22:20:56 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [806308]
O61 - LFC: 10/05/2013 - 22:20:57 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [6297620]
O61 - LFC: 10/05/2013 - 22:20:58 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1490142]
O61 - LFC: 10/05/2013 - 22:20:58 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [134920]
O61 - LFC: 10/05/2013 - 22:20:58 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19236]
O61 - LFC: 10/05/2013 - 22:20:58 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [4764]
O61 - LFC: 10/05/2013 - 22:22:17 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\.usage   [24]
O61 - LFC: 10/05/2013 - 22:22:17 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000002   [905766]
O61 - LFC: 10/05/2013 - 22:22:19 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [270957]
O61 - LFC: 10/05/2013 - 22:22:19 ---A- C:\Users\natilyas\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set   [958]
O61 - LFC: 10/05/2013 - 22:22:19 ---A- C:\Users\natilyas\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json   [34]
O61 - LFC: 10/05/2013 - 22:22:46 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\QuotaManager   [20480]
O61 - LFC: 10/05/2013 - 22:22:46 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal   [4640]
O61 - LFC: 10/05/2013 - 22:28:10 ---A- C:\Users\natilyas\Downloads\ToolsDiag_x64.exe   [1008807]
O61 - LFC: 10/05/2013 - 22:29:04 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bhmmomiinigofkjcapegjjndpbikblnp_0.localstorage   [330752]
O61 - LFC: 10/05/2013 - 22:29:04 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bhmmomiinigofkjcapegjjndpbikblnp_0.localstorage-journal   [16384]
O61 - LFC: 10/05/2013 - 22:30:22 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage   [3072]
O61 - LFC: 10/05/2013 - 22:30:22 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage-journal   [3608]
O61 - LFC: 10/05/2013 - 22:30:23 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Favicons   [12222464]
O61 - LFC: 10/05/2013 - 22:30:23 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 10/05/2013 - 22:30:43 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-04   [3313664]
O61 - LFC: 10/05/2013 - 22:30:43 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-04-journal   [16384]
O61 - LFC: 10/05/2013 - 22:30:57 ---A- C:\Users\natilyas\Downloads\ZHPDiag2.exe   [5644498]
O61 - LFC: 10/05/2013 - 22:31:15 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 10/05/2013 - 22:31:15 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [2576]
O61 - LFC: 10/05/2013 - 22:31:21 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG   [0]
O61 - LFC: 10/05/2013 - 22:31:21 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old   [0]
O61 - LFC: 10/05/2013 - 22:31:30 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [2484]
O61 - LFC: 10/05/2013 - 22:36:15 ---A- C:\Users\natilyas\AppData\Roaming\ArcSoft\Global Deploy\ArcUpdateService.inf   [524]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Current Session   [192589]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [34631]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History   [4231168]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-05   [14086144]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-05-journal   [16384]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [259621]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3   [2961408]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal   [16384]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 10/05/2013 - 22:36:33 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Local State   [42747]
O61 - LFC: 10/05/2013 - 22:36:34 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Cookies   [772096]
O61 - LFC: 10/05/2013 - 22:36:34 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 10/05/2013 - 22:36:34 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\Default\Preferences   [371615]
O61 - LFC: 10/05/2013 - 22:36:34 ---A- C:\Users\natilyas\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt   [5]
~ 2 Fichiers temporaires (Temporary files)
~ Files: 110 Scanned in 00mn 10s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 07/04/2010 - C:\Windows\System32\DRIVERS\atipmdag.sys (amdkmdag)  .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 09/03/2010 - C:\Windows\System32\drivers\amdsata.sys (amdsata)  .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA
O64 - Services: CurCS - 14/05/2010 - C:\Windows\System32\DRIVERS\amd_sata.sys (amd_sata)  .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMD_SATA
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 07/03/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 07/03/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr)  .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 07/03/2013 - Pas de propriétaire (aswRvrt)  .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 07/03/2013 - Pas de propriétaire (aswVmm)  .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi)  .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat)  .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP)  .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pciide.sys (pciide)  .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs)  .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt)  .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 87 Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {04C86B73-C797-48AB-A772-C5315C505484} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {3BF30D4A-C49C-4409-A71C-E09BEFB289A9} - (Nouveaux Exemplaires - Zinio.url) - http://www.zinio.com
O69 - SBI: SearchScopes [HKCU] {518B491C-F279-4BBA-A329-732A8A92195C} - (Zinio) - http://services.zinio.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {E6D175D5-66FC-4504-9BDF-DF84DFA7763A} - (eBay) - http://rover.ebay.com
~ Keys:  Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.B28908E3FA2FA7E2CC18D6961CADA1D1] [SPRF][05/03/2011] (...) -- C:\ProgramData\ezsidmv.dat   [56]
~ Files:  Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{EBB1D467-282E-4F6C-A342-E277F4E07548}" | In - Domain - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{0092CE0E-2198-4E61-88E5-164D32EB92D1}" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
O87 - FAEL: "{7A9437FD-F0BF-4D0E-92E6-4D79C5C879B0}" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{5C0956DF-CFE9-4305-ACA2-3845C5C2AC31}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe
O87 - FAEL: "{E9BE116F-74ED-4B72-BCA8-B8542D4C0E9A}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "TCP Query User{7F1F06FB-2BE4-4E1A-B362-13BCEC550A12}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{5BC3A64C-6322-4C18-9CBF-86AFC4C1B43A}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "{F154A802-C323-458C-AAAD-5B2C984290A1}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{237F7B7B-26B2-4E14-B8CF-5842909BAFF9}" | In - Private - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{C3A6B57A-2FCA-4C44-BB4C-31C6D03C942E}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
O87 - FAEL: "{06FF7C93-0F23-4784-9C2C-32E88F6B6F1A}" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "{E6A6B4B8-ABB4-445B-916A-EF79E4F1CE5A}" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "{971D5572-FFE1-42F7-80B9-9189C754DDAC}" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe
O87 - FAEL: "{D51F8780-2A01-42FB-A816-BE483A4FD764}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{0D1D3414-211B-4A13-A046-2B36635AAE00}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{7EFE63F5-37A6-447A-993D-E4E6E5671605}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{8552BD55-BC9B-406C-B6F4-49A72243564B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{22E71C87-B139-460D-980D-756A1E23A357}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{77246F44-F85C-4611-939C-45C70F2727F7}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{99B324B2-9543-4D05-90B0-0F5794D0773F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{2E1D4C3C-ACD9-441A-B93C-C7AC4475CC46}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{C9E19DEE-AE5C-4ECF-8F75-4A44B2D39A23}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{25C7BFFC-1615-4E20-8B8D-6DE77F2982CC}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{2C0DA3BB-7D88-4046-A19E-5BBA25D13BE8}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{F0BBA894-8910-46B6-92B6-C1FF28B56351}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{F41CDF38-85B6-4BF8-8CA4-3156735357F3}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9691F4F9-5F0D-428D-91EE-F1F7ED4E1C37}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{B715FC34-2E60-4D64-A3F7-E3E63969DF0F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{BB48A3B5-F87D-4C1F-B2FC-2A1AD0D83C2B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{00BA38E4-D26D-435E-8830-77566CD2FB40}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{0EAF7B94-43E8-4F09-8D3B-DC958FB688E2}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{6097C4DE-AA51-4C01-A006-99062517AA53}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{58DE1FFD-E06D-467B-8115-85E1CE18523B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{D6690507-7292-4EFD-87E8-6CF01581C2C0}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "TCP Query User{51216513-6B8C-466B-ACBF-9A7FA25CCBD9}C:\program files (x86)\skype\phone\skype.exe" | In - Public - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "UDP Query User{F07D2DEE-2789-4443-AE04-31E86E852C9A}C:\program files (x86)\skype\phone\skype.exe" | In - Public - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\program files (x86)\skype\phone\skype.exe
~ Firewall: 197 Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.12010 - (07/05/2013)
Clés trouvées (Keys found) : 17
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKLM\Software\Classes\Prod.cap]   =>Toolbar.Babylon
[HKCU\Software\InstallCore]   =>Adware.InstallCore
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]   =>Toolbar.Babylon
~ Additionnel Scan: 246562 Items scanned in 00mn 23s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "0C47A8B0FF76F5598857D0B3BF23212B" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{0B8A74C0-67FF-955F-8875-0D3BFB3212B2}\ARPPRODUCTICON.exe
O90 - PUC: "0D9196FA196553F4D956459F18105341" . (.Microsoft SQL Server Compact 3.5 SP2 FRA.) -- C:\Windows\Installer\{AF6919D0-5691-4F35-9D65-54F981013514}\ProductIcon
O90 - PUC: "106CEACDC537EA148BF47D290FF97B1D" . (.WOT for Internet Explorer.) -- C:\Windows\Installer\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}\ProductIcon
O90 - PUC: "10799DEF5A3AB6ECD440EDFC4987B498" . (.ATI Catalyst Install Manager.) -- C:\Windows\Installer\{FED99701-A3A5-CE6B-4D04-DECF94784B89}\ARPPRODUCTICON.exe
O90 - PUC: "12E0CAE9E01595249A6C5F5D8B690963" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{9EAC0E21-510E-4259-A9C6-F5D5B8969036}\ARPPRODUCTICON.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "1EDCB75C9BC7D7643BABE7119961DC1C" . (.Norton Online Backup.) -- C:\Windows\Installer\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico
O90 - PUC: "28C704820372701D06C6AE5CBA87E3AE" . (.Catalyst Control Center Graphics Full New.) -- C:\Windows\Installer\{28407C82-2730-D107-606C-EAC5AB783EEA}\ARPPRODUCTICON.exe
O90 - PUC: "299A99E470FBEA840B6C55005FE43AAD" . (.Microsoft SQL Server VSS Writer.) -- c:\Windows\Installer\{4E99A992-BF07-48AE-B0C6-5500F54EA3DA}\ARPIco
O90 - PUC: "3010294B6F902DA41B05FC4C74D4D2CD" . (.Simple Adblock.) -- C:\Windows\Installer\{B4920103-09F6-4AD2-B150-CFC4474D2DDC}\adblock.exe
O90 - PUC: "3B7D2427B1C29C44F8412020BB94FDC6" . (.Microsoft SQL Server 2008 Native Client.) -- c:\Windows\Installer\{7242D7B3-2C1B-44C9-8F14-0202BB49DF6C}\ARPIco
O90 - PUC: "41DC8ECD5FBF46449B4A1EE87453647C" . (.Assistant de connexion Windows Live.) -- C:\Windows\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}\prodicon.ico
O90 - PUC: "46A934DE810F4DD4B85A23D858BA90BA" . (.Roxio Central Core.) -- C:\Windows\Installer\{ED439A64-F018-4DD4-8BA5-328D85AB09AB}\RoxioCentral.exe
O90 - PUC: "46E25537B9A2C0682103DB94CF35208A" . (.Catalyst Control Center Core Implementation.) -- C:\Windows\Installer\{73552E64-2A9B-860C-1230-BD49FC5302A8}\ARPPRODUCTICON.exe
O90 - PUC: "4A94D9E94FD183147BBDD5788A3980E8" . (.WIDCOMM Bluetooth Software.) -- C:\Windows\Installer\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}\ARPPRODUCTICON.exe
O90 - PUC: "4C0538035AD553046AB9210600129CAF" . (.Fichiers de support d'installation de Microsoft SQL Server 2008.) -- c:\Windows\Installer\{308350C4-5DA5-4035-A69B-12600021C9FA}\ARPIco
O90 - PUC: "4C40B789CA5B6DA47A9ED88601588B05" . (.AMD USB Filter Driver.) -- C:\Windows\Installer\{987B04C4-B5AC-4AD6-A7E9-8D681085B850}\ARPPRODUCTICON.exe
O90 - PUC: "5D06B511BDBBE094FAE260D4733AEC10" . (.Media Gallery.) -- C:\Windows\Installer\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}\ARPPRODUCTICON.exe
O90 - PUC: "5ED62A6B5B2F85D45907F47C060EF0DC" . (.Roxio Central Copy.) -- C:\Windows\Installer\{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}\RoxioCentral.exe
O90 - PUC: "6176B6C1CA48A2142A6942D714BE7BBF" . (.Setup_msm_VCMS_x64.) -- C:\Windows\Installer\{1C6B6716-84AC-412A-A296-247D41EBB7FB}\ARPPRODUCTICON.exe
O90 - PUC: "64D952BA158F0B14A9AFEA8D99A86DA8" . (.MusicStation.) -- C:\Windows\Installer\{AB259D46-F851-41B0-9AFA-AED8998AD68A}\ARPPRODUCTICON.exe
O90 - PUC: "66A0FC3AF88D15F4B92312ADB8B63AFA" . (.Windows Live Contrôle parental.) -- C:\Windows\Installer\{A3CF0A66-D88F-4F51-9B32-21DA8B6BA3AF}\fssicon.ico
O90 - PUC: "68267DD57EB949849A099E509EA18C81" . (.Windows Live Mail.) -- C:\Windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.02) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "74E122A4163E3C5488A6B7D2A70D5EAA" . (.SOHLib Merge Module.) -- C:\Windows\Installer\{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}\ARPPRODUCTICON.exe
O90 - PUC: "76971D393865A31C16A83B5460404CF9" . (.ccc-utility64.) -- C:\Windows\Installer\{93D17967-5683-C13A-618A-B3450604C49F}\ARPPRODUCTICON.exe
O90 - PUC: "80F1B23F24046A80AD13DFC35FF6A277" . (.Catalyst Control Center Graphics Light.) -- C:\Windows\Installer\{F32B1F08-4042-08A6-DA31-FD3CF56F2A77}\ARPPRODUCTICON.exe
O90 - PUC: "8A257A534490D781E6DF93EEC0557DA2" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{35A752A8-0944-187D-6EFD-39EE0C55D72A}\ARPPRODUCTICON.exe
O90 - PUC: "9FC8002245B22204FA8DB3D7248CE9B6" . (.PMB VAIO Edition Plug-in.) -- C:\Windows\Installer\{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}\ARPPRODUCTICON.exe
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "A12B436470CC693498C0B2188666F1AE" . (.Windows Live Writer.) -- C:\Windows\Installer\{4634B21A-CC07-4396-890C-2B8168661FEA}\ApplicationIcon.ico
O90 - PUC: "AF32006D1FD3735439DD3120C44C3E66" . (.Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA.) -- C:\Windows\Installer\{D60023FA-3DF1-4537-93DD-13024CC4E366}\ProductIcon
O90 - PUC: "AFAD45F1162926A45BD9C6F9624BF84E" . (.Roxio Central Tools.) -- C:\Windows\Installer\{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}\RoxioCentral.exe
O90 - PUC: "B202ECA710B134B46BEA306DD626C1ED" . (.Microsoft SQL Server 2008 RsFx Driver.) -- c:\Windows\Installer\{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}\ARPIco
O90 - PUC: "B538A96C5A762454DA42EF633E41B09A" . (.Setup_msm_VOFS_x64.) -- C:\Windows\Installer\{C69A835B-67A5-4542-AD24-FE36E3140BA9}\ARPPRODUCTICON.exe
O90 - PUC: "BE31195E5820DFB43AA77BE9CAB6F8B4" . (.Microsoft SQL Server Compact 3.5 SP1 English.) -- C:\Windows\Installer\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}\ProductIcon
O90 - PUC: "C0711260485C8C1409E6FDD97597F8F6" . (.Objets de gestion Microsoft SQL Server 2008 R2.) -- C:\Windows\Installer\{0621170C-C584-41C8-906E-DF9D57798F6F}\ARPIco
O90 - PUC: "C6BC68A9EA3B212D370117C14C7BD23E" . (.Catalyst Control Center Graphics Full Existing.) -- C:\Windows\Installer\{9A86CB6C-B3AE-D212-7310-711CC4B72DE3}\ARPPRODUCTICON.exe
O90 - PUC: "C6DA26014F086CB4BAC72A88294B798B" . (.LibreOffice 4.0.2.2.) -- C:\Windows\Installer\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}\soffice.ico
O90 - PUC: "C953167FDEC9EA54A915D96650DC554C" . (.Evernote.) -- C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\MainExecutable
O90 - PUC: "CEB1F077178207E48B73BF5852FF3A1B" . (.Windows Live Messenger.) -- C:\Windows\Installer\{770F1BEC-2871-4E70-B837-FB8525FFA3B1}\MsblIco.Exe
O90 - PUC: "D4B9F933BC00C1C4EB8DCE689ABA06A2" . (.PMB VAIO Edition Guide.) -- C:\Windows\Installer\{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}\ARPPRODUCTICON.exe
O90 - PUC: "D56941F2B76595E4DABEA0C21C3EDAFD" . (.Sql Server Customer Experience Improvement Program.) -- c:\Windows\Installer\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}\ARPIco
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D90410441F5258E4A8C3B66AFFFCFBDE" . (.Microsoft SQL Server 2008 Browser.) -- c:\Windows\Installer\{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}\ARPIco
O90 - PUC: "D95E131BC2026C34489C860F3C57141F" . (.Galerie de photos Windows Live.) -- C:\Windows\Installer\{B131E59D-202C-43C6-84C9-68F0C37541F1}\WLXPhotoGalleryIcon.exe
O90 - PUC: "DB990FB7EE0140B41A59AC2E47C249E3" . (.Setup_VEP_x64.) -- C:\Windows\Installer\{7BF099BD-10EE-4B04-A195-CAE2742C943E}\ARPPRODUCTICON.exe
O90 - PUC: "DBA18E807F972C9488F1DFC60B796539" . (.Roxio Central Data.) -- C:\Windows\Installer\{08E81ABD-79F7-49C2-881F-FD6CB0975693}\RoxioCentral.exe
O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\Windows\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico
O90 - PUC: "DF48BCCCCE8C1ACE073C4A92BC1D6EE4" . (.Catalyst Control Center Graphics Previews Vista.) -- C:\Windows\Installer\{CCCB84FD-C8EC-ECA1-70C3-A429CBD1E64E}\ARPPRODUCTICON.exe
O90 - PUC: "E50A609283D274B4582A3D84E573C2F8" . (.Microsoft SQL Server Compact 3.5 SP2 x64 FRA.) -- C:\Windows\Installer\{2906A05E-2D38-4B47-85A2-D3485E372C8F}\ProductIcon
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.3.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "F16A4115180FE04DC164CE0FFE824A74" . (.ccc-core-static.) -- C:\Windows\Installer\{5114A61F-F081-D40E-1C46-ECF0EF28A447}\ARPPRODUCTICON.exe
O90 - PUC: "F26615EF6F8D5B34999D4D98A40FF038" . (.Roxio Easy Media Creator Home.) -- C:\Windows\Installer\{FE51662F-D8F6-43B5-99D9-D4894AF00F83}\ARPPRODUCTICON.exe
O90 - PUC: "F665D1359A5F5ED48B93B831022D38E0" . (.Microsoft SQL Server System CLR Types.) -- C:\Windows\Installer\{531D566F-F5A9-4DE5-B839-8B1320D2830E}\ARPIco
O90 - PUC: "F92F4A37CA13DBE4AAB1C05C1FC8F838" . (.Roxio Central Audio.) -- C:\Windows\Installer\{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}\RoxioCentral.exe
O90 - PUC: "FD97738F5F1E2A347AEB37F258F6DA7B" . (.Microsoft SQL Server Compact 3.5 SP1 x64 English.) -- C:\Windows\Installer\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}\ProductIcon
~ Update Products: 138 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Demand 18/03/2010 113152 |  (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 09/04/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 07/04/2010 202752 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/03/2013 45248 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 04/09/2009 873248 |  (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Auto 21/08/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/08/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 24/10/2009 360224 |  (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SS - | Demand 25/11/2009 313840 |  (Roxio UPnP Renderer 10) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
SS - | Auto 25/11/2009 362992 |  (Roxio Upnp Server 10) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
SR - | Auto 29/01/2011 259192 |  (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SS - | Auto 28/02/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 10/09/2010 108400 |  (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 12/10/2010 423280 |  (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 10/09/2010 67952 |  (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 20/01/2011 286936 |  (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SS - | Auto 18/09/2008 104960 |  (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SS - | Demand 27/09/2010 74496 |  (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
SR - | Auto 02/03/2010 217456 |  (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SS - | Demand 25/03/2010 574320 |  (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SS - | Demand 20/01/2011 887000 |  (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Demand 19/05/2011 549616 |  (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 25/10/2010 387896 |  (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18/02/2011 99104 |  (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Demand 14/02/2011 44736 |  (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 11/08/2010 845312 |  (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by natilyas at 10/05/2013 23:39:41

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



End of the scan (1625 lines in 02mn 48s)(0)