~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman  (17/01/2014)
~ Lancé par cricri (18/01/2014 16:27:42)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v32.0.1700.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6CJ97
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Kaspersky Anti-Virus 2012 v12.0.0.374
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.0 - Français

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2813 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 190 GB (66%) free of 288 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-CRICRI
~ User Name: cricri
~ All Users Names: UpdatusUser, cricri, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\cricri\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\cricri\AppData\Roaming\
~ %Desktop% : C:\Users\cricri\Desktop\
~ %Favorites% : C:\Users\cricri\Favorites\
~ %LocalAppData% : C:\Users\cricri\AppData\Local\
~ %StartMenu% : C:\Users\cricri\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 190 Go of 288 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 42 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 5/6
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 1/190
~ Mon Bureau (My Desktop) : 1/15
~ Menu demarrer (Programs) : 1/24
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe   [1008184] [PID.852]
[MD5.151B2D097C7182898387994CEA34890B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [5369856] [PID.376]
[MD5.5673EC459FA2F335A05594249609BB2B] - (...) -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe   [319488] [PID.1292]
[MD5.2DFA4AD2E8693A6ECA601CA827F7EA12] - (.Pas de propriétaire - Acer Empowering Technology Framework Launch.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe   [319488] [PID.3252]
[MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe   [1821984] [PID.696]
[MD5.4BC8167722B6C79B1B13F1F2076B9EEC] - (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe   [526896] [PID.800]
[MD5.D7EE83A9257D508656172A2B9DD3C317] - (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe   [28672] [PID.3364]
[MD5.A8E2FA5409EE33B9348B997F83298316] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.exe   [1848648] [PID.1552]
[MD5.6C9D5BADC8F83D410A278717C2EEA6F6] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe   [206448] [PID.3244]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe   [125952] [PID.4280]
[MD5.069875499D7891A6A115D6E8BE340D07] - (.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\Program Files\Shareaza\Shareaza.exe   [4999680] [PID.4324]
[MD5.4C926C87AABB8CBDBF6D353582620BD3] - (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe   [696320] [PID.4436]
[MD5.52DAECE3A6EAD495C803499FFB3A507E] - (.PIXELA CORPORATION - Pas de description.) -- C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\GCameraMoniter.exe   [253952] [PID.4512]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe   [37376] [PID.4616]
[MD5.1FDBBD2F2CF2D11E6247734797DEC3C9] - (.Microsoft Corporation - Microsoft Office Client Virtualization Hand.) -- C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.exe   [3207912] [PID.5832]
[MD5.61023CCE1DD979BD802B332D77FBB2C7] - (...) -- C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe   [78624] [PID.5748]
[MD5.43E6F2A7FB182F2D7CB0CE5B8F1005CF] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   [757488] [PID.5380]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.3528]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8336896] [PID.1388]
[MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe   [639776] [PID.3712]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [383264] [PID.3744]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.1404]
[MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe   [873248] [PID.1980]
[MD5.517D30057C726C797764BFD70A55D82A] - (.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe   [269448] [PID.3052]
[MD5.09E6AFFAE6C0E9158BF05C7D08D0107A] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe   [16384] [PID.760]
[MD5.B7DC2580425225C320CEDA78DE55A3D0] - (.Egis Incorporated - Acer eDataSecurity Management Service.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe   [500784] [PID.816]
[MD5.20D3741680AB88269BADCDB161B36705] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe   [24576] [PID.1000]
[MD5.E5E6A7D13BBC0F80B866D021F306BF6C] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.exe   [107912] [PID.1272]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe   [61440] [PID.1400]
[MD5.E0E4A1F81A7D69C595A8A9DDAD084C19] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe   [769432] [PID.1464]
[MD5.A2B6583A5652A385DFF5E4F49AD48761] - (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe   [45056] [PID.1960]
[MD5.40B87FE8A1A9A5AC9E5A91D96F212BCD] - (...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe   [131072] [PID.340]
[MD5.C1C132455200AD4704142442C89D0FA4] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe   [262247] [PID.2240]
[MD5.19D34534176E62F35DDB7DC7B7FF2A87] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe   [207528] [PID.336]
[MD5.283195C5301EADBCF56DEE637573ED12] - (.Pas de propriétaire - app_filter Module.) -- C:\Program Files\bin32\nSvcAppFlt.exe   [598016] [PID.752]
[MD5.3C7BD1EC817D300A8826D49C406D5894] - (.Pas de propriétaire - NVIDIA Corporation.) -- C:\Program Files\bin32\nSvcIp.exe   [163840] [PID.3852]
[MD5.1AEBDC693C74EA55FE05D51FA6573EBC] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe   [523944] [PID.3996]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe   [822504] [PID.124]
[MD5.03E60E0BFA53ED15DC984FA34B44BB0F] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1260320] [PID.2532]
[MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] - (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.exe   [4640000] [PID.4736]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.sweet-page.com =>PUP.SweetPage
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.nationzoom.com =>Hijacker.NationZoom
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Analyse des liens (URL Advisor) v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] Clavier virtuel v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] Kaspersky Anti-banniè re v.12.0.0.374 (Désactivé)
~ Google Browser: 12 Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\cricri\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@canon.com/MycameraPlugin] - (.CANON INC. - CANON iMAGE GATEWAY Mycamera Plugin.) -- C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@Nero.com/KM] - (.Nero AG - Plug-in for detecting Nero Kwik Media..) -- C:\Program Files\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.1] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll  =>.VideoLAN
~ Firefox Browser: 12 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.1.0.) (No version) -- (.not file.)  =>.VideoLAN
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
~ BHO: 8 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{0BF43445-2F28-4351-9252-17FE6E806AA0} Clé orpheline
O3 - Toolbar: Acer eDataSecurity Management - [HKLM]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.Egis Incorporated. - Acer eDataSecurity Management Explorer Tool.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: barre d'outils Orange - [HKLM]{D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{4E44562D-5636-006A-76A7-7A786E7484D7} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acer Arcade Live.lnk . (...)  -- C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.mcl 
O4 - GS\Desktop [Public]: ImageMixer 3 for TOSHIBA.lnk . (.PIXELA CORPORATION - Pas de description.)  -- C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\IMxBrowser.exe 
O4 - GS\Desktop [Public]: L’Album de Works.lnk . (.Microsoft® Corporation - Microsoft® Works PortFolio.)  -- C:\Program Files\Microsoft Works\wkssb.exe  =>.Microsoft Corporation
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\Desktop [Public]: Nero BackItUp 12.lnk . (.Acresso Software Inc. - InstallShield.)  -- C:\Windows\Installer\{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}\BackItUp._AB9F1F47710540918A47B78D2BED5DAD.exe 
O4 - GS\Desktop [Public]: Nero Video 12.lnk . (.Acresso Software Inc. - InstallShield.)  -- C:\Windows\Installer\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}\NewShortcut1_28CF345AD4354131AA47B77D4165D813.exe 
O4 - GS\Desktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.)  -- C:\Program Files\Recuva\recuva.exe 
O4 - GS\Desktop [Public]: Shareaza.lnk . (.Shareaza Development Team - Shareaza Ultimate File Sharing.)  -- C:\Program Files\Shareaza\Shareaza.exe 
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.1.)  -- C:\Program Files\VideoLAN\VLC\vlc.exe  =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader 8.lnk . (...)  -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe
O4 - GS\Program [Public]: Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.)  -- C:\Program Files\Microsoft Works\MSWorks.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Media Center.)  -- C:\Windows\ehome\ehshell.exe 
O4 - GS\Program [Public]: Microsoft Money.lnk . (.Microsoft(R) Corporation - Microsoft Money.)  -- C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe 
O4 - GS\Program [Public]: Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation - Microsoft Office PowerPoint Viewer.)  -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.)  -- C:\Program Files\Windows Calendar\WinCal.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.)  -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.)  -- C:\Program Files\Windows Mail\wab.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.)  -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.)  -- C:\Program Files\Movie Maker\DVDMaker.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live.lnk - Clé orpheline
O4 - GS\Program [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.)  -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.)  -- C:\Program Files\Movie Maker\MOVIEMK.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.)  -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\System32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\Windows\System32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.)  -- C:\Windows\System32\NetProj.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\System32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\Windows\System32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.)  -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\System32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\Windows\System32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\Windows\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.)  -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.)  -- C:\Windows\System32\sdclt.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\Windows\System32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.)  -- C:\Windows\System32\dfrgui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\Windows\System32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.)  -- C:\Windows\System32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\Windows\System32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\Windows\System32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\Windows\System32\taskschd.msc
O4 - GS\Accessories [UpdatusUser]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\System32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [UpdatusUser]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\System32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [UpdatusUser]: Run.lnk - Clé orpheline
O4 - GS\Accessories [UpdatusUser]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [cricri]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [cricri]: Shareaza.lnk . (.Shareaza Development Team - Shareaza Ultimate File Sharing.)  -- C:\Program Files\Shareaza\Shareaza.exe 
O4 - GS\QuickLaunch [cricri]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [cricri]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Program [cricri]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.)  -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O4 - GS\Program [cricri]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Accessories [cricri]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\System32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [cricri]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\System32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [cricri]: Run.lnk - Clé orpheline
O4 - GS\Accessories [cricri]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [cricri]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\SendTo [cricri]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.)  -- C:\Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe 
O4 - GS\SendTo [cricri]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.)  -- C:\Program Files\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe 
O4 - GS\SendTo [cricri]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.)  -- C:\Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe 
O4 - GS\Desktop [cricri]: AVS Video Converter.lnk . (.Online Media Technologies Ltd. - Video Converter.)  -- C:\Program Files\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe 
O4 - GS\Desktop [cricri]: code d'accès.lnk . (...)  -- C:\Users\cricri\Documents\code d'accès.xls 
O4 - GS\Desktop [cricri]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Desktop [cricri]: Music.lnk - Clé orpheline
O4 - GS\Desktop [cricri]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [cricri]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
~ Global Startup: 69 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Camera Monitor.lnk . (.PIXELA CORPORATION - Pas de description.)  -- C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\GCameraMoniter.exe 
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe  =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] . (...) -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe 
O4 - HKLM\..\Run: [EmpoweringTechnology] . (.Pas de propriétaire - Acer Empowering Technology Framework Launch.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe 
O4 - HKLM\..\Run: [eDataSecurity Loader] . (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe 
O4 - HKLM\..\Run: [PCMMediaSharing] . (...) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe 
O4 - HKLM\..\Run: [BkupTray] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe 
O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Incorporated - WR_PopUp.) -- C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe 
O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1680x1050.cmd (.not file.) 
O4 - HKLM\..\Run: [RestartNeroSetup] E:\Installation\SetupX.exe (.not file.) 
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe 
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe 
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice  Manager.) -- C:\Windows\Skytel.exe  =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: [Shareaza] . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\Program Files\Shareaza\Shareaza.exe 
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1670937233-4278526353-2094733994-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1670937233-4278526353-2094733994-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-21-1670937233-4278526353-2094733994-1000\..\Run: [Shareaza] . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\Program Files\Shareaza\Shareaza.exe 
O4 - HKUS\S-1-5-21-1670937233-4278526353-2094733994-1000\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe 
O4 - HKUS\S-1-5-21-1670937233-4278526353-2094733994-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe  =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\kbrd.ico
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\logo.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D9E239F-8E1F-490E-8A2E-36C9885FFF89}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7697A240-CDF3-460E-8D3B-106B11B06E84}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D9E239F-8E1F-490E-8A2E-36C9885FFF89}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7697A240-CDF3-460E-8D3B-106B11B06E84}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D9E239F-8E1F-490E-8A2E-36C9885FFF89}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7697A240-CDF3-460E-8D3B-106B11B06E84}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{0D9E239F-8E1F-490E-8A2E-36C9885FFF89}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{7697A240-CDF3-460E-8D3B-106B11B06E84}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\system32\klogon.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) . (.CyberLink - CLMSServer.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service (eDataSecurity Service) . (.Egis Incorporated - Acer eDataSecurity Management Service.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (...) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (.not file.)
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 17 Scanned in 00mn 08s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1052]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1056]
[MD5.00000000000000000000000000000000] [APT] [4817] (...) -- C:\Users\cricri\AppData\Local\Temp\launchie.vbs \\B (.not file.)   [0]
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe   [257416]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [116648]
~ Scheduled Task: 8 Scanned in 00mn 02s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_9_900_170.ocx
~ Active Setup: 13 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl2.sys
O41 - Driver:  (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver:  (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 99 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AV Input Selection - (.YUAN.) [HKLM] -- {F429ED71-4A8B-457A-85E4-F6398CE73E58}
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1
O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: Acer Arcade Live Main Page - (.Acer Inc..) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}
O42 - Logiciel: Acer DV Magician - (.Acer Inc..) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75}
O42 - Logiciel: Acer DVDivine - (.Acer Inc..) [HKLM] -- {B145EC69-66F5-11D8-9D75-000129760D75}
O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM] -- {8F1B6239-FEA0-450A-A950-B05276CE177C}
O42 - Logiciel: Acer GameZone Console DTV 2.0.1.1 - (.Oberon Media, Inc..) [HKLM] -- Acer GameZone Console_is1
O42 - Logiciel: Acer HomeMedia - (.Acer Inc..) [HKLM] -- {AA4BF92B-2AAF-11DA-9D78-000129760D75}
O42 - Logiciel: Acer HomeMedia Connect - (.Acer Inc..) [HKLM] -- {132888AE-EF67-41C5-BCA2-7D5D2488AB63}
O42 - Logiciel: Acer HomeMedia Trial Creator - (.Acer Inc..) [HKLM] -- {B580C409-E16F-44FF-904D-3AE94E113BE0}
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer SlideShow DVD - (.Acer Inc..) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75}
O42 - Logiciel: Acer VideoMagician - (.Acer Inc..) [HKLM] -- {F79A208D-D929-11D9-9D77-000129760D75}
O42 - Logiciel: Acer eDataSecurity Management - (.Egis Inc..) [HKLM] -- {A5633652-3795-4829-BB0B-644F0279E279}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003}
O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKCU] -- Bubble Dock =>PUP.BubbleDock
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (...) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 2.1 - (...) [HKLM] -- MP Navigator EX 2.1
O42 - Logiciel: Canon MX320 series MP Drivers - (.Canon Inc..) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series
O42 - Logiciel: Canon Utilities CameraWindow DC 8 - (.Canon Inc..) [HKLM] -- CameraWindowDC
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (...) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities ImageBrowser EX - (.Canon Inc..) [HKLM] -- ImageBrowser EX
O42 - Logiciel: Canon Utilities My Printer - (...) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch
O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Enregistrement utilisateur de Canon MX320 series - (...) [HKLM] -- Enregistrement utilisateur de Canon MX320 series  =>.Canon Inc
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: ImageMixer 3 for TOSHIBA - (.PIXELA.) [HKLM] -- {E3A093D6-AE67-4B9B-AB6D-4DF26E313A2A}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Kaspersky Anti-Virus 2012 - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}
O42 - Logiciel: Kaspersky Anti-Virus 2012 - (.Kaspersky Lab.) [HKLM] -- {45E557D6-2271-4F13-8101-C620B4285AB0}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Menu Templates - Starter Kit - (.Nero AG.) [HKLM] -- {B78120A0-CF84-4366-A393-4D0A59BC546C}
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- Money2005b
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA Pilote 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Nero 12 - (.Nero AG.) [HKLM] -- {4744E147-F0F2-4140-825E-B3071FC079F1}
O42 - Logiciel: Nero 12 Content Pack - (.Nero AG.) [HKLM] -- {4E7AC009-5212-499F-942F-A5AA42AE359E}
O42 - Logiciel: Nero Abstract Themes - (.Nero AG.) [HKLM] -- {150D88F1-40AF-4678-A39D-BCE2332F34E5}
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM] -- {DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM] -- {A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}
O42 - Logiciel: Nero Blu-ray Player Help (CHM) - (.Nero AG.) [HKLM] -- {5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM] -- {CF508721-0E1E-4F99-A359-59E4EA8DAEC1}
O42 - Logiciel: Nero Burning ROM Help (CHM) - (.Nero AG.) [HKLM] -- {2890E324-6F3B-4975-8B95-E7D6D80E0226}
O42 - Logiciel: Nero Cliparts - (.Nero AG.) [HKLM] -- {29E2C1C6-D76A-41D3-980F-6E346AA9A6A8}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero CoverDesigner - (.Nero AG.) [HKLM] -- {62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
O42 - Logiciel: Nero Disc Copy Gadget - (.Nero AG.) [HKLM] -- {F1861F30-3419-44DB-B2A1-C274825698B3}
O42 - Logiciel: Nero Disc Menus 1 - (.Nero AG.) [HKLM] -- {EEBF1676-AF87-4266-93D8-0C14A34C4217}
O42 - Logiciel: Nero Disc Menus 2 - (.Nero AG.) [HKLM] -- {FE81E6B5-652B-40E7-B3B2-7171C6F297DA}
O42 - Logiciel: Nero Disc Menus 3 - (.Nero AG.) [HKLM] -- {CE675FBD-75C3-45F1-B6AF-8D250861D536}
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74}
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM] -- {29F67D84-3A70-456E-806A-52301B02070B}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM] -- {5CD2E27A-F2C9-4A87-9A06-DFAF9A182481}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Family and Events Themes - (.Nero AG.) [HKLM] -- {955BF340-C379-4375-AA2F-F3BCB2A498AB}
O42 - Logiciel: Nero Football (Soccer) Themes - (.Nero AG.) [HKLM] -- {7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23}
O42 - Logiciel: Nero Holiday and Sports Themes - (.Nero AG.) [HKLM] -- {504D84ED-AE75-4F85-A68B-BB3D4CB3E169}
O42 - Logiciel: Nero Image Samples - (.Nero AG.) [HKLM] -- {C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A}
O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM] -- {052A1E34-A54B-458C-A4E3-24C3E054754A}
O42 - Logiciel: Nero Kwik Media Help (CHM) - (.Nero AG.) [HKLM] -- {1F16820E-D0E7-4636-939E-45CBFEFB06E1}
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM] -- {1B6F5E51-575E-4693-BCA2-7543570D076D}
O42 - Logiciel: Nero PiP Effects 1 - (.Nero AG.) [HKLM] -- {4D25D881-7183-462F-95C8-990CA1944E0B}
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM] -- {ACE49D50-19CD-44A6-B192-46F985283B26}
O42 - Logiciel: Nero Platinum Effects 12 - (.Nero AG.) [HKLM] -- {8B5AD338-7ABC-4ECB-9C2C-687F84AEDDB1}
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM] -- {1943C3BD-4462-4612-92C3-D36DD917C447}
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM] -- {359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
O42 - Logiciel: Nero Recode Help (CHM) - (.Nero AG.) [HKLM] -- {86847081-B387-4F49-AED1-C9B0A090D66C}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM] -- {B953732D-B623-4E84-B369-CFFF7B1AE06F}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Retro Film Themes - (.Nero AG.) [HKLM] -- {83A4E573-E2C2-46FB-9DA6-6A2BBBF5A588}
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM] -- {83FCCFCD-46E3-43FB-A397-78BFD5A8980A}
O42 - Logiciel: Nero Video Help (CHM) - (.Nero AG.) [HKLM] -- {B128179D-A5E1-43AC-9422-12A109ECD2A0}
O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A}
O42 - Logiciel: Nero Video Transitions 1 - (.Nero AG.) [HKLM] -- {22856BC3-F893-4CBF-95F2-E1F63CD2B1AB}
O42 - Logiciel: NeroBurningROM - (.Nero AG.) [HKLM] -- {D025A639-B9C9-417D-8531-208859000AF8}
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: Shareaza 2.7.1.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1
O42 - Logiciel: SoundTrax - (.Nero AG.) [HKLM] -- {C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
O42 - Logiciel: TP-LINK Wireless Client Utility - (.TP-LINK.) [HKLM] -- {1E03C8BE-0848-430F-BECA-7D7709401626}
O42 - Logiciel: VLC media player 2.1.1 - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WPM17.8.0.3325 - (.Cherished Technololgy LIMITED.) [HKLM] -- WPM =>PUP.WpManager
O42 - Logiciel: Welcome App (Start-up experience) - (.Nero AG.) [HKLM] -- {828175FA-7307-4DBF-95AD-9CEE086B6F45}
O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR
O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 46 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVS4YOU]
[HKCU\Software\AcerUtil]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow]
[HKCU\Software\Audacity]
[HKCU\Software\CDDB]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Carambis]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EffectMgr]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\NeroDigital]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Orange]
[HKCU\Software\PIXELA]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Shareaza]
[HKCU\Software\Software]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\eSobi]
[HKCU\Software\mozilla]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\America Online]
[HKLM\Software\Atheros]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\Intel]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Loader]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicMatch]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Orange]
[HKLM\Software\PIXELA]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Shareaza]
[HKLM\Software\SimDebug]
[HKLM\Software\Sonic]
[HKLM\Software\SuppHelpDir]
[HKLM\Software\TP-LINK]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\Yahoo]
[HKLM\Software\dotNetInstaller]
[HKLM\Software\muvee Technologies]
[HKLM\Software\webtogo]
~ Key Software: 262 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/05/2013 - 19:57:52 - [71,251] ----D C:\Program Files\Acer
O43 - CFD: 09/05/2008 - 03:04:17 - [603,605] ----D C:\Program Files\Acer Arcade Live
O43 - CFD: 17/05/2013 - 09:03:04 - [138,486] ----D C:\Program Files\Acer GameZone
O43 - CFD: 12/05/2013 - 20:59:42 - [0] ----D C:\Program Files\Acer Incorporated
O43 - CFD: 09/05/2008 - 03:03:40 - [191,087] ----D C:\Program Files\Adobe
O43 - CFD: 16/05/2013 - 20:23:02 - [64,442] ----D C:\Program Files\AVS4YOU
O43 - CFD: 09/05/2008 - 02:33:45 - [31,007] ----D C:\Program Files\bin32
O43 - CFD: 16/05/2013 - 07:39:05 - [408,547] ----D C:\Program Files\Canon
O43 - CFD: 15/05/2013 - 11:29:47 - [15,322] --H-D C:\Program Files\CanonBJ
O43 - CFD: 16/01/2014 - 18:32:43 - [446,955] ----D C:\Program Files\Common Files
O43 - CFD: 09/05/2008 - 02:59:45 - [4,553] ----D C:\Program Files\CyberLink
O43 - CFD: 09/06/2013 - 11:00:52 - [0] ----D C:\Program Files\Driver Manager
O43 - CFD: 12/05/2013 - 19:55:27 - [0] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 19/11/2013 - 11:28:03 - [520,175] ----D C:\Program Files\Google
O43 - CFD: 14/01/2014 - 17:10:46 - [0] ----D C:\Program Files\HiDefMedia
O43 - CFD: 19/11/2013 - 09:43:23 - [103,085] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 12/12/2013 - 03:20:28 - [5,335] ----D C:\Program Files\Internet Explorer
O43 - CFD: 01/06/2013 - 18:17:52 - [117,190] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 09/05/2008 - 02:33:37 - [0] ----D C:\Program Files\log
O43 - CFD: 18/01/2014 - 14:34:06 - [13,250] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 01/06/2013 - 18:13:19 - [0,005] ----D C:\Program Files\McAfee
O43 - CFD: 13/09/2013 - 02:06:28 - [10,024] ----D C:\Program Files\Microsoft Application Virtualization Client
O43 - CFD: 02/11/2006 - 13:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 29/08/2013 - 20:15:01 - [0] ----D C:\Program Files\Microsoft Money
O43 - CFD: 29/08/2013 - 20:26:04 - [70,136] ----D C:\Program Files\Microsoft Money 2005
O43 - CFD: 28/11/2013 - 18:22:55 - [5,428] ----D C:\Program Files\Microsoft Office
O43 - CFD: 15/01/2014 - 14:03:53 - [40,851] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 28/11/2013 - 18:22:53 - [143,674] ----D C:\Program Files\Microsoft Works
O43 - CFD: 28/11/2013 - 18:22:55 - [0,023] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 19/05/2013 - 17:21:35 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 25/05/2013 - 18:05:12 - [0] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 13:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 12/05/2013 - 20:58:58 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 15/06/2013 - 15:36:08 - [-1528,103] ----D C:\Program Files\Nero
O43 - CFD: 09/05/2008 - 03:32:28 - [217,166] ----D C:\Program Files\NewTech Infosystems
O43 - CFD: 20/07/2013 - 11:21:59 - [582,939] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 17/07/2013 - 08:12:06 - [76,745] ----D C:\Program Files\Orange
O43 - CFD: 12/05/2013 - 20:39:02 - [30,681] ----D C:\Program Files\PIXELA
O43 - CFD: 09/05/2008 - 02:33:44 - [0,061] ----D C:\Program Files\profile
O43 - CFD: 09/05/2008 - 02:43:39 - [16,482] ----D C:\Program Files\Realtek
O43 - CFD: 05/01/2014 - 18:19:46 - [4,801] ----D C:\Program Files\Recuva
O43 - CFD: 02/11/2006 - 13:37:34 - [36,910] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 20/12/2013 - 15:12:35 - [22,691] ----D C:\Program Files\Shareaza
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 25/05/2013 - 18:09:32 - [0,043] ----D C:\Program Files\Uninstaller
O43 - CFD: 15/05/2013 - 19:43:32 - [103,923] ----D C:\Program Files\VideoLAN
O43 - CFD: 19/05/2013 - 17:21:35 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 19/05/2013 - 17:21:33 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 19/05/2013 - 17:21:28 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 11/07/2013 - 06:55:05 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 20/05/2013 - 09:07:35 - [8,694] ----D C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 19/05/2013 - 17:21:33 - [4,290] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 12/05/2013 - 19:55:27 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 19/05/2013 - 17:21:33 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 20/05/2013 - 09:08:09 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 19/05/2013 - 17:21:34 - [26,245] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 12/05/2013 - 20:59:13 - [1,884] ----D C:\Program Files\YUAN
O43 - CFD: 18/01/2014 - 16:27:37 - [23,808] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 09/05/2008 - 03:03:45 - [10,315] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 16/05/2013 - 20:22:56 - [88,297] ----D C:\Program Files\Common Files\AVSMedia
O43 - CFD: 16/05/2013 - 07:30:38 - [0,001] ----D C:\Program Files\Common Files\CANON
O43 - CFD: 12/05/2013 - 20:33:13 - [4,242] ----D C:\Program Files\Common Files\Canon_Inc_IC
O43 - CFD: 30/05/2013 - 20:16:12 - [0,095] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 09/05/2008 - 02:52:03 - [6,458] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 09/05/2008 - 03:32:03 - [6,846] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 28/11/2013 - 18:22:55 - [249,294] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 15/06/2013 - 16:26:00 - [27,837] ----D C:\Program Files\Common Files\Nero
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/05/2013 - 09:07:26 - [14,371] ----D C:\Program Files\Common Files\System
O43 - CFD: 04/09/2013 - 20:59:32 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 09/05/2008 - 03:04:50 - [0,015] ----D C:\ProgramData\Acer GameZone Console
O43 - CFD: 24/08/2013 - 19:35:55 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 14:02:03 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 16/05/2013 - 20:23:57 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 12/05/2013 - 19:55:27 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 15/05/2013 - 07:14:33 - [19,928] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 14/10/2013 - 17:41:11 - [0] ----D C:\ProgramData\CanonIJ
O43 - CFD: 16/05/2013 - 20:19:52 - [0] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 16/05/2013 - 08:11:52 - [0] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 16/05/2013 - 07:39:18 - [0] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 03/01/2014 - 08:55:14 - [0,031] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 28/05/2013 - 11:03:38 - [0,002] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 16/05/2013 - 07:39:21 - [0] --H-D C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 12/05/2013 - 20:28:43 - [0,235] ----D C:\ProgramData\Canon_Inc_IC
O43 - CFD: 13/05/2013 - 06:38:07 - [0,056] ----D C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 14:02:03 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:03 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 15/05/2013 - 09:59:09 - [0] ----D C:\ProgramData\eSobi
O43 - CFD: 12/05/2013 - 19:55:27 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:03 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 09/05/2008 - 03:05:30 - [0] ----D C:\ProgramData\FloodLightGames
O43 - CFD: 19/11/2013 - 11:28:07 - [0,518] ----D C:\ProgramData\Google
O43 - CFD: 18/01/2014 - 16:11:08 - [1221,419] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 15/05/2013 - 18:47:02 - [0,002] ----D C:\ProgramData\LightScribe
O43 - CFD: 18/08/2013 - 10:33:33 - [7,704] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 01/06/2013 - 18:13:20 - [0,005] ----D C:\ProgramData\McAfee
O43 - CFD: 12/05/2013 - 19:55:27 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 04/09/2013 - 20:59:06 - [1222,982] -S--D C:\ProgramData\Microsoft
O43 - CFD: 28/11/2013 - 18:23:14 - [0,054] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 12/05/2013 - 19:55:27 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 15/06/2013 - 16:25:46 - [35,056] ----D C:\ProgramData\Nero
O43 - CFD: 18/01/2014 - 16:10:22 - [2,493] ----D C:\ProgramData\NVIDIA
O43 - CFD: 20/05/2013 - 08:04:06 - [1,052] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 12/05/2013 - 20:50:30 - [7,360] ----D C:\ProgramData\PIXELA
O43 - CFD: 01/06/2013 - 18:10:52 - [0] ----D C:\ProgramData\SiteAdvisor
O43 - CFD: 02/11/2006 - 14:02:03 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/05/2013 - 18:08:48 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 21/07/2013 - 17:02:20 - [0,009] ----D C:\ProgramData\TP-LINK
O43 - CFD: 24/11/2013 - 17:47:24 - [7,237] ----D C:\ProgramData\Virtualized Applications
O43 - CFD: 24/12/2013 - 04:49:22 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 02/08/2013 - 12:45:18 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 28/11/2013 - 18:25:08 - [6,585] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 25/05/2013 - 18:07:49 - [0] -SH-D C:\Users\cricri\AppData\Roaming\.#
O43 - CFD: 09/05/2008 - 03:04:50 - [0,026] ----D C:\Users\cricri\AppData\Roaming\Acer GameZone Console
O43 - CFD: 15/05/2013 - 19:58:37 - [1,723] ----D C:\Users\cricri\AppData\Roaming\Adobe
O43 - CFD: 30/05/2013 - 20:19:39 - [0,001] ----D C:\Users\cricri\AppData\Roaming\Audacity
O43 - CFD: 16/05/2013 - 20:23:58 - [0,011] ----D C:\Users\cricri\AppData\Roaming\AVS4YOU
O43 - CFD: 26/08/2013 - 17:46:54 - [0,053] ----D C:\Users\cricri\AppData\Roaming\canon
O43 - CFD: 15/05/2013 - 11:33:11 - [0,003] ----D C:\Users\cricri\AppData\Roaming\CANON INC
O43 - CFD: 15/05/2013 - 20:48:19 - [0] ----D C:\Users\cricri\AppData\Roaming\Carambis
O43 - CFD: 13/05/2013 - 06:38:02 - [0] ----D C:\Users\cricri\AppData\Roaming\CyberLink
O43 - CFD: 27/12/2013 - 15:26:36 - [0] ----D C:\Users\cricri\AppData\Roaming\dvdcss
O43 - CFD: 15/05/2013 - 09:58:56 - [0,117] ----D C:\Users\cricri\AppData\Roaming\eSobi
O43 - CFD: 12/10/2013 - 18:12:18 - [0] ----D C:\Users\cricri\AppData\Roaming\Google
O43 - CFD: 12/05/2013 - 19:58:44 - [0] ----D C:\Users\cricri\AppData\Roaming\Identities
O43 - CFD: 12/05/2013 - 20:03:04 - [0,003] ----D C:\Users\cricri\AppData\Roaming\Macromedia
O43 - CFD: 18/08/2013 - 10:33:44 - [33,123] ----D C:\Users\cricri\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\cricri\AppData\Roaming\Media Center Programs
O43 - CFD: 30/06/2013 - 18:37:58 - [0] ----D C:\Users\cricri\AppData\Roaming\Media Player Classic
O43 - CFD: 16/01/2014 - 19:16:58 - [23,111] -S--D C:\Users\cricri\AppData\Roaming\Microsoft
O43 - CFD: 30/06/2013 - 19:05:28 - [0] ----D C:\Users\cricri\AppData\Roaming\Mozilla
O43 - CFD: 17/06/2013 - 20:05:15 - [14,729] ----D C:\Users\cricri\AppData\Roaming\Nero
O43 - CFD: 19/05/2013 - 15:48:17 - [0] ----D C:\Users\cricri\AppData\Roaming\PeerNetworking
O43 - CFD: 25/05/2013 - 19:10:55 - [0,016] ----D C:\Users\cricri\AppData\Roaming\player
O43 - CFD: 25/05/2013 - 20:33:46 - [14,554] ----D C:\Users\cricri\AppData\Roaming\Shareaza
O43 - CFD: 18/01/2014 - 16:08:50 - [5,319] ----D C:\Users\cricri\AppData\Roaming\SoftGrid Client
O43 - CFD: 30/05/2013 - 20:17:47 - [0] ----D C:\Users\cricri\AppData\Roaming\TP
O43 - CFD: 12/01/2014 - 18:41:20 - [0,197] ----D C:\Users\cricri\AppData\Roaming\vlc
O43 - CFD: 18/01/2014 - 16:28:09 - [2,460] ----D C:\Users\cricri\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 24/11/2013 - 17:47:39 - [0,009] ----D C:\Users\cricri\AppData\Roaming\{90140011-0066-040C-0000-0000000FF1CE}
O43 - CFD: 13/05/2013 - 06:38:05 - [0,007] ----D C:\Users\cricri\AppData\Local\Acer Arcade Live
O43 - CFD: 19/11/2013 - 11:34:22 - [0,226] ----D C:\Users\cricri\AppData\Local\Adobe
O43 - CFD: 12/05/2013 - 19:57:25 - [0] -SH-D C:\Users\cricri\AppData\Local\Application Data
O43 - CFD: 13/05/2013 - 06:35:24 - [1,594] ----D C:\Users\cricri\AppData\Local\Apps
O43 - CFD: 09/11/2013 - 11:05:17 - [0,028] ----D C:\Users\cricri\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 13/05/2013 - 06:35:33 - [0] ----D C:\Users\cricri\AppData\Local\Deployment
O43 - CFD: 12/05/2013 - 20:54:44 - [69,470] ----D C:\Users\cricri\AppData\Local\Downloaded Installations
O43 - CFD: 08/11/2013 - 18:17:10 - [242,392] ----D C:\Users\cricri\AppData\Local\Google
O43 - CFD: 12/05/2013 - 19:57:25 - [0] -SH-D C:\Users\cricri\AppData\Local\Historique
O43 - CFD: 14/01/2014 - 18:42:18 - [1500,385] ----D C:\Users\cricri\AppData\Local\Microsoft
O43 - CFD: 23/11/2013 - 19:07:36 - [0] ----D C:\Users\cricri\AppData\Local\Microsoft Help
O43 - CFD: 07/09/2013 - 18:08:14 - [0,040] ----D C:\Users\cricri\AppData\Local\MigWiz
O43 - CFD: 25/12/2013 - 15:57:32 - [36,122] ----D C:\Users\cricri\AppData\Local\Nero
O43 - CFD: 20/05/2013 - 15:50:59 - [0,015] ----D C:\Users\cricri\AppData\Local\Nero_AG
O43 - CFD: 17/07/2013 - 15:51:45 - [0] ----D C:\Users\cricri\AppData\Local\Orange
O43 - CFD: 12/05/2013 - 19:59:12 - [0] ----D C:\Users\cricri\AppData\Local\PowerCinema
O43 - CFD: 28/11/2013 - 18:25:02 - [0,272] ----D C:\Users\cricri\AppData\Local\Seven Zip
O43 - CFD: 21/05/2013 - 19:55:44 - [0] ----D C:\Users\cricri\AppData\Local\Shareaza
O43 - CFD: 24/11/2013 - 17:47:39 - [1,930] ----D C:\Users\cricri\AppData\Local\SoftGrid Client
O43 - CFD: 18/01/2014 - 16:27:39 - [465,699] ----D C:\Users\cricri\AppData\Local\Temp
O43 - CFD: 12/05/2013 - 19:57:25 - [0] -SH-D C:\Users\cricri\AppData\Local\Temporary Internet Files
O43 - CFD: 29/06/2013 - 06:40:44 - [4,905] ----D C:\Users\cricri\AppData\Local\VirtualStore
O43 - CFD: 04/09/2013 - 20:59:32 - [0] ----D C:\Users\cricri\AppData\Local\Windows Live
O43 - CFD: 20/05/2013 - 09:23:56 - [0,016] ----D C:\Users\cricri\AppData\Local\WindowsUpdate
O43 - CFD: 21/01/2008 - 03:42:46 - [0,015] R---D C:\Users\cricri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/05/2013 - 19:58:57 - [0] R---D C:\Users\cricri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/05/2013 - 20:22:58 - [0,001] ----D C:\Users\cricri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 21/01/2008 - 03:42:46 - [0,001] R---D C:\Users\cricri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/05/2013 - 19:58:57 - [0] R---D C:\Users\cricri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 171 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 13/01/2014 - 12:53:50 ---A- . (...) -- C:\Windows\NeroDigital.ini   [69]
O44 - LFC:[MD5.EF716487D7E6F2A51BF2D1ECD201B70B] - 13/01/2014 - 13:11:14 ---A- . (...) -- C:\Windows\setupact.log   [3483]
O44 - LFC:[MD5.D5AD6FE415664BFD94384A30AAC5488B] - 15/01/2014 - 19:02:58 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe   [83425928]
O44 - LFC:[MD5.A75DB5E815CA9A8768F469FB910BF92B] - 16/01/2014 - 19:22:30 ---A- . (...) -- C:\Windows\wininit.ini   [63]
O44 - LFC:[MD5.F4002152093DFDB9B4A40B04B0265F05] - 16/01/2014 - 20:28:03 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 18/01/2014 - 14:34:03 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [22856]
O44 - LFC:[MD5.932DD159BF4661B2D1BDFAC22AF6A411] - 18/01/2014 - 16:10:19 ---A- . (...) -- C:\Windows\PFRO.log   [4434028]
O44 - LFC:[MD5.ED730A28FFF9752197FE919AF91BA2F1] - 18/01/2014 - 16:10:21 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 18/01/2014 - 16:10:37 ---A- . (...) -- C:\Windows\System32\agent.log   [147]
O44 - LFC:[MD5.5D89BB9CEDB07E9F2E56F9FDF0F519AC] - 18/01/2014 - 16:14:37 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [2018331]
O44 - LFC:[MD5.8B8C16E9217E6081B22CD447E5E3126B] - 18/01/2014 - 16:15:34 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1609510]
O44 - LFC:[MD5.7BFB0BE6E116998935B57B41CCDB80F4] - 18/01/2014 - 16:15:34 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [118334]
O44 - LFC:[MD5.63E623EF57529F8963AFB0FDFAB698AB] - 18/01/2014 - 16:15:34 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [144262]
O44 - LFC:[MD5.860450E1E931A00E3D31CFE358F40547] - 18/01/2014 - 16:15:34 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [631966]
O44 - LFC:[MD5.2409AB944630948F46A0EA1075ADAD9F] - 18/01/2014 - 16:15:34 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [719322]
~ Files: 15 Scanned in 00mn 04s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.47CD947DBCD12EC91B500D9FEC7F0DA1] - 03/01/2014 - 13:07:36 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-62E74733.pf
O45 - LFCP:[MD5.7ECF1035D511C74FA2FE3F516E2326BE] - 03/01/2014 - 16:30:15 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.165.887.0.EXE-6508BBEC.pf
O45 - LFCP:[MD5.43D26FE4EBA0ED617307F2AC565DEDC2] - 03/01/2014 - 16:30:17 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-CFDEE468.pf
O45 - LFCP:[MD5.6C4F3BEE9D82904713B4ED5CE56375EB] - 04/01/2014 - 12:13:20 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
O45 - LFCP:[MD5.0230056BA2E29E95B9A5D1C9D3425F69] - 04/01/2014 - 12:20:04 ---A- - C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf
O45 - LFCP:[MD5.4EA9EA0F4A0CAB65730C9755B114D3FD] - 04/01/2014 - 14:33:54 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.2036950530C2C7EEA7D2AF2571FE845C] - 04/01/2014 - 15:01:37 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf
O45 - LFCP:[MD5.44B70F11FDE23DF78E59E25B475635FC] - 04/01/2014 - 15:01:39 ---A- - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf
O45 - LFCP:[MD5.D2C312C69D1957E55322F715DB6B24F9] - 05/01/2014 - 12:05:03 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6FCDC72B.pf
O45 - LFCP:[MD5.345F4EF866BAC7987AB5C93E23434453] - 05/01/2014 - 17:05:59 ---A- - C:\Windows\Prefetch\RCSETUP149.EXE-C1A1C904.pf
O45 - LFCP:[MD5.3C1163DE841A109603308B38510F8E55] - 05/01/2014 - 17:06:11 ---A- - C:\Windows\Prefetch\NSBEE4.TMP-8347E687.pf
O45 - LFCP:[MD5.01E80A36B35E1E945E294ABBDC5BE5DB] - 05/01/2014 - 17:14:59 ---A- - C:\Windows\Prefetch\NSCB91.TMP-43DAC55D.pf
O45 - LFCP:[MD5.32AC9F4F7A6D2ED92E0DD0E8AE0B83DC] - 05/01/2014 - 17:15:03 ---A- - C:\Windows\Prefetch\RCSETUP148_982.EXE-CE26FE31.pf
O45 - LFCP:[MD5.E35E7DCA3D9A0B94CEDBB27AAFF5C5D2] - 05/01/2014 - 18:19:56 ---A- - C:\Windows\Prefetch\RECUVA.EXE-1A090312.pf
O45 - LFCP:[MD5.29EFED7FB64E6D65A39A086F82956955] - 10/01/2014 - 14:55:44 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.165.1076.0.EXE-A8C28137.pf
O45 - LFCP:[MD5.C150A30157F0FA0FF907F14BE4803BF9] - 10/01/2014 - 14:55:46 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-C291F110.pf
O45 - LFCP:[MD5.5A35EE7A73D5CF4FE1ED6A7BAFCFC8DD] - 10/01/2014 - 15:18:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1D03416D.pf
O45 - LFCP:[MD5.D6A5C5D1372E19550C2F1A3A38B7FA76] - 10/01/2014 - 15:43:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BBB53ABB.pf
O45 - LFCP:[MD5.CABE19CE39D61C54A20A04DF0058D749] - 12/01/2014 - 16:34:43 ---A- - C:\Windows\Prefetch\MEDIALIBRARYBUILDER.EXE-5650EC75.pf
O45 - LFCP:[MD5.76472380F222F81DE46B1948456D88CC] - 12/01/2014 - 18:41:20 ---A- - C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/06/2058 - 18:47:46 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.D957F6C357DB31041AEF4F743E464051] - 13/01/2014 - 12:54:00 ---A- - C:\Windows\Prefetch\MEDIAIMAGESERVICES.EXE-1994FA5C.pf
O45 - LFCP:[MD5.DFED0EF64BE9975A84A84B0736A37EE1] - 13/01/2014 - 13:01:35 ---A- - C:\Windows\Prefetch\MEDIAPLAYER.EXE-98DB0D3A.pf
O45 - LFCP:[MD5.E7DE4BD0A40EEC9C60F073D1CDD9A911] - 13/01/2014 - 13:11:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6D2968F1.pf
O45 - LFCP:[MD5.CA8BA9B37F582B8A0B07817C5987F256] - 13/01/2014 - 13:11:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F67D7CAA.pf
O45 - LFCP:[MD5.2167D016004A071287B28D75FBFF9354] - 13/01/2014 - 13:11:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D04CC53B.pf
O45 - LFCP:[MD5.2E9A7D0E55F12F1C8AA74755BB9CD484] - 13/01/2014 - 13:11:15 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
O45 - LFCP:[MD5.0BC4054CBF2BFE2E6DE988F88AE21F94] - 13/01/2014 - 13:12:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C70D0AD1.pf
O45 - LFCP:[MD5.1E21AEA187B47D166973B907956EB495] - 13/01/2014 - 13:16:27 ---A- - C:\Windows\Prefetch\SETUP.EXE-FFF28909.pf
O45 - LFCP:[MD5.67EC569469D4F7B7EA4935426487DFA6] - 13/01/2014 - 13:16:57 ---A- - C:\Windows\Prefetch\AIREB85.EXE-DAED7E15.pf
O45 - LFCP:[MD5.28BD117E65B01AED72F1F6D2785F7773] - 13/01/2014 - 13:18:33 ---A- - C:\Windows\Prefetch\AIR867E.EXE-B87D4F23.pf
O45 - LFCP:[MD5.4D3598E352D082DFFD17489EFD1F0732] - 13/01/2014 - 13:18:55 ---A- - C:\Windows\Prefetch\BAOFENG.EXE-833D8F7B.pf
O45 - LFCP:[MD5.AF6AC531F987BF483877230FF50F147B] - 13/01/2014 - 13:18:55 ---A- - C:\Windows\Prefetch\HIDEFMEDIA-CACHE-GEN.EXE-6B320ADA.pf
O45 - LFCP:[MD5.24C91253AB3549FEF80082AAB7F6EDD0] - 13/01/2014 - 13:18:56 ---A- - C:\Windows\Prefetch\NEWGDP.EXE-5EE4A973.pf
O45 - LFCP:[MD5.C3405DCCE75F7F17859FB3F673A23C27] - 13/01/2014 - 13:19:20 ---A- - C:\Windows\Prefetch\DESK365.EXE-ACD0F89B.pf  =>Hijacker.22Find
O45 - LFCP:[MD5.9FED2A2AA345595536D6227F3717B3C7] - 13/01/2014 - 13:19:25 ---A- - C:\Windows\Prefetch\EINSTALL.EXE-AA64ACBE.pf
O45 - LFCP:[MD5.C1A9B44A3263E67A137423A9FB1DF2ED] - 13/01/2014 - 13:19:45 ---A- - C:\Windows\Prefetch\TRAYDOWNLOADER.EXE-1A1D4DEA.pf
O45 - LFCP:[MD5.C064E0047D1EA60DB4A8A08EAF034522] - 13/01/2014 - 13:20:06 ---A- - C:\Windows\Prefetch\AIR3A43.EXE-85E1E938.pf
O45 - LFCP:[MD5.79BEAD8A8038E1ED28FA19A6D53791FF] - 13/01/2014 - 13:20:07 ---A- - C:\Windows\Prefetch\AIR3A43.TMP-41087B3D.pf
O45 - LFCP:[MD5.22FBC8925751111625A5B9DCB6213970] - 13/01/2014 - 13:24:22 ---A- - C:\Windows\Prefetch\PCSUNOTIFIER.EXE-39DCAA24.pf
O45 - LFCP:[MD5.E871203802901F918D29A66A45031F8F] - 14/01/2014 - 17:10:02 ---A- - C:\Windows\Prefetch\DESKSVC.EXE-EC84F846.pf
O45 - LFCP:[MD5.A2359E5F0F027BD065AF98DFBB0D6C2E] - 14/01/2014 - 18:43:07 ---A- - C:\Windows\Prefetch\CSC.EXE-4C85A8F6.pf
O45 - LFCP:[MD5.0A04F9DB3F3660566645C1E09A24D476] - 14/01/2014 - 18:43:07 ---A- - C:\Windows\Prefetch\CVTRES.EXE-CDAB491C.pf
O45 - LFCP:[MD5.7FE391DCD26AC8FF7CC70034D0BB16BE] - 14/01/2014 - 18:43:11 ---A- - C:\Windows\Prefetch\KWIKMEDIA.EXE-EFFD5BF4.pf
O45 - LFCP:[MD5.0FBDFFF4EDEB30C229C4F01E18808A0E] - 14/01/2014 - 18:43:18 ---A- - C:\Windows\Prefetch\WPFFONTCACHE_V0400.EXE-3A5005E3.pf
O45 - LFCP:[MD5.91E0BDEC81F690157CC0497CDD518447] - 15/01/2014 - 14:06:07 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-CFF8C7D9.pf
O45 - LFCP:[MD5.0554326F0B06DDE0F2D357590E399212] - 15/01/2014 - 14:09:52 ---A- - C:\Windows\Prefetch\PING.EXE-7E94E73E.pf
O45 - LFCP:[MD5.EE813019F0C52E8BF84F04312C937D83] - 15/01/2014 - 14:12:00 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-DE3ACCC1.pf
O45 - LFCP:[MD5.0F112AA13B5817281D38D164955945C2] - 15/01/2014 - 14:13:32 ---A- - C:\Windows\Prefetch\ADOBEUPDATER.EXE-9A17D89B.pf
O45 - LFCP:[MD5.865E52C213B8BD2E47DFDF0859399D93] - 15/01/2014 - 14:31:17 ---A- - C:\Windows\Prefetch\SHAREAZA.EXE-F960BCE4.pf
O45 - LFCP:[MD5.52E374351A8F33936E10EA021750F7F4] - 15/01/2014 - 15:15:40 ---A- - C:\Windows\Prefetch\MFPMP.EXE-26F35380.pf
O45 - LFCP:[MD5.C5EFE2530D8CBA01B9B887C2FA440FF2] - 15/01/2014 - 18:44:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-ECAD9571.pf
O45 - LFCP:[MD5.5A5380F37BE4CF40A82D9A8110BE192F] - 15/01/2014 - 18:52:55 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf
O45 - LFCP:[MD5.0DB4D204426DC6C0856D11973C67ECE6] - 15/01/2014 - 18:58:58 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.0950EEDFEA5375BDC4E7A172C78FCB7B] - 15/01/2014 - 18:58:58 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.C396A4F907BCB18C3CC0BD8546733C9A] - 15/01/2014 - 19:00:35 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf
O45 - LFCP:[MD5.A09FF2027B6A88C31502AEFF67D6BE43] - 15/01/2014 - 19:01:58 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf
O45 - LFCP:[MD5.2D9A8DEE0098311E9B4ECE88E49DCA61] - 16/01/2014 - 19:11:36 ---A- - C:\Windows\Prefetch\FLASHUTIL32_11_9_900_170_ACTI-32DF0362.pf
O45 - LFCP:[MD5.CABD929CDEA81BE8F1E3603B6BA7B4AA] - 16/01/2014 - 19:15:29 ---A- - C:\Windows\Prefetch\WPROTECTMANAGER.EXE-C859C7C4.pf
O45 - LFCP:[MD5.7E5DE95C092ED5B7A8C5976AF70AD9E6] - 16/01/2014 - 19:51:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7FAA2E4C.pf
O45 - LFCP:[MD5.C34531B1C27F92A906550C8A73586BE5] - 17/01/2014 - 08:56:27 ---A- - C:\Windows\Prefetch\WINDOWSTHUMBNAIL.EXE-22D4A414.pf
O45 - LFCP:[MD5.2A4261AA5F65B868BC350311935675F2] - 17/01/2014 - 11:24:02 ---A- - C:\Windows\Prefetch\SFTDDE.EXE-311444CE.pf
O45 - LFCP:[MD5.C9C9FF4D534D5595841200495B108BC6] - 17/01/2014 - 11:24:15 ---A- - C:\Windows\Prefetch\EXCELC.EXE-77BA6C9A.pf
O45 - LFCP:[MD5.16D20D6E9743E9A7AFADB942D7B927AF] - 17/01/2014 - 11:24:43 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.F2777A7A229F4787C4646CBE107FAE49] - 17/01/2014 - 13:53:20 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf
O45 - LFCP:[MD5.7AF55FF3DB111042C79FDB0E518DC729] - 17/01/2014 - 19:09:53 ---A- - C:\Windows\Prefetch\COMUPDATUS.EXE-FEED2F65.pf
O45 - LFCP:[MD5.461A5B88E2A86B1E9D23F5BE04E77F76] - 17/01/2014 - 20:26:06 ---A- - C:\Windows\Prefetch\WMPSHARE.EXE-90B956F1.pf
O45 - LFCP:[MD5.B2DE83B22DB3F3C40C4D51DA7FC55F2E] - 17/01/2014 - 20:28:39 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.47352CCA10268B31E841F2A480F438BF] - 18/01/2014 - 09:46:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf
O45 - LFCP:[MD5.894204AE5F9AAE334C7B0C89C218DEB2] - 18/01/2014 - 10:00:47 ---A- - C:\Windows\Prefetch\ACER(NORMAL).SCR-1331B649.pf
O45 - LFCP:[MD5.7BD5E07B7610AA5BC528B4AAA6BB3B7C] - 18/01/2014 - 10:06:06 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.50A00AA4FAA423597672E61BEB56324E] - 18/01/2014 - 14:49:58 ---A- - C:\Windows\Prefetch\OFFSPON.EXE-C5FABCAD.pf
O45 - LFCP:[MD5.60B736BCD58C82EA73038FC6D8D5BEF6] - 18/01/2014 - 15:07:49 ---A- - C:\Windows\Prefetch\ACER(N~1.SCR-4C3C4E30.pf
O45 - LFCP:[MD5.B42CD0E53506C559D4A3032CFC8E27E0] - 18/01/2014 - 16:06:33 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1670937233-4278526353-2094733994-1000.db
O45 - LFCP:[MD5.1B3FADB73FAD1BC2352E681594A2FCBC] - 18/01/2014 - 16:06:34 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1670937233-4278526353-2094733994-1000.db
O45 - LFCP:[MD5.92DC5F76B9A2D6EC4D4867B745A87C77] - 18/01/2014 - 16:09:04 ---A- - C:\Windows\Prefetch\AVP.EXE-8AEFE8B5.pf
O45 - LFCP:[MD5.D1CFD8B19AAF831AFBD663B242C259FC] - 18/01/2014 - 16:09:10 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.E8F143B6BAF1C92DC7B20A8D694A53ED] - 18/01/2014 - 16:09:11 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.4E4B3EEA7EAC833FA217D215066079F7] - 18/01/2014 - 16:09:13 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.2CD7587D2C2451D65A014C6310F25AC2] - 18/01/2014 - 16:09:13 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.AB68C0B4502837BF5D0A3CFDE4B7F8E0] - 18/01/2014 - 16:09:15 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.725761C1FD5B2D511CF232264A044E6D] - 18/01/2014 - 16:11:18 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
O45 - LFCP:[MD5.AF302763A9FD92FE080594D88E0D266F] - 18/01/2014 - 16:11:18 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.4A455923580BCA7ACBB83B948DEFCD9A] - 18/01/2014 - 16:11:18 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf
O45 - LFCP:[MD5.44F8FA3EFA1C62F2407808B6CE053B2E] - 18/01/2014 - 16:11:18 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.CAEDEBBFABCAE246332CFBE1F745C0EA] - 18/01/2014 - 16:11:52 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.D2EC9CDF5A29CA43627041BE3528CD49] - 18/01/2014 - 16:12:08 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.192E06978D21D7816DD996C98AA792CF] - 18/01/2014 - 16:12:40 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.94D861A57B693453357FFB555C2C034C] - 18/01/2014 - 16:12:41 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf
O45 - LFCP:[MD5.B59B961F6F3113DCD86F08FDB1BDF8DF] - 18/01/2014 - 16:12:44 ---A- - C:\Windows\Prefetch\DBINSTALLER.EXE-98909D52.pf
O45 - LFCP:[MD5.F4F68F349E272A31B84DCC33049F1EDE] - 18/01/2014 - 16:12:44 ---A- - C:\Windows\Prefetch\DRSUPDATE.14225440_RUNASUSER.-132DEB13.pf
O45 - LFCP:[MD5.FF165308B943013351AE11C3C9FC04A2] - 18/01/2014 - 16:12:44 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf
O45 - LFCP:[MD5.00BDB812EA3C96C4DDA2854A22F524E7] - 18/01/2014 - 16:12:46 ---A- - C:\Windows\Prefetch\WMI32.EXE-5A3A65EC.pf
O45 - LFCP:[MD5.78AB1C31A905555C5ABF29AEA4477107] - 18/01/2014 - 16:12:51 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:[MD5.72E54DE0C49750C43443D27A18D11ACF] - 18/01/2014 - 16:12:53 ---A- - C:\Windows\Prefetch\DAEMONU.EXE-BB669599.pf
O45 - LFCP:[MD5.6F8B74C58396E489056FC53B3FD88043] - 18/01/2014 - 16:14:22 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.3ADFB4DF84AC2B181BBE59385A85A126] - 18/01/2014 - 16:14:47 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.8EFFBC5B8D648DE6F7E4DD335F2F7E4E] - 18/01/2014 - 16:17:51 ---A- - C:\Windows\Prefetch\CVH.EXE-308EA697.pf
O45 - LFCP:[MD5.57286DB5665EAC3B81195756690CF1F0] - 18/01/2014 - 16:17:56 ---A- - C:\Windows\Prefetch\WINWORDC.EXE-C55681E7.pf
O45 - LFCP:[MD5.FA4FB3E84A25CEC4170FF57CD0842CFB] - 18/01/2014 - 16:17:58 ---A- - C:\Windows\Prefetch\OFFICEVIRT.EXE-F42AB857.pf
O45 - LFCP:[MD5.5BFBC3840843A2CE39D3D87694F6083A] - 18/01/2014 - 16:17:58 ---A- - C:\Windows\Prefetch\OSPPSVC.EXE-E53D3CC0.pf
O45 - LFCP:[MD5.502E3ACF7C302691909EDB37D307D81F] - 18/01/2014 - 16:20:20 ---A- - C:\Windows\Prefetch\CHROME.EXE-5A1054AF.pf
O45 - LFCP:[MD5.89A999D9A2FBFF2B2F634CC4706B146E] - 18/01/2014 - 16:20:22 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf
O45 - LFCP:[MD5.1E8A9C632CB5D5BF04AE34FF4E9ECD7F] - 18/01/2014 - 16:20:36 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf
O45 - LFCP:[MD5.97881C41DFFF7C4ACBB7929DFC8CD671] - 18/01/2014 - 16:20:52 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:[MD5.8B277CCC17B1C8DBE1DF94764EAAE5B4] - 18/01/2014 - 16:23:26 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.2F6EBD3F7679184C4FBA2AFA76432DF0] - 18/01/2014 - 16:23:28 ---A- - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf
O45 - LFCP:[MD5.413C11394CEF9A66A9D9CF604C034A09] - 18/01/2014 - 16:24:36 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.7EB027E39458DE56B25A38C39E894211] - 18/01/2014 - 16:24:58 ---A- - C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf
O45 - LFCP:[MD5.054AC6076EE8CBBB14334A8B9CA29A5E] - 18/01/2014 - 16:25:36 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.D707495A7BF3FE8F0961CCD393FE4107] - 18/01/2014 - 16:26:53 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
O45 - LFCP:[MD5.4AF4AA85F12F3998E19B9000D5ADF5A1] - 18/01/2014 - 16:26:55 ---A- - C:\Windows\Prefetch\NVTRAY.EXE-DB83881B.pf
O45 - LFCP:[MD5.748B66E1BA56C2B6473E2BA207633ECA] - 18/01/2014 - 16:26:56 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.79DE5A825FFA7E5469009ABB9FEC6B33] - 18/01/2014 - 16:27:05 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf
O45 - LFCP:[MD5.CF3B6A425D76BDB7C305E7FEDEA6A54E] - 18/01/2014 - 16:27:35 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.EECDFEB3311D3AE7EC66EE8FEAC0F29A] - 18/01/2014 - 16:27:40 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.BCB84F1ED2B527BFF69147655C62F459] - 18/01/2014 - 16:27:52 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.6A8E983983BB1B3500CFBCEE3927CF78] - 18/01/2014 - 16:28:04 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.D334436E4CB19D8E6FBE5E7EB6EEB26B] - 18/01/2014 - 16:28:04 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.14F012C98FFD072A9A299FD41D4707FB] - 27/12/2013 - 13:10:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf
O45 - LFCP:[MD5.71A5FC04BAFC0FF26A7123F1CE606A30] - 27/12/2013 - 14:17:22 ---A- - C:\Windows\Prefetch\NEROBURNSERVER.EXE-49BD83CB.pf
O45 - LFCP:[MD5.76710C542498EE0FADEE28A3949BA1AF] - 27/12/2013 - 15:26:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AA6B22B4.pf
O45 - LFCP:[MD5.255CA9A85808F5686BCDC478A024210C] - 28/12/2013 - 09:28:20 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.165.538.0.EXE-2E945451.pf
O45 - LFCP:[MD5.734FE71DC193411FC1A29C20BA084C94] - 28/12/2013 - 09:28:21 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-8E70A167.pf
O45 - LFCP:[MD5.86518367F9DB4DC8C314E92FAFEF3370] - 28/12/2013 - 09:29:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-62BA46A3.pf
O45 - LFCP:[MD5.4522D1B8A593E5350E453869F3705B45] - 28/12/2013 - 09:29:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D0E36877.pf
O45 - LFCP:[MD5.3D9F5E649B81BB17BC5CDC907EA609D0] - 28/12/2013 - 09:29:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6939B5CE.pf
O45 - LFCP:[MD5.8BFB1F736A60130BFA7E051E596E2865] - 28/12/2013 - 09:30:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0BD431BE.pf
O45 - LFCP:[MD5.CD4E092D20D0A93EB9B5D8EA74CD4ADB] - 28/12/2013 - 09:30:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-90AF0E3A.pf
O45 - LFCP:[MD5.217A071AAC5336C4AB411889DB5652D9] - 28/12/2013 - 09:36:53 ---A- - C:\Windows\Prefetch\MMC.EXE-F5DC4F82.pf
O45 - LFCP:[MD5.B452E2FF5DA63133623179E0E5B8F897] - 28/12/2013 - 09:42:38 ---A- - C:\Windows\Prefetch\MOVIEMK.EXE-0E4D00C6.pf
O45 - LFCP:[MD5.99A08342FFF947C3C5843666F89EC805] - 28/12/2013 - 09:42:57 ---A- - C:\Windows\Prefetch\NEROVISION.EXE-6DA2B1AD.pf
O45 - LFCP:[MD5.0F324E352F1D20A13233F864096E4C54] - 28/12/2013 - 09:45:00 ---A- - C:\Windows\Prefetch\NFX.OOPS.EXE-3CD78B10.pf
O45 - LFCP:[MD5.0A113EED4FEEE7D5BA8D157A979FC04D] - 28/12/2013 - 17:02:43 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.E5F2E2739F6CF4CA185BA2981FC173C7] - 29/12/2013 - 18:43:54 ---A- - C:\Windows\Prefetch\CNMSE9O.EXE-8D97F393.pf
O45 - LFCP:[MD5.ABDBC531BF34CB7052AE23B26F850FA2] - 29/12/2013 - 18:44:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8377522D.pf
O45 - LFCP:[MD5.5A2D85A54B4ABF470EDA02819A329189] - 31/12/2013 - 13:22:01 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.165.658.0.EXE-B3474210.pf
O45 - LFCP:[MD5.2EDBDE2DBE99E944909B87F7565D4BD8] - 31/12/2013 - 13:22:03 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-8F557B43.pf
~ Prefetcher: 138 Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" [Enabled] .(.Egis Incorporated..) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" [Enabled] .(. Egis Incorporated..) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" [Enabled] .(. Egis Incorporated..) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" [Enabled] .(.Egis Incorporated..) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" [Enabled] .(.Egis Incorporated..) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" [Enabled] .(.Egis Incorporated..) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe
~ Keys Export: 6 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPath"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=28
~ MWPE Keys: 2 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys   [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys   [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys   [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [79928]
O58 - SDL:[MD5.D1CDD3DD7D47BA6DCDE3C392EC94F944] - 28/07/2010 - 03:52:10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athur.sys   [1434624]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys   [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys   [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys   [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys   [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys   [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys   [11904]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys   [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys   [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\System32\Drivers\E1G60I32.sys   [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [342584]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys   [40504]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys   [235064]
O58 - SDL:[MD5.9378D57E2B96C0A185D844770AD49948] - 11/02/2008 - 18:36:10 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys   [2302976]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [41576]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 25/04/2008 - 12:23:40 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\System32\Drivers\int15.sys   [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 25/04/2008 - 12:23:40 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\System32\Drivers\int15_64.sys   [17952]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys   [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys   [35944]
O58 - SDL:[MD5.186B54479D98E48AEE0E9ADA4B3C4D31] - 04/03/2011 - 12:23:14 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\kl1.sys   [133208]
O58 - SDL:[MD5.BF485BFBA13C0AB116701FD9C55324D0] - 04/03/2011 - 12:23:20 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\kl2.sys   [11352]
O58 - SDL:[MD5.AF04D0CE7939324E9A605B159295706C] - 01/06/2013 - 18:15:39 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klif.sys   [570160]
O58 - SDL:[MD5.6295A19003F935ECC6CCBE9E2376427B] - 10/03/2011 - 17:36:18 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\Drivers\klim6.sys   [23856]
O58 - SDL:[MD5.3DE1771C135328420315E21DDE229BBA] - 02/11/2009 - 19:27:16 ---A- . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klmouflt.sys   [19984]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys   [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [96312]
O58 - SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [22856]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys   [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys   [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [45160]
O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 30/01/2008 - 10:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys   [14848]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys   [20608]
O58 - SDL:[MD5.77F9F9A199B87FE3F852E12F5419240B] - 18/02/2013 - 08:22:18 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda32v.sys   [149352]
O58 - SDL:[MD5.B69E6F70CE1151C8D62ABC9DEF64DFBE] - 25/02/2013 - 23:22:06 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 311.06.) -- C:\Windows\System32\Drivers\nvlddmkm.sys   [8939296]
O58 - SDL:[MD5.1EFEC38A852AB35883BFFF3427B92B3F] - 12/08/2010 - 11:07:50 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvmfdx32.sys   [292712]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [102968]
O58 - SDL:[MD5.C44EE36DD84FA95EB81D79C374756003] - 12/10/2007 - 09:53:10 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\System32\Drivers\nvsmu.sys   [13312]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [45112]
O58 - SDL:[MD5.FA7B8ECA6E845B244B7E30A9DCD82C6C] - 25/01/2008 - 13:02:02 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor32.sys   [140832]
O58 - SDL:[MD5.AB94285FF6C6BC5433407D8D182A4BB4] - 04/03/2008 - 22:38:42 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Filter Driver.) -- C:\Windows\System32\Drivers\psdfilter.sys   [18992]
O58 - SDL:[MD5.2AAF9A5D7A63D26BFAEA853C5F2292BC] - 04/03/2008 - 22:38:44 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Named Pipe Driver.) -- C:\Windows\System32\Drivers\PSDNServ.sys   [16944]
O58 - SDL:[MD5.0EB8CEC99855BEAE5B0D02C2302619EF] - 04/03/2008 - 22:38:44 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Virtual Disk Driver.) -- C:\Windows\System32\Drivers\PSDVdisk.sys   [60464]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys   [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys   [106088]
O58 - SDL:[MD5.4C01298060CF930D26A75A86B874B6AE] - 26/03/2008 - 11:35:54 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys   [2103512]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys   [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys   [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys   [34920]
O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 30/01/2008 - 10:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\System32\Drivers\UBHelper.sys   [13824]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys   [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys   [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys   [115816]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:[MD5.D1CDD3DD7D47BA6DCDE3C392EC94F944] - 28/07/2010 - 03:52:10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athur.sys   [1434624]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 18 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 15/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db   [7168]
O61 - LFC: 15/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal   [5672]
O61 - LFC: 15/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\databases\http_fr.aion.gameforge.com_0\3   [5120]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000005.ldb   [208]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK   [0]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.aion.gameforge.com_0.localstorage   [3072]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.aion.gameforge.com_0.localstorage-journal   [3608]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_chrome.google.com_0.localstorage   [3072]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_chrome.google.com_0.localstorage-journal   [3608]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SYYCAGR9\macromedia.com\support\flashplayer\sys\#mpsnare.iesnare.com\settings.sol   [89]
O61 - LFC: 15/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SYYCAGR9\mpsnare.iesnare.com\stm.sol   [79]
O61 - LFC: 15/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\wmplog00.sqm   [2750]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [273221]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Bookmarks   [10848]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak   [10848]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000136.ldb   [242]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\bg\messages.json   [1585]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ca\messages.json   [682]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\cs\messages.json   [743]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\da\messages.json   [665]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\de\messages.json   [714]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\el\messages.json   [1764]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\en\messages.json   [611]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\en_GB\messages.json   [611]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\es\messages.json   [713]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\es_419\messages.json   [671]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\et\messages.json   [615]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\fi\messages.json   [738]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\fil\messages.json   [672]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\fr\messages.json   [721]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\hi\messages.json   [1406]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\hr\messages.json   [662]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\hu\messages.json   [766]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\id\messages.json   [612]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\it\messages.json   [626]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ja\messages.json   [1181]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ko\messages.json   [892]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\lt\messages.json   [706]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\lv\messages.json   [735]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\nb\messages.json   [665]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\nl\messages.json   [630]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\pl\messages.json   [701]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\pt_BR\messages.json   [701]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\pt_PT\messages.json   [702]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ro\messages.json   [700]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\ru\messages.json   [1296]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sk\messages.json   [739]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sl\messages.json   [647]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sr\messages.json   [1507]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\sv\messages.json   [687]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\th\messages.json   [1626]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\tr\messages.json   [728]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\uk\messages.json   [1403]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\vi\messages.json   [798]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\zh_CN\messages.json   [760]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\_locales\zh_TW\messages.json   [814]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\craw_background.js   [125750]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\craw_window.js   [155992]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\css\craw_window.css   [1741]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\css\craw_window.css~   [1702]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\html\craw_window.html   [810]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\icon_128.png   [9460]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\icon_16.png   [702]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\topbar_floating_button.png   [160]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\topbar_floating_button_close.png   [252]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\topbar_floating_button_hover.png   [160]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\topbar_floating_button_maximize.png   [166]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\images\topbar_floating_button_pressed.png   [160]
O61 - LFC: 16/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\manifest.json   [1275]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000010.ldb   [170]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000013.ldb   [196]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage   [3072]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage-journal   [512]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage   [3072]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal   [3608]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs   [26624]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal   [3608]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Shortcuts   [20480]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal   [16384]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_0   [8192]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1   [270336]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_2   [8192]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_3   [8192]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\index   [262512]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_gfdkimpbcpahaombhbimeihdjnejgicl\Feedback.ico   [163799]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_gfdkimpbcpahaombhbimeihdjnejgicl\Feedback.ico.md5   [16]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\manifest.fingerprint   [66]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\manifest.json   [845]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_pnacl_json   [439]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_ld_nexe   [1854128]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_libcrt_platform_a   [4064]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_libgcc_a   [37712]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_libgcc_eh_a   [148206]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_libpnacl_irt_shim_a   [147672]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_libpnacl_irt_shim_dummy_a   [1310]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\_platform_specific\x86_32\pnacl_public_x86_32_pnacl_llc_nexe   [8163600]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\manifest.fingerprint   [66]
O61 - LFC: 16/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12332\manifest.json   [572]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\1956_20347\crl-set   [7308]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\1956_20347\manifest.fingerprint   [12]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\1956_20347\manifest.json   [34]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\dummy.htm   [0]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\netlog.txt   [7]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (.Cherished Technololgy LIMITED.) -- C:\Users\cricri\AppData\Local\Temp\fullpackage_temp1389896099\tmp\wpm.exe   [493568] =>PUP.WpManager
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (.Microsoft Corporation.) -- C:\Users\cricri\AppData\Local\Temp\46468-671462-microsoft-office-publisher.exe   [290014640]
O61 - LFC: 16/01/2014 - 16:28:29 ---A- . (.Skytech Co., Ltd..) -- C:\Users\cricri\AppData\Local\Temp\vit_sweet-page.exe   [885400] =>PUP.SweetPage
O61 - LFC: 16/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\ZHP\ZHPDiag.txt   [2481995]  =>.Nicolas Coolman
O61 - LFC: 16/01/2014 - 16:28:32 ---A- . (...) -- C:\Users\cricri\Documents\nettoyage ordinateur\2 adwcleaner.exe   [1236282]
O61 - LFC: 16/01/2014 - 16:28:32 ---A- . (.Nicolas Coolman.) -- C:\Users\cricri\Downloads\ZHPDiag2.exe   [6865591]  =>.Nicolas Coolman
O61 - LFC: 17/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies   [6144]
O61 - LFC: 17/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal   [4640]
O61 - LFC: 17/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT   [16]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG   [145]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old   [145]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000019   [369]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Last Session   [2738]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Last Tabs   [1759]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage   [3072]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage-journal   [3608]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage   [3072]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal   [3608]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SYYCAGR9\macromedia.com\support\flashplayer\sys\#www.ajaxcdn.org\settings.sol   [85]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SYYCAGR9\macromedia.com\support\flashplayer\sys\settings.sol   [697]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SYYCAGR9\www.ajaxcdn.org\swf.swf\dm_cookie.sol   [415]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\QuotaManager   [13312]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal   [8768]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000309.ldb   [145]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000311.ldb   [256]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old   [269]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Top Sites   [159744]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal   [16384]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity   [1604]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom   [8714536]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1335568]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135496]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Download   [935512]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19504]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [6940]
O61 - LFC: 17/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Safe Browsing IP Blacklist   [48]
O61 - LFC: 17/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\Bubble Dock.txt   [349] =>PUP.BubbleDock
O61 - LFC: 17/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\LBubble Dock.txt   [3286] =>PUP.BubbleDock
O61 - LFC: 17/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\preferences   [0]
O61 - LFC: 17/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\wmplog01.sqm   [1942]
O61 - LFC: 17/01/2014 - 16:28:30 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Microsoft\Office\Recent\code d'accès.xls.LNK   [902]
O61 - LFC: 17/01/2014 - 16:28:30 --H-- . (...) -- C:\Users\cricri\AppData\Roaming\Microsoft\Office\Recent\index.dat   [5483]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\ChatChanlist.dat   [0]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\Discovery.dat   [7726]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\DownloadGroups.dat   [2402]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\HostCache.dat   [293235]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\Library2.dat   [696448]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\Security.dat   [10]
O61 - LFC: 17/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\UploadQueues.dat   [640]
O61 - LFC: 17/01/2014 - 16:28:32 ---A- . (...) -- C:\Users\cricri\Downloads\adwcleaner (1).exe   [1236282]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Cookies   [269312]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Current Session   [2560]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Current Tabs   [1738]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Custom Dictionary.txt   [56]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Custom Dictionary.txt.backup   [51]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG   [148]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000193   [897]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt   [4]
O61 - LFC: 18/01/2014 - 16:28:26 ---A- . (...) -- C:\Users\cricri\AppData\Local\d3d9caps.dat   [680]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Favicons   [190464]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal   [16384]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1   [270336]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\History   [495616]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache   [106284]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Login Data   [16384]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal   [8736]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor   [66560]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Preferences   [78706]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000314.ldb   [256]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG   [264]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000313   [356]  =>.Google Inc
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3   [1212416]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal   [16384]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Web Data   [129024]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal   [16384]
O61 - LFC: 18/01/2014 - 16:28:27 ---A- . (...) -- C:\Users\cricri\AppData\Local\Google\Chrome\User Data\Local State   [54665]
O61 - LFC: 18/01/2014 - 16:28:27 --HA- . (...) -- C:\Users\cricri\AppData\Local\IconCache.db   [6291456]
O61 - LFC: 18/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\18347137.cvr   [1136]
O61 - LFC: 18/01/2014 - 16:28:29 ---A- . (...) -- C:\Users\cricri\AppData\Local\Temp\cricri.bmp   [31832]
O61 - LFC: 18/01/2014 - 16:28:30 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-18 (14-35-01).txt   [5832]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\Library1.dat   [695586]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\Searches.dat   [194714]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\Shareaza\Data\Shareaza.db3   [9216]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\SoftGrid Client\140066.FRA-90140011-66-40C\UsrVol_sftfs_v1.pkg   [2023936]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat   [12610]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\SoftGrid Client\shortcut_ex.dat   [17]
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\ZHP\Log.txt   [97928]  =>.Nicolas Coolman
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2845]  =>.Nicolas Coolman
O61 - LFC: 18/01/2014 - 16:28:31 ---A- . (...) -- C:\Users\cricri\AppData\Roaming\ZHP\ZHPADSReport.txt   [351]  =>.Nicolas Coolman
O61 - LFC: 18/01/2014 - 16:28:32 ---A- . (...) -- C:\Users\cricri\Documents\nettoyage ordinateur\1 ZHPDiag.lnk   [1667]  =>.Nicolas Coolman
O61 - LFC: 18/01/2014 - 16:28:32 ---A- . (...) -- C:\Users\cricri\Documents\nettoyage ordinateur\mbam-log-2014-01-18 (14-35-01).txt   [5832]
~ 15 Fichiers temporaires (Temporary files)
~ Files: 203 Scanned in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 21/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 22/02/2011 - C:\Windows\System32\DRIVERS\bowser.sys (bowser)  .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\CLFS.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\crcdisk.sys (crcdisk)  .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - 14/04/2011 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 20/02/2010 - C:\Windows\System32\drivers\HTTP.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 25/04/2008 - C:\Windows\system32\drivers\int15.sys (int15)  .(.Acer, Inc. - int15.) - LEGACY_INT15
O64 - Services: CurCS - 04/03/2011 - C:\Windows\System32\DRIVERS\kl1.sys (KL1)  .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 04/03/2011 - C:\Windows\System32\DRIVERS\kl2.sys (kl2)  .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL2
O64 - Services: CurCS - 01/06/2013 - C:\Windows\System32\DRIVERS\klif.sys (KLIF)  .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - LEGACY_KLIF
O64 - Services: CurCS - 10/03/2011 - C:\Windows\System32\DRIVERS\klim6.sys (KLIM6)  .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
O64 - Services: CurCS - 04/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\mountmgr.sys (MountMgr)  .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\drivers\mrxdav.sys (MRxDAV)  .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb.sys (mrxsmb)  .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 06/07/2011 - C:\Windows\System32\DRIVERS\mrxsmb10.sys (mrxsmb10)  .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb20.sys (mrxsmb20)  .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP)  .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\netbt.sys (netbt)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\pacer.sys (PSched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 04/03/2008 - C:\Windows\System32\DRIVERS\psdfilter.sys (PSDFilter)  .(.Egis Incorporated - Acer eDataSecurity Management PSD Filter Dr.) - LEGACY_PSDFILTER
O64 - Services: CurCS - 04/03/2008 - C:\Windows\System32\DRIVERS\PSDNServ.sys (PSDNServ)  .(.Egis Incorporated - Acer eDataSecurity Management PSD Named Pip.) - LEGACY_PSDNSERV
O64 - Services: CurCS - 04/03/2008 - C:\Windows\System32\DRIVERS\PSDVdisk.sys (psdvdisk)  .(.Egis Incorporated - Acer eDataSecurity Management PSD Virtual D.) - LEGACY_PSDVDISK
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\rasacd.sys (RasAcd)  .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\rdbss.sys (rdbss)  .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\rdpencdd.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftfslh.sys (Sftfs)  .(.Microsoft Corporation - Microsoft Application Virtualization File S.) - LEGACY_SFTFS
O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftplaylh.sys (Sftplay)  .(.Microsoft Corporation - Microsoft Application Virtualization System.) - LEGACY_SFTPLAY
O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftredirlh.sys (Sftredir)  .(.Microsoft Corporation - Microsoft Application Virtualization System.) - LEGACY_SFTREDIR
O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftvollh.sys (Sftvol)  .(.Microsoft Corporation - Microsoft Application Virtualization Volume.) - LEGACY_SFTVOL
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Smb)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\srv.sys (srv)  .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srv2.sys (srv2)  .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 08/12/2009 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/08/2012 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\wanarp.sys (Wanarpv6)  .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - 27/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\ws2ifsl.sys (ws2ifsl)  .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL
O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 77 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [444928]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [68096]

~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.66DD52E7E54A23F7D67984358B39BF18] [SPRF][15/05/2013] (...) -- C:\Users\cricri\AppData\Local\d3d8caps.dat   [552]
[MD5.9CD09610A850AED4768590B7A255AE8A] [SPRF][18/01/2014] (...) -- C:\Users\cricri\AppData\Local\d3d9caps.dat   [680]
[MD5.66613D4F1D3E771CF2D7C6C2D4F9C1C4] [SPRF][16/01/2014] (.Microsoft Corporation - Pas de description.) -- C:\Users\cricri\AppData\Local\Temp\46468-671462-microsoft-office-publisher.exe   [290014640]
[MD5.167EBBC76CC175E2F027559E5CADDEFA] [SPRF][13/01/2014] (.Speedchecker Limited - Pas de description.) -- C:\Users\cricri\AppData\Local\Temp\air3A43.exe   [5560016]
[MD5.DE3479E75AA8408F772A4810D4F95B52] [SPRF][13/01/2014] (...) -- C:\Users\cricri\AppData\Local\Temp\air74F5.exe   [73816]
[MD5.D3A0920CD4BED7FCE3A106D9E1692D77] [SPRF][13/01/2014] (...) -- C:\Users\cricri\AppData\Local\Temp\air867E.exe   [21074920]
[MD5.E219194AA0D2F8998F1CB5DAEDF02077] [SPRF][13/01/2014] (.Skytech Co., Ltd. - Skytech.) -- C:\Users\cricri\AppData\Local\Temp\airEB85.exe   [564888]
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][13/01/2014] (...) -- C:\Users\cricri\AppData\Local\Temp\BackupSetup.exe   [10355400]
[MD5.59C25682D3C18EC50F9AA31E51176967] [SPRF][04/09/2013] (...) -- C:\Users\cricri\AppData\Local\Temp\defaultCache.reg   [77998]
[MD5.D3A0920CD4BED7FCE3A106D9E1692D77] [SPRF][13/01/2014] (...) -- C:\Users\cricri\AppData\Local\Temp\EB86_HiDefMedia-1.1.12-win32.exe   [21074920]
[MD5.5689D43C3B201DD3810FA3BBA4A6476A] [SPRF][13/01/2014] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\cricri\AppData\Local\Temp\vcredist_x86.exe   [4216840]
[MD5.80FBAF3E1E0E20601D009A22B7A3755C] [SPRF][16/01/2014] (.Skytech Co., Ltd. - Skytech.) -- C:\Users\cricri\AppData\Local\Temp\vit_sweet-page.exe   [885400]  =>PUP.SweetPage
[MD5.B22198403FFEAF57BE49FF5A08DA1EF4] [SPRF][05/09/2013] (...) -- C:\Users\cricri\AppData\Local\Temp\vlc-2.0.8-win32.exe   [23003252]
[MD5.7E89844169E755775F09AA4724680281] [SPRF][17/11/2013] (...) -- C:\Users\cricri\AppData\Local\Temp\vlc-2.1.1-win32.exe   [24489269]
[MD5.B91FE1536AB4D680DDD77469EA3FD4BF] [SPRF][10/01/2014] (...) -- C:\Users\cricri\AppData\Local\Temp\vlc-2.1.2-win32.exe   [24097311]
~ Files: 15 Scanned in 00mn 31s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "{D0C4BE1C-C5B4-4EDF-8FAE-55F438D2DD45}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Live.) -- C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe
O87 - FAEL: "{D90364C1-473F-4313-B223-9241901080C1}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer DV Magician.) -- C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe
O87 - FAEL: "{AA766C76-F16E-4FE2-A422-7D2BC7C139D9}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer SlideShow DVD.) -- C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe
O87 - FAEL: "{42C706D2-3910-46FE-98CE-7F03D2047D4F}" | In - None - P6 - TRUE | .(.Acer Incorporated - VideoMagician.) -- C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe
O87 - FAEL: "{8D76F545-C6D9-4C81-8BCF-489606A0424A}" | In - None - P6 - TRUE | .(.Acer Incorporated - DVDivine.) -- C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe
O87 - FAEL: "{5649A2D4-F7CA-4F7C-97E2-374C5D2FDF1C}" | In - None - P6 - TRUE | .(.Acer Incorporated - HomeMedia.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe
O87 - FAEL: "{DEDBB5C9-7C94-4700-B32A-CE4BFF5B1973}" | In - None - P6 - TRUE | .(.Acer Incorporated - HomeMedia Connect.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe
O87 - FAEL: "{FB16079E-B65F-45E2-8AEC-A6FAD42159A2}" | In - None - P6 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O87 - FAEL: "{88149B78-7766-4162-8F83-D8B6FC8BC0C6}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Live.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe
O87 - FAEL: "{7ACC89C8-89F3-4312-9C9F-199767E21D32}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{C579C023-D32A-41D7-8B1A-6026E5BF1B7B}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{EF4F573B-DB47-4635-B3BF-FEB2070B6865}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{6AEEC8E4-82E8-4C7B-A265-0761020E8073}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{DD76C2F8-89EE-4986-880C-2661D4ACB58C}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{6A18787C-34F5-43E8-BD37-A88FF14BAB64}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{140386EE-96E0-4FEF-A02F-6FAC37BDD3A7}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{38BFF5AF-2C45-4A78-A138-33101997BA94}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{42EB1015-E687-480F-9FB1-A3CAD2D520A8}" | In - Private - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{00570DA0-99CB-4A03-A867-F4967F45758D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{220CBADC-FB10-45F3-8885-3A840886CCEE}" | In - Private - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{471417B5-78CA-494B-85E4-7238A6541BE6}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{C2F73382-8A92-4FB5-8023-1CFD0815D511}" | In - Private - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{1BB6B7DD-AA30-4785-A034-4082A89A49A6}" | In - Private - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{A11FB889-3FE1-41DA-96FD-C3046E1D98FE}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{B43BC2DE-CDA3-4615-89D4-F69CDF928240}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{7CC12EF8-BC8B-4A18-8DEE-CCE566D65500}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{8F80CA95-B5A2-4249-8E53-6E068AFBA751}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{22782A5D-6917-41A7-9403-F0EA99D8021D}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{0B2538EB-A3CF-4253-BE0C-CCA521861C0A}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{535838C4-E04B-46DF-8A7A-EFAA83F25C2B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{3C0B9F38-7EAA-4911-BE39-4470B752B383}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{9028D790-4D76-4C25-ACE2-E047B2CFB997}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{A9EB593D-F942-46A5-9A27-B01D2A3921AD}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{52629EE5-2EC8-4CA8-890B-6C48AF3B8730}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{31A2917E-9F56-4C87-B2EC-F9B6D7642D67}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{A3432705-7371-4801-89E4-1A71D2C9D86E}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "{DB2217D4-A6AD-45F7-AF4E-1858D9C620D7}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "{7487CB26-6B16-4B3F-B926-5E3D5E4E058C}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "{C18EC535-CCCC-4640-A52F-50D473E10412}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "{A4B9A290-3EF5-4C81-891F-440AF410C20D}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "{DF2B3A14-EF5F-4FB9-90F5-8A0B87F6DA99}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{198A5966-7513-4931-A642-010C75716D00}" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{937836C4-ED8C-4DF1-B3CC-5A3D34BAFFDA}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{D27965C1-099E-40A3-A1D0-B2F0EC26E263}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{4DCAD817-C336-41A3-B063-B61456CC8A59}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{D8EAADF0-F54D-4C55-9BA1-75115EB7FCDE}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{D5F2BB2F-7D80-458A-8318-B416E28C440D}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{E72EDC8E-89B8-48AC-B0FE-1F54A35270AF}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{A4293931-ECA7-4460-9456-3CF2FC85A26A}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{465C9256-045E-4059-8802-054379FF959C}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{21AFCF22-1B93-4719-9774-8D6596F22140}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{C9F473F8-AB2F-43B2-A594-6849918E2F6E}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{935122A4-50A5-41A0-BA78-F6ED1E3069EB}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "{FE3B537D-8654-475A-9FD8-E43D94C892E3}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{E3196AAD-A08D-4801-AA72-39C94A138B8C}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{DE33C1F9-0006-441B-B050-F316514A1A43}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{62E00101-AC25-417B-8AD3-ED3F79108BD3}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{4206762E-0F18-470D-963B-E6B8F5952BD2}" | In - Private - P6 - TRUE | .(.Nero AG - Nero Kwik Media.) -- C:\Program Files\Nero\KM\KwikMedia.exe
O87 - FAEL: "{8628A7BC-ECC0-48C6-BA79-189015172A6D}" | In - Private - P17 - TRUE | .(.Nero AG - Nero Kwik Media.) -- C:\Program Files\Nero\KM\KwikMedia.exe
O87 - FAEL: "{9DEA00F0-3744-4033-A2C2-FF8485688FA4}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{51120F57-C7D8-4D67-889C-54D9E6658ED1}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{4A32C8CD-3E1D-4B39-8E63-97EA3D5DF854}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{2EF3F012-5AC2-42D6-BCC3-78568446C260}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{874EFD74-205B-4EE7-B78D-2A215028FB52}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "{60FEBE33-79B9-4CF0-A7F4-2145095DDE02}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "{C388EA0B-1ADC-435C-B136-380D31C228AA}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{CB485048-ADD3-4CEC-A59B-C10F4E4C51CF}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{69637165-AC87-4882-94E2-26A2A9A2C918}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{36A9A993-8CE9-4DD0-8F62-EA29BE6285C5}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{B2630669-3E22-4369-981A-90E6AFA88967}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "{1429D414-7FE7-4A8E-A572-317989CCC057}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "{588FAD2B-6BEB-4DA0-AA8A-FE63DB22F548}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "{51D8FE5B-257B-4CE5-B5E7-7E0DCAE3398C}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "{ED17BAA9-DD5E-4D00-A7F3-ACFF208A8CC5}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{C267C3B3-77ED-46A2-BFB3-3FEB9A8D2636}" | In - Private - P6 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
O87 - FAEL: "{8953B7F9-03DE-45E2-89BF-4599604E2D2C}" | In - Private - P17 - TRUE | .(.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
O87 - FAEL: "TCP Query User{7FA6C0C4-B794-4804-8E2C-2F55724CA1E2}C:\program files\shareaza\shareaza.exe" | In - Public - P6 - TRUE | .(.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\program files\shareaza\shareaza.exe
O87 - FAEL: "UDP Query User{3D277205-F355-4E0F-ACBD-B417AD5E57EF}C:\program files\shareaza\shareaza.exe" | In - Public - P17 - TRUE | .(.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\program files\shareaza\shareaza.exe
O87 - FAEL: "{3CCFD096-5BB0-440B-B837-CA091E9DA86D}" | In - Private - P6 - TRUE | .(.Nero AG - Nero Blu-ray Player.) -- C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
O87 - FAEL: "{7216FF3F-79A0-43C0-AEC0-2B58626EEA9A}" | In - Private - P17 - TRUE | .(.Nero AG - Nero Blu-ray Player.) -- C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
O87 - FAEL: "{934668B9-27AF-4515-9D78-7BF2B95F3003}" | In - Private - P6 - TRUE | .(.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\Program Files\Shareaza\Shareaza.exe
O87 - FAEL: "{B088F689-0F35-4431-B4B7-C2AD1979284D}" | In - Private - P17 - TRUE | .(.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- C:\Program Files\Shareaza\Shareaza.exe
~ Firewall: 249 Scanned in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "037E97B5798DF8B41ADAB72B1D2FB269" . (.Nero Blu-ray Player Help (CHM).) -- C:\Windows\Installer\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "03FF80700C870B74180F8C6440CD67C9" . (.Nero Express Help (CHM).) -- C:\Windows\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "043FB559973C5734AAF23FCB2B4A89BA" . (.Nero Family and Events Themes.) -- C:\Windows\Installer\{955BF340-C379-4375-AA2F-F3BCB2A498AB}\ARPPRODUCTICON.exe
O90 - PUC: "05D94ECADC916A441B29649F5882B362" . (.Nero PiP Effects Basic.) -- C:\Windows\Installer\{ACE49D50-19CD-44A6-B192-46F985283B26}\ARPPRODUCTICON.exe
O90 - PUC: "122113B05A506674D830A74664971465" . (.Nero RescueAgent Help (CHM).) -- C:\Windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "127805FCE1E099F43A95954EAED8EA1C" . (.Nero Burning ROM.) -- C:\Windows\Installer\{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}\ARPPRODUCTICON.exe
O90 - PUC: "15E5F6B1E5753964CB2A573475D070D6" . (.Nero Kwik Themes Basic.) -- C:\Windows\Installer\{1B6F5E51-575E-4693-BCA2-7543570D076D}\ARPPRODUCTICON.exe
O90 - PUC: "17DE924FB8A4A754584E6F93C87EE385" . (.AV Input Selection.) -- C:\Windows\Installer\{F429ED71-4A8B-457A-85E4-F6398CE73E58}\ARPPRODUCTICON.exe
O90 - PUC: "18074868783B94F4EA1D9C0B0A096DC6" . (.Nero Recode Help (CHM).) -- C:\Windows\Installer\{86847081-B387-4F49-AED1-C9B0A090D66C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "188D52D43817F264598C99C01A49E4B0" . (.Nero PiP Effects 1.) -- C:\Windows\Installer\{4D25D881-7183-462F-95C8-990CA1944E0B}\ARPPRODUCTICON.exe
O90 - PUC: "1F88D051FA0487643AD9CB2E33F2435E" . (.Nero Abstract Themes.) -- C:\Windows\Installer\{150D88F1-40AF-4678-A39D-BCE2332F34E5}\ARPPRODUCTICON.exe
O90 - PUC: "2563365A59739284BBB046F420972E97" . (.Acer eDataSecurity Management.) -- C:\Windows\Installer\{A5633652-3795-4829-BB0B-644F0279E279}\ARPPRODUCTICON.exe
O90 - PUC: "2921D0FE1CF8EB147904BD1C436F4651" . (.Nero BackItUp Help (CHM).) -- C:\Windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
O90 - PUC: "375E4A382C2EBF64D96AA6B2BB5F5A88" . (.Nero Retro Film Themes.) -- C:\Windows\Installer\{83A4E573-E2C2-46FB-9DA6-6A2BBBF5A588}\ARPPRODUCTICON.exe
O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\Windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
O90 - PUC: "3CB65822398FFBC4592F1E6FC32D1BBA" . (.Nero Video Transitions 1.) -- C:\Windows\Installer\{22856BC3-F893-4CBF-95F2-E1F63CD2B1AB}\ARPPRODUCTICON.exe
O90 - PUC: "3E64AFC7F2CC553428EA0621CD6333DF" . (.NVIDIA ForceWare Network Access Manager.) -- C:\Windows\Installer\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\ARPPRODUCTICON.exe
O90 - PUC: "423E0982B3F65794B8597E6D8DE02062" . (.Nero Burning ROM Help (CHM).) -- C:\Windows\Installer\{2890E324-6F3B-4975-8B95-E7D6D80E0226}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "43E1A250B45AC8544A3E423C0E4557A4" . (.Nero Kwik Media.) -- C:\Windows\Installer\{052A1E34-A54B-458C-A4E3-24C3E054754A}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe
O90 - PUC: "48D76F9207A3E65408A62503B12070B0" . (.Nero Effects Basic.) -- C:\Windows\Installer\{29F67D84-3A70-456E-806A-52301B02070B}\ARPPRODUCTICON.exe
O90 - PUC: "4A1AFE21B3CAC344183432E7ED674030" . (.NTI Backup Now Standard.) -- C:\Windows\Installer\{12EFA1A4-AC3B-443C-8143-237EDE760403}\ARPPRODUCTICON.exe
O90 - PUC: "52FD6C4C95E0EE642BB4FD78948DFFA3" . (.Nero Image Samples.) -- C:\Windows\Installer\{C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A}\ARPPRODUCTICON.exe
O90 - PUC: "5B6E18EFB2567E043B2B17176C2F79AD" . (.Nero Disc Menus 2.) -- C:\Windows\Installer\{FE81E6B5-652B-40E7-B3B2-7171C6F297DA}\ARPPRODUCTICON.exe
O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\Windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "6761FBEE78FA6624398DC0413AC42471" . (.Nero Disc Menus 1.) -- C:\Windows\Installer\{EEBF1676-AF87-4266-93D8-0C14A34C4217}\ARPPRODUCTICON.exe
O90 - PUC: "67BCB71E42995DB46B6D053D04B7E447" . (.Nero Disc Menus Basic.) -- C:\Windows\Installer\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B7448A0100000030" . (.Adobe Reader 8.1.0 - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe
O90 - PUC: "6C1C2E92A67D3D1489F0E643A69A6A8A" . (.Nero Cliparts.) -- C:\Windows\Installer\{29E2C1C6-D76A-41D3-980F-6E346AA9A6A8}\ARPPRODUCTICON.exe
O90 - PUC: "6D755E54172231F418106C024B82A50B" . (.Kaspersky Anti-Virus 2012.) -- C:\Windows\Installer\{45E557D6-2271-4F13-8101-C620B4285AB0}\setup2.ico
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "741E44742F0F041428E53B70F10C971F" . (.Nero 12.) -- C:\Windows\Installer\{4744E147-F0F2-4140-825E-B3071FC079F1}\ARPPRODUCTICON.exe
O90 - PUC: "821B6C5004B15944C99B90B063B8AFA0" . (.Nero Video Samples.) -- C:\Windows\Installer\{05C6B128-1B40-4495-9CB9-090B368BFA0A}\ARPPRODUCTICON.exe
O90 - PUC: "833DA5B8CBA7BCE4C9C286F748EADD1B" . (.Nero Platinum Effects 12.) -- C:\Windows\Installer\{8B5AD338-7ABC-4ECB-9C2C-687F84AEDDB1}\ARPPRODUCTICON.exe
O90 - PUC: "8703D2ADC85A8E54E80E818BEBB6437F" . (.Nero BackItUp.) -- C:\Windows\Installer\{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}\ARPPRODUCTICON.exe
O90 - PUC: "900CA7E42125F99449F25AAA24EA53E9" . (.Nero 12 Content Pack.) -- C:\Windows\Installer\{4E7AC009-5212-499F-942F-A5AA42AE359E}\ARPPRODUCTICON.exe
O90 - PUC: "985E2342652631540BFBFE8A3E525D0F" . (.Nero SharedVideoCodecs.) -- C:\Windows\Installer\{2432E589-6256-4513-B0BF-EFA8E325D5F0}\ARPPRODUCTICON.exe
O90 - PUC: "A72E2DC59C2F78A4A960FDFAA9814218" . (.Nero Express.) -- C:\Windows\Installer\{5CD2E27A-F2C9-4A87-9A06-DFAF9A182481}\ARPPRODUCTICON.exe
O90 - PUC: "C039314290386A74CB16E52FA72422CB" . (.NTI Media Maker 8.) -- C:\Windows\Installer\{2413930C-8309-47A6-BC61-5EF27A4222BC}\ARPPRODUCTICON.exe
O90 - PUC: "D237359B326B48E43B96FCFFB7A10EF6" . (.Nero RescueAgent.) -- C:\Windows\Installer\{B953732D-B623-4E84-B369-CFFF7B1AE06F}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- c:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
O90 - PUC: "D971821B1E5ACA344922211A90CE2D0A" . (.Nero Video Help (CHM).) -- C:\Windows\Installer\{B128179D-A5E1-43AC-9422-12A109ECD2A0}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
O90 - PUC: "DB3C349126442164293C3DD69D714C74" . (.Nero Recode.) -- C:\Windows\Installer\{1943C3BD-4462-4612-92C3-D36DD917C447}\ARPPRODUCTICON.exe
O90 - PUC: "DBF576EC3C571F546BFAD85280165D63" . (.Nero Disc Menus 3.) -- C:\Windows\Installer\{CE675FBD-75C3-45F1-B6AF-8D250861D536}\ARPPRODUCTICON.exe
O90 - PUC: "DCFCCF383E64BF343A7987FB5D8A89A0" . (.Nero Video.) -- C:\Windows\Installer\{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}\ARPPRODUCTICON.exe
O90 - PUC: "DE48D40557EA58F46AB8BBD3C43B1E96" . (.Nero Holiday and Sports Themes.) -- C:\Windows\Installer\{504D84ED-AE75-4F85-A68B-BB3D4CB3E169}\ARPPRODUCTICON.exe
O90 - PUC: "E02861F17E0D636439E954BCEFBF601E" . (.Nero Kwik Media Help (CHM).) -- C:\Windows\Installer\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "E196EF2AE8F303E4AAD7FF71CA77AE78" . (.Nero Blu-ray Player.) -- C:\Windows\Installer\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}\ARPPRODUCTICON.exe
O90 - PUC: "E2FB0A7ACC133E949931255C30BE69D9" . (.Nero Audio Pack 1.) -- C:\Windows\Installer\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}\ARPPRODUCTICON.exe
O90 - PUC: "FB4A7DB746AEEFB49A3DF3CDB9E6CF32" . (.Nero Football (Soccer) Themes.) -- C:\Windows\Installer\{7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23}\ARPPRODUCTICON.exe
~ Update Products: 77 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.98497C5C35BF1CA5F7DC4CF4356D0F33] [WIS][15/05/2013] (.Ask.com - Blank Project Template.) -- C:\Windows\Installer\1139cd3.msi   [1847808]
[MD5.22AB196CC04DFF9139816D28637C4840] [WIS][09/05/2008] (.Egis Inc. - Acer eDataSecurity Management.) -- C:\Windows\Installer\39a51.msi   [8373248]
[MD5.EC62783ACC4321BCDC3701C5204C03F1] [WIS][19/11/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\5ff167.msi   [24576]  =>Toolbar.Google
[MD5.3786168E585CCD3A3BEB178D7A338C3F] [WIS][12/05/2013] (.NewTech Infosystems - Media Maker.) -- C:\Windows\Installer\8ab42.msi   [2775040]
[MD5.8C3F81A300BF796238F4ED0849D72505] [WIS][12/05/2013] (.YUAN - AV Input Selection.) -- C:\Windows\Installer\8abb0.msi   [773120]
~ WIS: 78 Scanned in 00mn 03s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/12/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 13/05/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/05/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 19/11/2013 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 10/07/1658 0 |  (Nero BackItUp Scheduler 4.0) . (...) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 25/01/2008 269448 |  (Acer HomeMedia Connect Service) . (.CyberLink.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
SR - | Auto 01/06/2013 206448 |  (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
SR - | Auto 03/03/2008 16384 |  (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
SR - | Auto 04/03/2008 500784 |  (eDataSecurity Service) . (.Egis Incorporated.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
SR - | Auto 25/04/2008 24576 |  (ETService) . (...) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
SR - | Auto 29/01/2008 598016 |  (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\bin32\nSvcAppFlt.exe
SR - | Auto 09/10/2008 107912 |  (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 17/01/2007 61440 |  (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 13/07/2012 769432 |  (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 29/01/2008 163840 |  (nSvcIp) . (...) - C:\Program Files\bin32\nSvcIp.exe
SR - | Auto 25/04/2008 45056 |  (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SR - | Auto 25/04/2008 131072 |  (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
SR - | Auto 18/01/2013 639776 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 25/02/2013 1260320 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 19/07/2006 262247 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 18/01/2013 383264 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 04s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by cricri at 18/01/2014 16:29:32

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR:  Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 4

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}]   =>Toolbar.Google^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bubble Dock]   =>PUP.BubbleDock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]   =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]   =>Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM]   =>PUP.WpManager^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]   =>Toolbar.eDataSecurity
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]   =>Toolbar.eDataSecurity
[HKLM\Software\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]   =>Toolbar.eDataSecurity
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}   =>Toolbar.Google^
C:\Users\cricri\AppData\Local\Temp\vit_sweet-page.exe   =>PUP.SweetPage^
C:\Windows\Installer\5ff167.msi   =>Toolbar.Google^
C:\Users\cricri\AppData\Local\Temp\GoogleToolbarInstaller1.log  =>PUP.Babylon
C:\Users\cricri\AppData\Local\Temp\GoogleToolbarInstaller2.log  =>PUP.Babylon
~ Additionnel Scan: 273829 Items scanned in 00mn 31s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/40584589-pup-sweetpage   =>PUP.SweetPage
~ http://nicolascoolman.webs.com/apps/blog/show/38126906-hijacker-nationzoom    =>Hijacker.NationZoom
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock   =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager   =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find   =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon  =>PUP.Babylon
~ MSI: 6 link(s) detected in 00mn 31s



End of the scan (2043 lines in 02mn 28s)(0)