~ Rapport de ZHPDiag v2013.10.13.35 - Nicolas Coolman  (13/10/2013)
~ Lancé par vevere (14/10/2013 17:21:15)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16686
GCIE: Google Chrome v30.0.1599.69 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RMV82
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1497.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
Vuze v5.0.0.0 =>P2P.Azureus

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 250 GB (83%) free of 298 GB

---\\ Mode de connexion au système
~ Computer Name: VEVERE-PC
~ User Name: vevere
~ All Users Names: vevere, Toine 45, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\vevere\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\vevere\AppData\Roaming\
~ %Desktop% : C:\Users\vevere\Desktop\
~ %Favorites% : C:\Users\vevere\Favorites\
~ %LocalAppData% : C:\Users\vevere\AppData\Local\
~ %StartMenu% : C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 250 Go of 298 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 1/18
~ Mon Bureau (My Desktop) : 5/70
~ Menu demarrer (Programs) : 1/26
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.B3A6C62AEB2ABD456328D1F62769DD47] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe   [358024] [PID.4196]
[MD5.F7128E5772F9312F0D111A5FA5D41773] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [20684656] [PID.4400]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.4484]
[MD5.23242FD6C7D4C61807E84FD3A79248C4] - (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\Windows\OEM02Mon.exe   [36864] [PID.4684]
[MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe   [283160] [PID.4692]
[MD5.1C2C16B154291D673DAFF8695F6471F1] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe   [5081912] [PID.5076]
[MD5.0D3745CA2F064F2D6B6388C6AA5D3BC7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [844752] [PID.4756]
[MD5.2176B4590387405E5F2405C3CEF0C02A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8078848] [PID.5848]
[MD5.9330941C8F6DF417F6DBBE998DB6687E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1588]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.1980]
[MD5.986A134B1A1770599B7AF9354CBB066F] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe   [2326920] [PID.1404]
[MD5.8FFF9083252C16FE3960173722605E9E] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe   [13336] [PID.3420]
~ Processes Running:  Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] about:newtab?source=home
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [aaaaabcbmongicmdegkmmfgdickgnnob] Movies Toolbar v.21.56092, (Désactivé) =>Adware.Bandoo
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.1.1.5.2, (Désactivé) =>PUP.Elex
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Désactivé) =>Toolbar.Wajam
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 16 Scanned in 00mn 23s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Lync.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
~ Firefox Browser: 3 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.qvo6.com =>Hijacker.Qvo6
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HomeTab [64Bits] - {2d7ad3eb-ea9e-48d5-a5b5-ecaa2d48341b} . (...) -- C:\Users\vevere\AppData\Roaming\HomeTab\HomeTab.dll (.not file.) =>PUP.CertifiedToolbar
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.dll  =>.Microsoft Corporation
~ BHO: 8 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acronis Sauvegarde en un seul clic..lnk . (.Acronis - Acronis True Image.)  -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe 
O4 - GS\Desktop [Public]: Acronis True Image Home 2010.lnk . (.Acronis - Acronis True Image.)  -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe 
O4 - GS\Desktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.)  -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 
O4 - GS\Desktop [Public]: Age of Mythology Gold.lnk . (.Ensemble Studios - Age of Mythology - The Titans Expansion.)  -- C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe 
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.)  -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
O4 - GS\Desktop [Public]: DAEMON Tools Lite.lnk . (.Disc Soft Ltd - DAEMON Tools Lite.)  -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe  =>.DT Soft Ltd
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop [Public]: Heroes III Armageddon's Blade.lnk . (.The 3DO Company - Heroes of Might and Magic(tm) III.)  -- C:\Program Files (x86)\3DO\Heroes3\h3blade.exe 
O4 - GS\Desktop [Public]: Heroes III The Shadow of Death.lnk . (.The 3DO Company - Heroes of Might and Magic® III.)  -- C:\Program Files (x86)\3DO\Heroes3\Heroes3.exe 
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\Desktop [Public]: Skype.lnk . (...)  -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.7.)  -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  =>.VideoLAN
O4 - GS\Desktop [Public]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...)  -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico 
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.)  -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Money.lnk . (.Microsoft(R) Corporation - Microsoft Money.)  -- C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe 
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.)  -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.)  -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...)  -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.)  -- C:\Windows\system32\xpsrchvw.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.)  -- C:\Windows\system32\displayswitch.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.)  -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\Windows\system32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\system32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\Windows\system32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\system32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\Windows\system32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\Windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\Windows\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.)  -- C:\Windows\system32\OobeFldr.dll  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\Windows\system32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\Windows\system32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Diskeeper 2011.lnk . (.Flexera Software, Inc. - InstallShield.)  -- C:\Windows\Installer\{8E4FBD97-A3B6-450D-A99B-9368ECFB1026}\DiskeeperShortcut.exe 
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.)  -- C:\Windows\system32\perfmon.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\Windows\system32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\Windows\system32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.)  -- C:\Windows\system32\migwiz\postmig.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.)  -- C:\Windows\system32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [vevere]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\QuickLaunch [vevere]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [vevere]: Microsoft Outlook.lnk . (...)  -- C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.exe (.not file.)
O4 - GS\QuickLaunch [vevere]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\TaskBar [vevere]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [vevere]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [vevere]: Outlook 2013.lnk . (...)  -- C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\outicon.exe
O4 - GS\TaskBar [vevere]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [vevere]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [vevere]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Accessories [vevere]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [vevere]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [vevere]: Run.lnk - Clé orpheline
O4 - GS\Accessories [vevere]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [vevere]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [vevere]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
O4 - GS\SendTo [vevere]: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - GS\Desktop [vevere]: Excel 2013.lnk . (...)  -- C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
O4 - GS\Desktop [vevere]: Microsoft Money.lnk . (.Microsoft(R) Corporation - Microsoft Money.)  -- C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe 
O4 - GS\Desktop [vevere]: Musique - Raccourci.lnk . (...)  -- C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms 
O4 - GS\Desktop [vevere]: Word 2013.lnk . (...)  -- C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop [vevere]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [vevere]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\QuickLaunch [Toine 45]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [Toine 45]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\TaskBar [Toine 45]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [Toine 45]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [Toine 45]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Toine 45]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Accessories [Toine 45]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Toine 45]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Toine 45]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Toine 45]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Toine 45]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [Toine 45]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
~ Global Startup: 79 Scanned in 00mn 04s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files (x86)\SigmaTel\C-Major Audio\WDM\sttray64.exe (.not file.) 
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe 
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe  =>.DT Soft Ltd
O4 - HKCU\..\Run: [DellSystemDetect] . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms 
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKCU\..\RunOnce: [Application Restart #0] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [OEM02Mon.exe] . (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\Windows\OEM02Mon.exe  =>.Creative Technology Ltd
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-135296302-3689904380-3089145907-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe  =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-135296302-3689904380-3089145907-1000\..\Run: [DellSystemDetect] . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms 
O4 - HKUS\S-1-5-21-135296302-3689904380-3089145907-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-135296302-3689904380-3089145907-1000\..\RunOnce: [Application Restart #0] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3FCA1125-C8C2-4918-A523-3E83AC0A0067}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{3FCA1125-C8C2-4918-A523-3E83AC0A0067}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{3FCA1125-C8C2-4918-A523-3E83AC0A0067}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + H (AMPPALR3) . (.Intel Corporation - Intel® Centrino® Wireless Bluetooth® + High.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth  (BTHSSecurityMgr) . (.Intel(R) Corporation - Intel(R) BlueTooth(R) HS Security Manager S.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Diskeeper (Diskeeper) . (.Diskeeper Corporation - Diskeeper Service.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: TrueSuiteService (FPLService) . (.AuthenTec, Inc - TrueSuite Service.) - C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) . (.IDT, Inc. - STacSV Module.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configurat (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: 16 Scanned in 00mn 12s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1064]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1068]
[MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [257416]
[MD5.82C362A81EE4E441CD85260C8E9E708A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [251784]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648]
[MD5.00000000000000000000000000000000] [APT] [Protected Search] (...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.)   [0]  =>PUP.CertifiedToolbar
~ Scheduled Task: 11 Scanned in 00mn 07s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acronis True Image Home - (.Acronis.) [HKLM][64Bits] -- {C2F1F96A-057E-5819-B52E-FEA1D1D2933B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Age of Mythology Gold - (.Microsoft.) [HKLM][64Bits] -- Age of Mythology Expansion Pack 1.0
O42 - Logiciel: AuthenTec TrueSuite - (.AuthenTec, Inc..) [HKLM][64Bits] -- {15F8EDF7-B032-438A-9D55-4C6573BBAF19}
O42 - Logiciel: Centre Souris et Claviers Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite  =>.DT Soft Ltd
O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 9204f5692a8faf3b
O42 - Logiciel: Diskeeper 2011  - (.Diskeeper Corporation.) [HKLM][64Bits] -- {8E4FBD97-A3B6-450D-A99B-9368ECFB1026}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Heroes of Might and Magic III Armageddon's Blade - (...) [HKLM][64Bits] --  Heroes of Might and Magic III Armageddon's Blade
O42 - Logiciel: Heroes of Might and Magic® III The Shadow of Death(TM) - (...) [HKLM][64Bits] -- Heroes III The Shadow of Death
O42 - Logiciel: HomeTab 4.8 - (.HomeTab.) [HKLM][64Bits] -- {5b719707-d4d0-4592-a904-9939df8c089f}_is1 =>PUP.CertifiedToolbar
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI
O42 - Logiciel: Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed - (.Intel Corporation.) [HKLM][64Bits] -- {90F00673-A276-4A58-B675-B426D39D1E09}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Laptop Integrated Webcam Driver (1.04.01.1011)   - (...) [HKLM][64Bits] -- Creative OEM002
O42 - Logiciel: Logiciel Intel® PROSet/Wireless WiFi - (.Intel Corporation.) [HKLM][64Bits] -- {ECE5B218-A086-4E18-A362-D11181681457}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML4 Parser - (.Microsoft Game Studios.) [HKLM][64Bits] -- {01501EBA-EC35-4F9F-8889-3BE346E5DA13}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {50A9E459-A2CF-4109-BB73-9079702BEBF2}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM][64Bits] -- Money2005b
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE}
O42 - Logiciel: RICOH R5C83x/84x Media Driver x64 Ver.5.03.03 - (...) [HKLM][64Bits] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM][64Bits] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17}
O42 - Logiciel: Skype™ 6.7 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: VLC media player 2.0.7 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Vuze - (.Azureus Software, Inc..) [HKLM][64Bits] -- 8461-7759-5462-8226 =>P2P.Azureus
O42 - Logiciel: WinRAR 4.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus v8.0.1497.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
~ Logic: 87 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acronis]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\AuthenTec]
[HKCU\Software\Avast Software]
[HKCU\Software\Azureus] =>P2P.Azureus
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\Disc Soft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acronis]
[HKLM\Software\AuthenTec]
[HKLM\Software\Azureus] =>P2P.Azureus
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Diskeeper Corporation]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Protector Suite QL]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sigmatel]
[HKLM\Software\Sonic]
[HKLM\Software\TGUID]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Acronis]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AuthenTec]
[HKLM\Software\Wow6432Node\C07ft5Y]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Creative Tech]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\New World Computing]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerPivot]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SegaSoft]
[HKLM\Software\Wow6432Node\SigmaTel]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
[HKLM\Software\ej-technologies]
[HKLM\Software\tdbg_trace]
~ Key Software: 128 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/06/2013 - 17:02:28 - [396,830] ----D C:\Program Files (x86)\3DO
O43 - CFD: 30/06/2013 - 17:58:45 - [78,791] ----D C:\Program Files (x86)\Acronis
O43 - CFD: 25/06/2013 - 13:10:48 - [120,785] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 24/06/2013 - 23:45:11 - [6,757] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 03/09/2013 - 16:22:30 - [282,847] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 24/06/2013 - 21:53:02 - [26,884] ----D C:\Program Files (x86)\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 01/07/2013 - 10:04:38 - [414,092] ----D C:\Program Files (x86)\Google
O43 - CFD: 25/06/2013 - 00:23:52 - [8,369] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 03/09/2013 - 16:13:06 - [19,653] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/09/2013 - 12:34:14 - [4,885] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 14/10/2013 - 15:55:14 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 24/06/2013 - 22:54:47 - [98,053] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 25/06/2013 - 18:34:13 - [1311,112] ----D C:\Program Files (x86)\Microsoft Games
O43 - CFD: 25/06/2013 - 11:44:39 - [70,213] ----D C:\Program Files (x86)\Microsoft Money 2005
O43 - CFD: 24/06/2013 - 22:54:24 - [96,050] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 24/06/2013 - 23:00:52 - [0,029] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 24/06/2013 - 23:00:51 - [8,445] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 01/08/2013 - 12:42:41 - [0,032] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 27/06/2013 - 03:01:08 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 25/06/2013 - 00:23:54 - [25,961] ----D C:\Program Files (x86)\SigmaTel
O43 - CFD: 09/08/2013 - 13:52:10 - [20,004] R---D C:\Program Files (x86)\Skype
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 25/06/2013 - 16:22:53 - [101,930] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 01/08/2013 - 13:36:31 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 24/06/2013 - 22:16:11 - [5,895] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 24/06/2013 - 22:16:11 - [4,791] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 24/06/2013 - 22:16:10 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 24/06/2013 - 22:16:11 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 24/06/2013 - 22:16:11 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 14/10/2013 - 17:21:08 - [16,995] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 30/06/2013 - 17:59:58 - [79,702] ----D C:\Program Files (x86)\Common Files\Acronis
O43 - CFD: 25/06/2013 - 13:11:23 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 03/09/2013 - 16:22:32 - [15,268] ----D C:\Program Files (x86)\Common Files\AuthenTec
O43 - CFD: 24/06/2013 - 23:41:55 - [3,338] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 25/06/2013 - 11:44:32 - [127,042] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 09/08/2013 - 13:52:09 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 24/06/2013 - 22:16:10 - [10,101] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 30/06/2013 - 18:03:11 - [0,014] ----D C:\ProgramData\Acronis
O43 - CFD: 25/06/2013 - 16:13:23 - [146,880] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 24/06/2013 - 14:47:31 - [20,307] ----D C:\ProgramData\AVAST Software
O43 - CFD: 24/06/2013 - 14:39:40 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/06/2013 - 22:50:09 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 24/06/2013 - 14:58:29 - [0] ----D C:\ProgramData\Diskeeper Corporation
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 03/09/2013 - 16:20:47 - [23,150] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 24/06/2013 - 14:39:40 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 24/06/2013 - 23:45:11 - [0,001] ----D C:\ProgramData\Intel
O43 - CFD: 24/06/2013 - 23:23:45 - [1,315] ----D C:\ProgramData\ma-config.com
O43 - CFD: 14/10/2013 - 15:55:07 - [7,405] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/06/2013 - 14:39:40 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 24/06/2013 - 22:58:44 - [243,787] -S--D C:\ProgramData\Microsoft
O43 - CFD: 28/09/2013 - 19:17:39 - [0,011] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/06/2013 - 23:12:00 - [0,002] ----D C:\ProgramData\Microsoft Toolkit
O43 - CFD: 24/06/2013 - 14:39:40 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 01/07/2013 - 17:26:01 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 24/06/2013 - 23:48:02 - [0] ----D C:\ProgramData\Roaming
O43 - CFD: 09/08/2013 - 13:52:25 - [32,540] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 18/09/2013 - 21:09:50 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 03/09/2013 - 21:44:59 - [0,001] ----D C:\ProgramData\TrueSuite
O43 - CFD: 30/06/2013 - 18:04:43 - [0] ----D C:\Users\vevere\AppData\Roaming\Acronis
O43 - CFD: 25/06/2013 - 13:12:33 - [0,074] ----D C:\Users\vevere\AppData\Roaming\Adobe
O43 - CFD: 03/07/2013 - 09:41:32 - [24,928] ----D C:\Users\vevere\AppData\Roaming\Azureus =>P2P.Azureus
O43 - CFD: 24/06/2013 - 22:51:14 - [1,454] ----D C:\Users\vevere\AppData\Roaming\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 24/06/2013 - 14:40:25 - [0] ----D C:\Users\vevere\AppData\Roaming\Identities
O43 - CFD: 24/06/2013 - 23:57:34 - [0] ----D C:\Users\vevere\AppData\Roaming\InstallShield
O43 - CFD: 24/06/2013 - 23:48:20 - [0,001] ----D C:\Users\vevere\AppData\Roaming\Intel
O43 - CFD: 25/06/2013 - 00:15:32 - [0] ----D C:\Users\vevere\AppData\Roaming\Intel Corporation
O43 - CFD: 24/06/2013 - 22:59:10 - [0,003] ----D C:\Users\vevere\AppData\Roaming\Macromedia
O43 - CFD: 14/10/2013 - 15:55:19 - [35,453] ----D C:\Users\vevere\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\vevere\AppData\Roaming\Media Center Programs
O43 - CFD: 03/10/2013 - 23:49:33 - [43,853] -S--D C:\Users\vevere\AppData\Roaming\Microsoft
O43 - CFD: 18/09/2013 - 21:41:46 - [0,015] ----D C:\Users\vevere\AppData\Roaming\player
O43 - CFD: 14/10/2013 - 17:15:00 - [5,782] ----D C:\Users\vevere\AppData\Roaming\Skype
O43 - CFD: 08/10/2013 - 02:53:02 - [0,077] ----D C:\Users\vevere\AppData\Roaming\vlc
O43 - CFD: 24/06/2013 - 23:26:36 - [1,809] ----D C:\Users\vevere\AppData\Roaming\WinRAR
O43 - CFD: 14/10/2013 - 17:22:23 - [0,764] ----D C:\Users\vevere\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 25/06/2013 - 13:12:33 - [17,592] ----D C:\Users\vevere\AppData\Local\Adobe
O43 - CFD: 24/06/2013 - 14:39:55 - [0] -SH-D C:\Users\vevere\AppData\Local\Application Data
O43 - CFD: 24/06/2013 - 23:16:53 - [8,780] ----D C:\Users\vevere\AppData\Local\Apps
O43 - CFD: 03/09/2013 - 16:24:09 - [0,003] ----D C:\Users\vevere\AppData\Local\AuthenTec
O43 - CFD: 14/10/2013 - 17:14:41 - [0] ----D C:\Users\vevere\AppData\Local\Deployment
O43 - CFD: 17/09/2013 - 20:18:43 - [1,109] ----D C:\Users\vevere\AppData\Local\Diagnostics
O43 - CFD: 24/09/2013 - 13:31:12 - [0,121] ----D C:\Users\vevere\AppData\Local\ElevatedDiagnostics
O43 - CFD: 01/07/2013 - 10:05:13 - [137,351] ----D C:\Users\vevere\AppData\Local\Google
O43 - CFD: 24/06/2013 - 14:39:55 - [0] -SH-D C:\Users\vevere\AppData\Local\Historique
O43 - CFD: 29/09/2013 - 01:32:46 - [143,714] ----D C:\Users\vevere\AppData\Local\Microsoft
O43 - CFD: 02/10/2013 - 01:50:06 - [0,237] ----D C:\Users\vevere\AppData\Local\Microsoft Games
O43 - CFD: 01/07/2013 - 17:34:02 - [0,067] ----D C:\Users\vevere\AppData\Local\Microsoft Help
O43 - CFD: 18/09/2013 - 21:08:21 - [0] ----D C:\Users\vevere\AppData\Local\Programs
O43 - CFD: 18/09/2013 - 21:06:54 - [0] ----D C:\Users\vevere\AppData\Local\Software
O43 - CFD: 14/10/2013 - 17:19:50 - [238,329] ----D C:\Users\vevere\AppData\Local\Temp
O43 - CFD: 24/06/2013 - 14:39:55 - [0] -SH-D C:\Users\vevere\AppData\Local\Temporary Internet Files
O43 - CFD: 25/06/2013 - 11:47:07 - [227,290] ----D C:\Users\vevere\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 15/09/2013 - 02:58:11 - [0] R---D C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 25/06/2013 - 00:39:41 - [0] ----D C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/09/2013 - 21:38:09 - [0] R---D C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24/06/2013 - 14:55:32 - [0,003] ----D C:\Users\vevere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 109 Scanned in 00mn 13s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 14/10/2013 - 14:55:04 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25928]
O44 - LFC:[MD5.FBD4A9726699DE1E118BD364F063A6BC] - 14/10/2013 - 16:11:24 ---A- . (...) -- C:\Windows\PFRO.log   [25428]
O44 - LFC:[MD5.E027BE0212A18829E093893FB9005C75] - 14/10/2013 - 16:11:30 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.60879DDF1334C81C1126BAF9B157A968] - 14/10/2013 - 16:11:32 ---A- . (...) -- C:\Windows\setupact.log   [31766]
O44 - LFC:[MD5.506E413992557C47A15AA2BC47D63EE2] - 14/10/2013 - 16:17:27 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1436229]
O44 - LFC:[MD5.723CF1D813C7EAFC2D0F0D543A7066D8] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.516210C420975429B1221AC88A1A3198] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [121080]
O44 - LFC:[MD5.347B07A646AA9D05DB295419475E2BC4] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [148792]
O44 - LFC:[MD5.86E67910868FD0D155565BF9CB93AB76] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [652148]
O44 - LFC:[MD5.FF489D96A7E848FAEEC876E63AC1A790] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [745306]
O44 - LFC:[MD5.723CF1D813C7EAFC2D0F0D543A7066D8] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.516210C420975429B1221AC88A1A3198] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [121080]
O44 - LFC:[MD5.347B07A646AA9D05DB295419475E2BC4] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [148792]
O44 - LFC:[MD5.86E67910868FD0D155565BF9CB93AB76] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [652148]
O44 - LFC:[MD5.FF489D96A7E848FAEEC876E63AC1A790] - 14/10/2013 - 16:18:23 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [745306]
~ Files: 15 Scanned in 00mn 30s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1E7060E4BECC4DE872DBC74F3143D6B4] - 02/10/2013 - 00:59:57 ---A- - C:\Windows\Prefetch\AOMX.EXE-3061BC5B.pf
O45 - LFCP:[MD5.716563CDE44FA12766095C874D4FAF1C] - 02/10/2013 - 01:00:00 ---A- - C:\Windows\Prefetch\MOVIEPLAYER.EXE-F87B21D3.pf
O45 - LFCP:[MD5.9E696523F1E14E5A9995BE77C7E8C17F] - 02/10/2013 - 13:09:16 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-0E293DD6.pf
O45 - LFCP:[MD5.2B0325693D31D7FBF1BF8D65C26092A1] - 03/10/2013 - 12:53:54 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
O45 - LFCP:[MD5.9BB39965B67CD5E17D2ADD4AD2AE9686] - 04/10/2013 - 09:23:15 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-98369EB7.pf
O45 - LFCP:[MD5.8B0C6387621F1D049BA89B23A0090145] - 04/10/2013 - 09:23:28 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
O45 - LFCP:[MD5.4EA7048D8F07D655C71A9E69C96DB43E] - 06/10/2013 - 15:15:58 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A3E35360.pf
O45 - LFCP:[MD5.BC29E7B88FEC69B326F31A547E5E0289] - 06/10/2013 - 16:00:02 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
O45 - LFCP:[MD5.CE92B641C38437D7791DF65D3E5544FA] - 06/10/2013 - 16:18:51 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf
O45 - LFCP:[MD5.4E8A8A04599C0AD679ADE5FD36DF4979] - 07/10/2013 - 17:50:11 ---A- - C:\Windows\Prefetch\EXCEL.EXE-9A13BBDB.pf
O45 - LFCP:[MD5.14D727C8F6A39EE5DCC9840BE0B546A9] - 08/10/2013 - 00:17:50 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-D066635E.pf
O45 - LFCP:[MD5.0F42B4413D5F862F0B19F52CCBBE0083] - 10/10/2013 - 23:10:07 ---A- - C:\Windows\Prefetch\FLASHPLAYERINSTALLER.EXE-21C59411.pf
O45 - LFCP:[MD5.1C78BE51BB7F9976277BC9281103733D] - 13/10/2013 - 12:36:27 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.A55D490912966EA1D70C31858212F389] - 13/10/2013 - 12:36:33 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf
O45 - LFCP:[MD5.8BE819F221A6482DCFF625E97A7B394A] - 13/10/2013 - 12:36:37 ---A- - C:\Windows\Prefetch\STTRAY64.EXE-C2B24300.pf
O45 - LFCP:[MD5.1CF99540AEA62AA2FF11C44F66F02860] - 13/10/2013 - 12:36:47 ---A- - C:\Windows\Prefetch\DTLITE.EXE-368347E6.pf
O45 - LFCP:[MD5.048CDB40EB34D4FF08F246AA4DF04A13] - 13/10/2013 - 12:36:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-64AA225C.pf
O45 - LFCP:[MD5.E7E3D16AA76BA7BDA557E6947138C001] - 13/10/2013 - 12:37:04 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf
O45 - LFCP:[MD5.19B307551DD1F6598CCC8103769AF2F8] - 13/10/2013 - 12:37:55 ---A- - C:\Windows\Prefetch\SC.EXE-945D79AE.pf
O45 - LFCP:[MD5.37903EC585425FF7A084EEFF636E5E6C] - 13/10/2013 - 12:39:47 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
O45 - LFCP:[MD5.0DC799273A2DF72AEA7B0A7ED1277E03] - 13/10/2013 - 12:40:04 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEONDEMAND.EXE-12A77CA1.pf
O45 - LFCP:[MD5.1544D4E4C441C769DA6CA8FFD1AD7A29] - 13/10/2013 - 12:40:05 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf
O45 - LFCP:[MD5.7049C39A7828C816EB65998754B16605] - 13/10/2013 - 12:46:54 ---A- - C:\Windows\Prefetch\OLICENSEHEARTBEAT.EXE-85E1AF9F.pf
O45 - LFCP:[MD5.E76DB23BD62E0E94FE01A01E4CF3D57C] - 13/10/2013 - 23:37:12 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.9445652177BC37FEE6D8BB5D55D05C62] - 13/10/2013 - 23:38:13 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.608BD1CAA7C33B4B429ABCDDCCECAAF0] - 13/10/2013 - 23:48:57 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.4D537631F1B3E5EDE7522D28EFAA52B5] - 14/10/2013 - 13:44:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C373C89E.pf
O45 - LFCP:[MD5.ECB4955D29AC0BAD6C5C8BBAE594A526] - 14/10/2013 - 13:51:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf
O45 - LFCP:[MD5.8D5E2BC41101AD01DA3D4F15ABFD30A6] - 14/10/2013 - 14:28:39 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.6E2A3918F5D6904D37492D4558FBACDC] - 14/10/2013 - 14:28:52 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-135296302-3689904380-3089145907-1000.db
O45 - LFCP:[MD5.28514541FA42BC883EB931512D9E039F] - 14/10/2013 - 14:28:52 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-135296302-3689904380-3089145907-1000.db
O45 - LFCP:[MD5.1E8EDA54F043365FEEFBF184AF3F9333] - 14/10/2013 - 14:31:44 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.5E53B845AF367A15D3784181B025D9D8] - 14/10/2013 - 14:31:44 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-61AE5AB6.pf
O45 - LFCP:[MD5.AA802B94B2A9F26FA44CAB1787A28FDD] - 14/10/2013 - 14:31:55 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf
O45 - LFCP:[MD5.8C3C021523669BECF7EFE5E81025CB16] - 14/10/2013 - 14:32:06 ---A- - C:\Windows\Prefetch\AVAST.SETUP-B1D66586.pf
O45 - LFCP:[MD5.341E22CA51105873EF3B1986FF7D9ED7] - 14/10/2013 - 14:32:07 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-3B5B9E84.pf
O45 - LFCP:[MD5.4492355B6791EB67D06EFC84F44E0694] - 14/10/2013 - 14:33:08 ---A- - C:\Windows\Prefetch\BTHSAMPPALSERVICE.EXE-D65F3E7C.pf
O45 - LFCP:[MD5.518EB60E72CFACB4AB1ADA3029BF91CB] - 14/10/2013 - 14:42:56 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.E3381A9B6B8DE2C2FB6866C931421ABA] - 14/10/2013 - 14:43:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf
O45 - LFCP:[MD5.0936FFA6CE1DD8DDF99EEBC801072CAF] - 14/10/2013 - 14:46:19 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.ABC28C38F852EB3AF19F975C89C5DB2C] - 14/10/2013 - 14:46:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.B8B52EEC3D43CDC902C8929C672E6250] - 14/10/2013 - 14:47:08 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.23C287CC2315785CABA818BA78696692] - 14/10/2013 - 14:47:13 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf
O45 - LFCP:[MD5.1A28F688A927BC07237FD476CC56332C] - 14/10/2013 - 14:55:19 ---A- - C:\Windows\Prefetch\WMIAPSRV.EXE-29F35ED0.pf
O45 - LFCP:[MD5.81BE236703604215F5FDB7CA1BA602C5] - 14/10/2013 - 15:48:37 ---A- - C:\Windows\Prefetch\OSPPSVC.EXE-E53D3CC0.pf
O45 - LFCP:[MD5.226745693D76F574940EB096B4AF1FED] - 14/10/2013 - 15:53:14 ---A- - C:\Windows\Prefetch\WINWORD.EXE-CECBA770.pf
O45 - LFCP:[MD5.903BDCAA9793D246AE3677F9724ECE86] - 14/10/2013 - 15:58:22 ---A- - C:\Windows\Prefetch\MSOSQM.EXE-14F17915.pf
O45 - LFCP:[MD5.0851B9250B22CFFBDD09BA63A61FAD0D] - 14/10/2013 - 15:58:30 ---A- - C:\Windows\Prefetch\OSE.EXE-533D8AC9.pf
O45 - LFCP:[MD5.CB0F2E9C66317DBDE84AC232D478C249] - 14/10/2013 - 16:02:07 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.B357EB19C81EB049E5C519B9268E40C9] - 14/10/2013 - 16:02:07 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.1F853C0C4705636E4475F738D9931C82] - 14/10/2013 - 16:02:08 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.3AF8AAEE4C6507B8ADE5035E54296731] - 14/10/2013 - 16:02:08 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.02548DA487912C2D31679088CB132C1D] - 14/10/2013 - 16:08:10 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
O45 - LFCP:[MD5.95AF461DE0BF5719684E10089F1C7CD1] - 14/10/2013 - 16:09:43 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.F0AB41578AC8E7CADFE8F3A66BC278E6] - 14/10/2013 - 16:10:55 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.6F51F26116D4C90CE36FAE98A5F18ED4] - 14/10/2013 - 16:13:41 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
O45 - LFCP:[MD5.4F423E47C201939B280EEBA4D543BDFD] - 14/10/2013 - 16:13:44 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.EA5E7BA0136FADCB78A44C9237E2F11C] - 14/10/2013 - 16:13:45 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.DC6B1978D6BE6AC4F562DEF4CC2D24B7] - 14/10/2013 - 16:13:55 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
O45 - LFCP:[MD5.2714AA72E707D0BCA61E94BE3978A0A4] - 14/10/2013 - 16:13:57 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.D18EB7E46231AE59C65E273048254CB2] - 14/10/2013 - 16:14:01 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
O45 - LFCP:[MD5.BC5DD432AF6579238D3569A08B63AD16] - 14/10/2013 - 16:14:01 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.FC5C20FD5B28A7042A62AC28CAEE0721] - 14/10/2013 - 16:14:03 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-6EF4B603.pf
O45 - LFCP:[MD5.D907C78EE4FB71034F1046BBC91449DC] - 14/10/2013 - 16:14:03 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf
O45 - LFCP:[MD5.C2725B0EB4345F6C8AF0291DFEF733C9] - 14/10/2013 - 16:14:03 ---A- - C:\Windows\Prefetch\READER_SL.EXE-38C1D083.pf
O45 - LFCP:[MD5.60639C83C208FDA9499C4191EE6764F5] - 14/10/2013 - 16:14:06 ---A- - C:\Windows\Prefetch\SCHEDHLP.EXE-D0E56EB2.pf
O45 - LFCP:[MD5.4063025EF649A14E0198F9FEB07F21F7] - 14/10/2013 - 16:14:08 ---A- - C:\Windows\Prefetch\BTHSSECURITYMGR.EXE-B9C50DC6.pf
O45 - LFCP:[MD5.B7FBF60D644C0E47B61D3ECF8CE9590C] - 14/10/2013 - 16:14:09 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-56B29A08.pf
O45 - LFCP:[MD5.0E5505676115BF1903A09473EACE2D36] - 14/10/2013 - 16:14:10 ---A- - C:\Windows\Prefetch\DFSVC.EXE-3D1775F1.pf
O45 - LFCP:[MD5.137649F0F3E06FEAFB37737C078189C9] - 14/10/2013 - 16:14:12 ---A- - C:\Windows\Prefetch\OEM02MON.EXE-F2039A93.pf
O45 - LFCP:[MD5.D9D4321E374715B960383264490AE561] - 14/10/2013 - 16:14:16 ---A- - C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf
O45 - LFCP:[MD5.AC06AA9B2F742247C02793F62CE1DD2E] - 14/10/2013 - 16:14:16 ---A- - C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf
O45 - LFCP:[MD5.A0DEF687E7802ACA64110CBBACC8416E] - 14/10/2013 - 16:14:16 ---A- - C:\Windows\Prefetch\DKSERVICE.EXE-EC674E82.pf
O45 - LFCP:[MD5.FC8EA13FD060DF729DB63BD6FF664FD8] - 14/10/2013 - 16:14:16 ---A- - C:\Windows\Prefetch\TRUEIMAGEMONITOR.EXE-812204A3.pf
O45 - LFCP:[MD5.73448984315A50EC3C61B827224C4C1E] - 14/10/2013 - 16:14:19 ---A- - C:\Windows\Prefetch\IASTORDATAMGRSVC.EXE-C086B157.pf
O45 - LFCP:[MD5.A9D0F97A7007BED774E9090752B2D088] - 14/10/2013 - 16:14:20 ---A- - C:\Windows\Prefetch\UPDATER.EXE-EA1310CB.pf
O45 - LFCP:[MD5.3852CA742697186FD2E7FF016242E7CF] - 14/10/2013 - 16:14:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf
O45 - LFCP:[MD5.98A5BF5D533DF48D92B7E7F549E7A600] - 14/10/2013 - 16:14:32 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf
O45 - LFCP:[MD5.66439D7FB1AEAFCE14D7269E60B38C92] - 14/10/2013 - 16:14:36 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.29A493403DF167E326DE0AED2B4B1929] - 14/10/2013 - 16:14:53 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.6E8FECEED957AF44BA8621F4FBA1B940] - 14/10/2013 - 16:15:02 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.60A3DBB25B7B5A08E122DA530A26B66F] - 14/10/2013 - 16:16:03 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.9D58D8F0E7570D3452BC11932169EE68] - 14/10/2013 - 16:16:21 ---A- - C:\Windows\Prefetch\CHROME.EXE-D999B1BA.pf
O45 - LFCP:[MD5.E2E5AE8163CB60C9053F072A3F6D2012] - 14/10/2013 - 16:20:07 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.B6569EA3860AAB0EBB1527538A4C16BC] - 14/10/2013 - 16:20:07 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.712FB3DAB92EF862F2834B5BB32F85AA] - 14/10/2013 - 16:21:00 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.788A4DD0DFD898101E6E2B90EF1B413D] - 14/10/2013 - 16:21:06 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.E6E69DA953050931F410816B22190ACA] - 14/10/2013 - 16:21:09 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
O45 - LFCP:[MD5.7F9EC51A0CF6187429D5B0E33A7ACB71] - 14/10/2013 - 16:21:15 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf
O45 - LFCP:[MD5.A961FA80E67FD05161B36D3A6DD4B452] - 14/10/2013 - 16:21:25 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf
O45 - LFCP:[MD5.39B02827C46FF9804D91065983974A56] - 14/10/2013 - 16:21:25 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.B47DD6A9F8B26091C84A44659D4C8285] - 14/10/2013 - 16:21:29 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.BB52CB1E815BAE652D69A9BC9BAB6907] - 14/10/2013 - 16:21:51 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.1F5204053CBF9F28F1FF205EC100AD8B] - 15/09/2013 - 01:56:33 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/09/2159 - 02:38:47 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.4B94BDDE8D7875D7E620A89A050DF84A] - 17/09/2013 - 19:23:52 ---A- - C:\Windows\Prefetch\MPAS-FE_BD.EXE-BB62FD5E.pf
O45 - LFCP:[MD5.1A7652D33C7ED11647A82AE24B4BD610] - 18/09/2013 - 20:44:18 ---A- - C:\Windows\Prefetch\PING.EXE-7E94E73E.pf
O45 - LFCP:[MD5.0113DB2A37B1953D264AC874A94CA051] - 22/09/2013 - 18:12:11 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.90D163547C311BAD37E5BB0F4174963F] - 22/09/2013 - 18:12:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-89545801.pf
O45 - LFCP:[MD5.8408ABF6D8E3728C90B4C8C36DED02BA] - 24/09/2013 - 12:18:14 ---A- - C:\Windows\Prefetch\DELLSYSTEMDETECT.EXE-2E6807DF.pf
O45 - LFCP:[MD5.74EAF5F4A16604A857C9521E0D71D42F] - 24/09/2013 - 12:31:01 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf
O45 - LFCP:[MD5.2993DE69E8769C4345C117B7A7EB861B] - 24/09/2013 - 12:31:03 ---A- - C:\Windows\Prefetch\CSC.EXE-BE9AC2DF.pf
O45 - LFCP:[MD5.4077A1C66C3396C194C90F3EB5221D45] - 24/09/2013 - 12:31:03 ---A- - C:\Windows\Prefetch\CVTRES.EXE-2B9D810D.pf
O45 - LFCP:[MD5.736FB6279DF0ABF6365C424289C00816] - 25/09/2013 - 03:30:07 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf
O45 - LFCP:[MD5.E54194D4B831D12B2C23D3990F4F2B2A] - 25/09/2013 - 03:38:17 ---A- - C:\Windows\Prefetch\AgCx_SC3_FBB19CD962D1A685.db
O45 - LFCP:[MD5.65225E6B9F514E642E5F7C24D7082451] - 26/09/2013 - 09:53:25 ---A- - C:\Windows\Prefetch\IASTORICON.EXE-FF322740.pf
O45 - LFCP:[MD5.FFD77970E3C06234AAD4D4BAB153842E] - 28/09/2013 - 18:03:28 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER64.EXE-A4D3C329.pf
O45 - LFCP:[MD5.4D751C6B2E6964D15F5DA035B2C06122] - 28/09/2013 - 18:13:48 ---A- - C:\Windows\Prefetch\LODCTR.EXE-3CCE0534.pf
O45 - LFCP:[MD5.7A84FA9CAC2197A52B523F1A2BF260AE] - 28/09/2013 - 18:15:45 ---A- - C:\Windows\Prefetch\ADDINUTIL.EXE-FEF23417.pf
O45 - LFCP:[MD5.432C05F98BDF77CD142343ED5458B077] - 29/09/2013 - 15:57:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1C4D4A73.pf
O45 - LFCP:[MD5.574F7E79B627499AB275D11956AFB32D] - 29/09/2013 - 15:57:32 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf
O45 - LFCP:[MD5.68FBDFCC87D7B3FE53B1C92895EDB245] - 29/09/2013 - 22:26:43 ---A- - C:\Windows\Prefetch\SKYPE.EXE-E71BF59F.pf
~ Prefetcher: 112 Scanned in 00mn 03s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard
O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel
~ IFEO:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2
O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 4 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
~ Drivers: 18 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Archived History   [270336]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Archived History-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Bookmarks   [2223]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\data_0   [45056]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\data_1   [270336]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\data_2   [1056768]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\data_3   [4202496]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000001   [59888]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000002   [37901]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000003   [87502]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000004   [32826]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000005   [58819]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000006   [22324]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000007   [23168]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000008   [22172]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000009   [21572]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00000a   [20724]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00000b   [32343]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00000c   [42076]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00000d   [21272]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00000e   [21399]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00000f   [175993]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000010   [94057]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000011   [27233]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000012   [93065]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000013   [89850]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000014   [77144]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000015   [80104]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000016   [17396]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000017   [19324]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000018   [23460]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000019   [19008]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00001a   [86556]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00001b   [24076]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00001c   [18014]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00001d   [38082]
O61 - LFC: 13/10/2013 - 17:23:23 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00001e   [41792]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00001f   [40798]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000020   [37180]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000021   [72702]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000022   [35954]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000023   [80104]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000024   [20638]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000025   [86530]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000026   [86530]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000027   [22926]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000028   [32298]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000029   [41016]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00002a   [36000]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00002b   [262144]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00002c   [86916]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00002d   [94148]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00002e   [72702]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00002f   [94148]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000030   [86916]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000031   [482084]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000032   [45270]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000033   [23198]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000034   [446140]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000035   [524880]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000036   [535750]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000037   [535750]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000038   [594916]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_000039   [594916]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00003a   [446140]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00003b   [37950]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00003c   [524880]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00003d   [174414]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00003e   [93484]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\f_00003f   [89847]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cache\index   [524656]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cookies   [722944]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Cookies-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Current Session   [60243]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Cookies   [6144]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Cookies-journal   [4640]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Rules\LOCK   [0]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Rules\LOG   [148]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension Rules\MANIFEST-000361   [712]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension State\CURRENT   [16]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension State\LOCK   [0]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension State\LOG   [142]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension State\LOG.old   [257]
O61 - LFC: 13/10/2013 - 17:23:24 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Extension State\MANIFEST-000007   [50]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Favicons   [1361920]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Favicons-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\File System\Origins\CURRENT   [16]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\File System\Origins\LOG   [145]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\File System\Origins\MANIFEST-000016   [279]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\GPUCache\data_0   [45056]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\GPUCache\data_1   [270336]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\GPUCache\data_2   [1056768]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\GPUCache\data_3   [8192]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\GPUCache\index   [262512]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Google Profile.ico   [181623]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\History   [2863104]
O61 - LFC: 13/10/2013 - 17:23:27 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\History-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:28 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Local Storage\http_badoo.com_0.localstorage   [137216]
O61 - LFC: 13/10/2013 - 17:23:28 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Local Storage\http_badoo.com_0.localstorage-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:28 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Local Storage\https_plus.google.com_0.localstorage   [3072]
O61 - LFC: 13/10/2013 - 17:23:28 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Local Storage\https_plus.google.com_0.localstorage-journal   [3608]
O61 - LFC: 13/10/2013 - 17:23:29 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Managed Mode Settings   [8]
O61 - LFC: 13/10/2013 - 17:23:29 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Network Action Predictor   [160768]
O61 - LFC: 13/10/2013 - 17:23:29 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Preferences   [187789]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\QuotaManager   [19456]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\QuotaManager-journal   [8768]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Session Storage\CURRENT   [16]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Session Storage\LOCK   [0]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Session Storage\LOG   [269]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Session Storage\LOG.old   [269]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Session Storage\MANIFEST-000633   [325]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Sync Data\SyncData.sqlite3   [757760]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Sync Data\SyncData.sqlite3-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Top Sites   [425984]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Top Sites-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\TransportSecurity   [1912]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Visited Links   [131072]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Web Data   [88064]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Default\Web Data-journal   [16384]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Local State   [45109]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Bloom_new   [765952]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Cookies   [6144]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Csd Whitelist_new   [0]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Download   [736140]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Download Whitelist_new   [0]
O61 - LFC: 13/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\Solo_175052\Safe Browsing Extension Blacklist_new   [0]
O61 - LFC: 13/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico   [181623]
O61 - LFC: 13/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\1856_21023\crl-set   [262612]
O61 - LFC: 13/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\1856_21023\manifest.fingerprint   [12]
O61 - LFC: 13/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\1856_21023\manifest.json   [34]
O61 - LFC: 13/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\chatsync\36\36769b5b94e46292.dat   [21321]
O61 - LFC: 13/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\chatsync\5e\5e6413b4e19bcb4f.dat   [3402]
O61 - LFC: 13/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\chatsync\88\88adc3e0a9d0f02b.dat   [3109]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Archived History   [57344]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal   [512]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Bookmarks   [1923]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak   [1923]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Cookies   [753664]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [120081]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db   [7168]
O61 - LFC: 14/10/2013 - 17:23:32 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal   [5672]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies   [6144]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal   [4640]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [0]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000385   [712]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT   [16]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG   [0]
O61 - LFC: 14/10/2013 - 17:23:33 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000002   [50]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Favicons   [26624]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT   [16]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG   [145]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old   [145]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000022   [279]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\History   [118784]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [3652]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Last Session   [237]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage   [3072]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal   [3608]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Login Data   [32768]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal   [12848]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 14/10/2013 - 17:23:37 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0   [45056]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1   [270336]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2   [1056768]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_3   [4202496]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Media Cache\index   [524656]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [160768]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [28672]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Preferences   [134002]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\QuotaManager   [17408]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal   [9800]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [0]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [271]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000670   [244]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [12288]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3   [794624]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [20480]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [12824]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [644]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Web Data   [88064]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [16384]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Local State   [44373]
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\manifest.fingerprint   [14]  =>.Google PepperFlash
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\manifest.json   [2054]  =>.Google PepperFlash
O61 - LFC: 14/10/2013 - 17:23:38 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll   [13584776]  =>.Google PepperFlash
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_0   [8192]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_1   [270336]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_2   [8192]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_3   [8192]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\index   [524656]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [8512044]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1595256]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135236]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [751652]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19592]
O61 - LFC: 14/10/2013 - 17:23:39 ---A- . (...) -- C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [6608]
O61 - LFC: 14/10/2013 - 17:23:39 --HA- . (...) -- C:\Users\vevere\AppData\Local\IconCache.db   [2185004]
O61 - LFC: 14/10/2013 - 17:23:40 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\CVRA7C4.tmp.cvr   [0]
O61 - LFC: 14/10/2013 - 17:23:43 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\Skype\DbTemp\temp-aubfZkduzMxEmf4fLtIVO1nw   [0]
O61 - LFC: 14/10/2013 - 17:23:43 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\Skype\DbTemp\temp-quH3vbluQ9xdrLmuAjousb8R   [0]
O61 - LFC: 14/10/2013 - 17:23:45 ---A- . (...) -- C:\Users\vevere\AppData\Local\Temp\~DF8986E3B348006715.TMP   [376832]
O61 - LFC: 14/10/2013 - 17:23:49 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Intel\Wireless\WLANProfiles\Profiles.enc   [48]
O61 - LFC: 14/10/2013 - 17:23:49 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-10-14 (15-56-01).txt   [7888]
O61 - LFC: 14/10/2013 - 17:23:50 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Office\Recent\Hervé et Antoine.doc.LNK   [1215]
O61 - LFC: 14/10/2013 - 17:23:50 --H-- . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Office\Recent\index.dat   [1237]
O61 - LFC: 14/10/2013 - 17:23:50 -SHA- . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Protect\S-1-5-21-135296302-3689904380-3089145907-1000\2004b587-be82-4e4b-a630-d96b7367784c   [468]
O61 - LFC: 14/10/2013 - 17:23:50 -SHA- . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Protect\S-1-5-21-135296302-3689904380-3089145907-1000\Preferred   [24]
O61 - LFC: 14/10/2013 - 17:23:51 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Microsoft\Word\Hervé%20et%20Antoine303290700225361017\Hervé%20et%20Antoine.doc.lnk   [755]
O61 - LFC: 14/10/2013 - 17:23:51 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\bistats.db   [110592]
O61 - LFC: 14/10/2013 - 17:23:51 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\bistats.db-journal   [37448]
O61 - LFC: 14/10/2013 - 17:23:51 R---- . (.Totof.) -- C:\Users\vevere\AppData\Roaming\Microsoft\Word\Hervé%20et%20Antoine303290700225361017\Hervé%20et%20Antoine((Autosaved-303290871155611248)).asd   [25600]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\chatsync\40\40050afda6833ebc.dat   [1532]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\config.xml   [12293]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\dc.db   [86016]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\eas.db   [110592]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\keyval.db   [53248]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\keyval.db-journal   [33344]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\main.db   [1114112]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\main.db-journal   [156464]
O61 - LFC: 14/10/2013 - 17:23:52 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\antoine.cocoual\qikdb\qik_main.db   [28672]
O61 - LFC: 14/10/2013 - 17:23:53 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\shared.xml   [84746]
O61 - LFC: 14/10/2013 - 17:23:53 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\shared_dynco\dc.db   [2334720]
O61 - LFC: 14/10/2013 - 17:23:53 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\Skype\shared_dynco\dc.db-journal   [1256336]
O61 - LFC: 14/10/2013 - 17:23:54 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\ZHP\Log.txt   [38325]  =>.Nicolas Coolman
O61 - LFC: 14/10/2013 - 17:23:54 ---A- . (...) -- C:\Users\vevere\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2884]  =>.Nicolas Coolman
O61 - LFC: 14/10/2013 - 17:23:55 ---A- . (.Malwarebytes Corporation.) -- C:\Users\vevere\Downloads\mbam-setup-1.75.0.1300 (1).exe   [10285040]
O61 - LFC: 14/10/2013 - 17:23:55 ---A- . (.Malwarebytes Corporation.) -- C:\Users\vevere\Downloads\mbam-setup-1.75.0.1300.exe   [10285040]
~ 7 Fichiers temporaires (Temporary files)
~ Files: 246 Scanned in 00mn 36s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 30/06/2013 - C:\Windows\System32\DRIVERS\afcdp.sys (afcdp)  .(.Acronis - File Level CDP Kernel Helper.) - LEGACY_AFCDP
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/08/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 30/08/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr)  .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 14/02/2011 - C:\Windows\System32\DRIVERS\DKRtWrt.sys (DKRtWrt)  .(.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) - LEGACY_DKRTWRT
O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64)  .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64
O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\msahci.sys (msahci)  .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP)  .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 72 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 5176677812824185AFE0ACE617536CA0 - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {D6041261-2FFC-4F15-B261-63D0262BC411} - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 32 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E7BE2C033C6AB0BA199B4717F98BC947] [SPRF][24/06/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\248289950.exe   [3931485]
[MD5.C83670DCBD7FB075FD62BA7398D92984] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\apnuserid.dat   [16]
[MD5.06D5E5E952C61923C9D24C83E7FE1F45] [SPRF][01/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\app.exe   [22937227]
[MD5.75FC093C0EE742F6DDDAA13FFF98F104] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\appid.dat   [3]
[MD5.B3D26A6E8DDE3EF576938F904B84CF83] [SPRF][01/09/2013] (.Pas de propriétaire - SoloApp Setup.) -- C:\Users\vevere\AppData\Local\Temp\apptorun.exe   [5848088]
[MD5.81B637EF7B2A7C8673E518763FC31D32] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\BackupSetup.exe   [10355336]
[MD5.11D751D299B9ABDC77BFF4156C75C4CF] [SPRF][24/06/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\bitool.dll   [38480]
[MD5.32DCED18FFFEA0035E4FA975CA0AE8BE] [SPRF][22/04/2013] (.The Software Group - Software Update Setup.) -- C:\Users\vevere\AppData\Local\Temp\BoxoreInstaller.exe   [620656]  =>Adware.Boxore
[MD5.5BB7F9160A555D16C1C4C8914C976043] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\BundleSweetIMSetup.exe   [9]  =>PUP.SweetIM
[MD5.0E771375445E13429E68CAE720A48B72] [SPRF][03/07/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\i4jdel0.exe   [35224]
[MD5.675CE9743CFACD1A1DA44307035279F2] [SPRF][02/07/2013] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\vevere\AppData\Local\Temp\MouseKeyboardCenterx64_1036.exe   [49882832]
[MD5.D2B48C62D4E77881DF37119BBADB8A0F] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\MybabylonTB.exe   [11]  =>Toolbar.Babylon
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][04/07/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\ngphc2yz.dll   [0]
[MD5.B9C125314A025127FE562C116D614AA3] [SPRF][13/11/2012] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\vevere\AppData\Local\Temp\ose00000.exe   [178824]
[MD5.1B80378EA920FCD0EA146B28C3DBA2AE] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\propsys.dll   [6]
[MD5.6EA18C193AAF14F9EDFF65EED8EFAB2C] [SPRF][09/10/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\Quarantine.exe   [344355]
[MD5.8CB22BDD0B7BA1AB13D742E22EED8DA2] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\sysid.dat   [3]
[MD5.A7ACDA85469933AC2E44F2C7347EBFE2] [SPRF][25/12/2008] (.HomeTab - HomeTab Setup.) -- C:\Users\vevere\AppData\Local\Temp\tbuFA36.exe   [3647864]  =>PUP.CertifiedToolbar
[MD5.BDEE9D936EFB7C76DF778F45F1CF130D] [SPRF][18/09/2013] (...) -- C:\Users\vevere\AppData\Local\Temp\trackid.dat   [6]
[MD5.40395C175553CB14D2050888EFCCDF00] [SPRF][18/09/2013] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\vevere\AppData\Local\Temp\vcredist_x64.exe   [4961800]
[MD5.31E39E9FF261030F71C0209C016580F4] [SPRF][14/10/2013] (...) -- C:\Users\vevere\Desktop\adwcleaner.exe   [1048960]
[MD5.7C57C15651004F88D57232CEC3CB2C66] [SPRF][25/12/2008] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\vevere\Desktop\ZHPDiag2.exe   [6834317]
~ Files: 22 Scanned in 00mn 02s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{38FEF476-3F5E-4EDF-BCB4-352187BD7018}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{3EF3A8D6-A3B4-4B4B-90E6-0C4C1F9CC9FC}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{C280D823-74CA-443D-A8A9-1D57F8E3C11B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{55A0496A-FBB8-4B43-A56B-5F2CF254534C}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{93538BDC-8B4E-4DB3-A83E-F7E9E09AE49C}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{477F9F4B-ABE3-4C4C-AD10-C76A9F42AC54}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{BC41A0B2-CB13-4E8B-8BF2-1CE50A43D5A9}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{9189A90A-3C51-49B8-948F-84A328B6170A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)  =>.Microsoft Corporation
O87 - FAEL: "{59DB4B7D-A4EA-4B28-BCD9-FA755F260A00}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{F833B87B-7F67-4A4E-8C1E-18596B76B5E9}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{79FC72F9-8A58-48C7-A628-BA0DB8919B67}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{BABF44BB-39DA-49E2-AC44-268B78C81F15}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A3AA6F11-BCC1-42EA-A536-CD62E56C44A5}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{780F42E7-8865-4920-A982-64B4988F6A06}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{7E72F361-9FFA-415E-B2A9-A3228EC72C22}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2DE48A56-7AC3-45C4-B978-80D46633EE47}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{36921ECD-CE55-42BF-BDB9-83137314FEFD}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F01357A7-E91B-429C-A8C3-8CBA91B68C48}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{449F9F75-CFFB-4615-832E-4F5ABB292D1F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C5089A6F-78F6-4EB3-B4DC-A2C22259F44E}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{F5655FC4-5E80-474A-8C83-81943B3C856C}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O87 - FAEL: "{899B612F-A2A3-4F54-B751-694384A37F33}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O87 - FAEL: "{B44E6A74-0079-4F38-B789-8EBA10656A14}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\UcMapi.exe
O87 - FAEL: "{64B83134-904E-438B-9F1D-EEE51698672F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\UcMapi.exe
O87 - FAEL: "{B1A5BA58-D0B9-4C1F-A8D5-3DEF58683323}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office15\outlook.exe
O87 - FAEL: "TCP Query User{CF973FA9-847E-4751-9EC5-72B0FEF577F8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation.) -- C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
O87 - FAEL: "UDP Query User{25CCEE1A-CD69-46DA-A140-003E33AEF95C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation.) -- C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
O87 - FAEL: "{3EE42945-7FA4-4EE8-9D1B-6D218FA5295F}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{E62A67BC-6899-4E6E-BFEE-728D5ED4E083}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{BDE03D68-4568-42EE-A86F-4BE67F389457}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{15B30AA0-F726-42E5-A505-A9A3CBCB5951}" | In - Private - P6 - TRUE | .(.Ensemble Studios - Age of Mythology - The Titans Expansion.) -- C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
O87 - FAEL: "{90BE88CE-E26E-445E-B486-D87B8FD65840}" | In - Private - P17 - TRUE | .(.Ensemble Studios - Age of Mythology - The Titans Expansion.) -- C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
O87 - FAEL: "RemoteDesktop-UserMode-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{BE176AD7-0FB3-4B37-BFE2-3E3361A98BCA}" | In - Private - P6 - TRUE | .(.Azureus Software, Inc - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "{3275F94D-CE63-4885-8EC5-535C2F9D881F}" | In - Private - P17 - TRUE | .(.Azureus Software, Inc - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "TCP Query User{E4238628-992A-4062-A08E-9D1429C2BF7E}C:\Program Files\Vuze\Azureus.exe" | In - Public - P6 - TRUE | .(.Azureus Software, Inc - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "UDP Query User{BBA9DF78-B749-4B04-AEC7-628D23B6BE17}C:\Program Files\Vuze\Azureus.exe" | In - Public - P17 - TRUE | .(.Azureus Software, Inc - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "{E3F129B4-4700-4CF9-B2B6-CBCBB5343A63}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O87 - FAEL: "{B3A038D4-4CDF-4FD4-83D4-A5E4ECEF54A5}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O87 - FAEL: "{E792A3FA-DF32-4E6B-972B-4424E3664C36}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\UcMapi.exe
O87 - FAEL: "{494ACA49-B186-43F4-B17B-050EF1542411}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\UcMapi.exe
O87 - FAEL: "TCP Query User{E2CC4371-0C23-4C01-81FC-5B0627230786}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation.) -- C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
O87 - FAEL: "UDP Query User{1ECED880-7E47-4CF9-B76E-72593C7594CC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation.) -- C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
O87 - FAEL: "{A8FC8715-3CDF-4E95-B11F-F2AD76144EF3}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O87 - FAEL: "{A54CDAB9-1B36-4DEA-9C31-EE30B7BE2179}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{81CB644C-4BC8-44ED-A3FC-960D1BF232F4}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{7DB95DFE-D2ED-44BB-94FB-8A10CF197502}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{4E94A6E6-4729-410D-AC10-D3D19FF9EA03}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{DBEA110C-9A29-40DD-A4E8-E43E27306B4A}" | In - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{8458224B-33ED-4D2C-AE66-5A06975D7AF6}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{B34FC528-F18F-4FB4-8E62-06C35991C017}" | In - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{6E52E1A6-36DB-48D3-A9B8-02E23F6DFA8B}" | Out - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{3C5E8910-8297-408D-B04B-349945E78AED}" | In - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{892F8162-E9A1-4BF4-A828-0CBBAB4BEC57}" | Out - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{0D8732FA-9369-458B-ABE9-A0019405064A}" | In - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{303CEC56-9803-4157-BF14-CE94F031BE1F}" | Out - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{DAAA9CE4-ACF5-4DF0-BF23-A04D29FBF14C}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{514E787A-0310-42C1-84D1-17D21D9BD9DC}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{BE5F6116-3998-4D05-84CE-E19FFA6F0912}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{6562FFFC-1E2B-4BC2-81A5-A4C57FA5BC2D}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{F025F159-2737-4FD0-A5B7-1C9BA0DBCEDC}" | In - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{A972D6CA-95F2-46D8-8853-094F5C3F0286}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{FD112B49-0CEB-4327-94E7-C5FFDC1F4E3C}" | In - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{6E6A1BC9-B073-4BF7-A5D5-E97D64848DB6}" | Out - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{4DF1DFFD-2F54-4E31-978C-DAA1C2FC5D53}" | In - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{07E8A2B8-F10A-4EA9-ACAE-F853ED48FAAB}" | Out - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{A94114EC-4B19-45B7-9B72-A3DCB474E452}" | In - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{2256C467-3032-4F76-926B-15E9EE1F4E0C}" | Out - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{0B026420-F1FE-45BC-89E2-A3C6CC3E6492}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "{2D0F9D63-1B34-4469-B32A-2B4D20704616}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{B181A7A8-C6E7-4607-BFCD-969F14741197}" |Out - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{600B3734-E032-49ED-9378-98DA411CF9FF}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{D4556BCE-7678-46BC-9FE7-C163BDCCADDD}" |Out - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll (.not file.) =>PUP.CertifiedToolbar
O87 - FAEL: "{8CC62498-A5BC-4E24-90DF-610A490C1A28}" | In - None - P6 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{FE9E30ED-72CF-4733-957D-8ABBE454FC65}" | Out - None - P6 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{C8743971-D075-4F8D-B342-6FDD8571E7F0}" | In - None - P6 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{DE7853F9-AEE4-4789-A3A3-29E70F01D450}" | Out - None - P6 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{0F1B2FB7-45CF-49AE-A2E2-38B34484B5DD}" | In - None - P6 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{D0DB0B39-1C4F-40EE-AEEE-10A12E40A9FD}" | Out - None - P6 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{E55F003C-004D-4A59-A577-185255E88526}" | In - None - P6 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{FAB9A17F-8E1D-4DE1-A61A-9BB30462FB57}" | Out - None - P6 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
~ Firewall: 248 Scanned in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "00005109F10010400100000000F01FEC" . (.Microsoft Office Proofing Tools 2013 - ????? ???????.) -- C:\Windows\Installer\{90150000-001F-0401-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "00005109F10031400100000000F01FEC" . (.Microsoft Office Proofing Tools 2013 - Nederlands.) -- C:\Windows\Installer\{90150000-001F-0413-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "00005109F10070400100000000F01FEC" . (.Microsoft Office Korrekturhilfen 2013 - Deutsch.) -- C:\Windows\Installer\{90150000-001F-0407-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "00005109F10090400100000000F01FEC" . (.Microsoft Office Proofing Tools 2013 - English.) -- C:\Windows\Installer\{90150000-001F-0409-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "00005109F100A0C00100000000F01FEC" . (.Microsoft Office Proofing Tools 2013 - Español.) -- C:\Windows\Installer\{90150000-001F-0C0A-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "00005109F100C0400100000000F01FEC" . (.Outils de vérification linguistique 2013 de Microsoft Office - Français.) -- C:\Windows\Installer\{90150000-001F-040C-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "0AF7403EB6D26DB4C84D9599551FECD9" . (.Centre Souris et Claviers Microsoft.) -- c:\Windows\Installer\{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}\DeviceCenter.ico
O90 - PUC: "37600F09672A85A46B574B623DD9E190" . (.Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed.) -- C:\Windows\Installer\{90F00673-A276-4A58-B675-B426D39D1E09}\IntelBluetoothICO
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.05) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "79DBF4E86B3AD0549AB93986CEBF0162" . (.Diskeeper 2011 .) -- C:\Windows\Installer\{8E4FBD97-A3B6-450D-A99B-9368ECFB1026}\ARPPRODUCTICON.exe
O90 - PUC: "7FDE8F51230BA834D955C45637BBFA91" . (.AuthenTec TrueSuite.) -- C:\Windows\Installer\{15F8EDF7-B032-438A-9D55-4C6573BBAF19}\ARPPRODUCTICON.exe
O90 - PUC: "812B5ECE680A81E43A261D1118864175" . (.Logiciel Intel® PROSet/Wireless WiFi.) -- C:\Windows\Installer\{ECE5B218-A086-4E18-A362-D11181681457}\ARPPRODUCTICON.exe
O90 - PUC: "954E9A05FC2A9014BB37099707B2BE2F" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{50A9E459-A2CF-4109-BB73-9079702BEBF2}\maconfico
O90 - PUC: "A69F1F2CE75091855BE2EF1A1D2D39B3" . (.Acronis True Image Home.) -- C:\Windows\Installer\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}\product.ico
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.7.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
~ Update Products: 41 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.1BDC7355F909B4CA08D49AE2CBE620BF] [WIS][24/06/2013] (.Diskeeper Corporation - Diskeeper 2011.) -- C:\Windows\Installer\2f0fa.msi   [21046784]
[MD5.B1C861317B5A5D0755FBC53352C4B0A3] [WIS][09/08/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\3c25815.msi   [22614016]
~ WIS: 42 Scanned in 00mn 12s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 12/09/2009 892072 |  (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - | Auto 11/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 10/10/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 20/09/2007 86016 |  (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
SR - | Auto 30/06/2013 2326920 |  (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
SR - | Auto 17/07/2012 659472 |  (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 30/08/2013 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 23/08/2012 135984 |  (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 18/03/2011 2627920 |  (Diskeeper) . (.Diskeeper Corporation.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
SR - | Auto 23/08/2012 629040 |  (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 30/08/2012 296808 |  (FPLService) . (.AuthenTec, Inc.) - C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
SS - | Auto 01/07/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/07/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 05/11/2010 13336 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 09/06/2013 2635600 |  (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 23/08/2012 149296 |  (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Auto 25/07/2013 162672 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 15/02/2008 122880 |  (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/08/2012 3342640 |  (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services:  Scanned in 00mn 15s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by vevere at 14/10/2013 17:24:41
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by vevere at 14/10/2013 17:24:43

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite  =>.DT Soft Ltd
~ Emulateurs:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12946 - (13/10/2013)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 7

[HKLM\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob]   =>Adware.Bandoo^
[HKLM\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo]   =>PUP.Elex^
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D7AD3EB-EA9E-48D5-A5B5-ECAA2D48341B}]   =>PUP.CertifiedToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5b719707-d4d0-4592-a904-9939df8c089f}_is1]   =>PUP.CertifiedToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
C:\Users\vevere\AppData\Local\Software   =>Adware.Boxore
C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob   =>Adware.Bandoo^
C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo   =>PUP.Elex^
C:\Users\vevere\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp   =>Toolbar.Wajam^
C:\Users\vevere\AppData\Local\Temp\BoxoreInstaller.exe   =>Adware.Boxore^
C:\Users\vevere\AppData\Local\Temp\BundleSweetIMSetup.exe   =>PUP.SweetIM^
C:\Users\vevere\AppData\Local\Temp\MybabylonTB.exe   =>Toolbar.Babylon^
C:\Users\vevere\AppData\Local\Temp\tbuFA36.exe   =>PUP.CertifiedToolbar^
~ Additionnel Scan: 206703 Items scanned in 00mn 53s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo  =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/33479906-pup-elex   =>PUP.Elex
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam   =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6   =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/28040039-pup-certifiedtoolbar   =>PUP.CertifiedToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard   =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel   =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim   =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon  =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity   =>PUP.eSafeSecurity
~ MSI: 11 link(s) detected in 00mn 53s



End of the scan (1769 lines in 04mn 25s)(0)